Episode 230 – Door 05: 5 reasons you need 24/7 robot monitoring
Josh and Kurt talk about why you need 24/7 monitoring of all the things Links Swiss air force office hours DC-10 cargo door
Episode 229 – Door 04: EFF's Cover Your Tracks
Josh and Kurt talk about how the EFF is helping us prevent Internet tracking Links EFF Cover Your Tracks
Episode 228 – Door 03: Do all vulnerabilities matter equally?
Josh and Kurt talk about how many security vulnerabilities matter enough to fix? Links A Third of Known Computer Security Flaws Have No Solution Episode 162 – SBOM with Allan Friedman
Episode 227 – Door 02: Marketing department or selection bias?
Josh and Kurt talk about cybersecurity statistics and the value of the data we have. Links 24 Cybersecurity Statistics That Matter In 2020
Episode 226 – Door 01: Advent calendars
Josh and Kurt talk about advent calendars. We are publishing 25 5 minute episodes in 25 days. Also portable X-ray machines.
Episode 225 – Who is responsible if IoT burns down your house?
Josh and Kurt talk about the safety and liability of new devices. What happens when your doorbell can burn down your house? What if it's your fault the doorbell burned down your house? There isn't really any prior art...
Episode 244 – Door 19: TLS certificate trust
Josh and Kurt talk about modern TLS certificate trust
Episode 243 – Door 18: Don't roll your own crypto or auth
Josh and Kurt talk about why it's a horrible idea to roll your own crypto or auth
Episode 224 – Are old Android devices dangerous?
Josh and Kurt talk about what happens when important root certificates expire on old Android devices? Who should be responsible? How can we fix this? Is this even something we can or should fix? How devices should age is...
Episode 223 – Full disclosure won, deal with it
Josh and Kurt talk about the idea behind the full disclosure of security vulnerability details. There have been discussions about this topic for decades with many people on all sides of the issue. The reality is however, if you...
Episode 222 – HashiCorp Boundary with Jeff Mitchell
Josh and Kurt talk to Jeff Mitchell about the new HashiCorp project Boundary. We discuss what Boundary is, why it's cooler than a VPN, and how you can get involved. Show Notes Jeff Mitchell HashiCorp Boundary announcement Discuss...
Episode 221 – Security, magic, and FaceID
Josh and Kurt talk about how to get started in security. It's like the hero's journey, but with security instead of magic. We then talk about what Webkit bringing Face ID and Touch ID to the browsers will mean....
Episode 220 – Securing network time and IoT
Josh and Kurt talk about Network Time Security (NTS) how it works and what it means for the world (probably not very much). We also talk about Singapore's Cybersecurity Labelling Scheme (CLS). It probably won't do a lot in...
Episode 219 – Chat with Larry Cashdollar
Josh and Kurt have a chat with Larry Cashdollar. The three of us go way back. Larry has done some amazing things and he tells us all about it! Show Notes Akamai Larry's website Larry's First CVE
Episode 218 – The past was a terrible place
Josh and Kurt talk about change. Specifically we discuss how the past was a terrible place. Never believe anyone who tells you it was better. Part of a career now is learning how to learn. The things you learn...
Top 20 Predictions Of How AI Is Going To Improve Cybersecurity In 2021
What 20 Leading Cybersecurity Experts Are Predicting For 2021
Italy Says Two Arrested for Defense Data Theft
Two people have been arrested for stealing defense data from the Italian aerospace and electronics group Leonardo, the interior ministry said on Saturday.
The company has a wide range of activities from naval electronics, network and protection systems, electronic warfare...
The US Used the Patriot Act to Justify Logging Website Users
Plus: Better Twitter two-factor, a Spotify hack, and more of the week’s top security news.
Ransomware hits helicopter maker Kopter
Data from Kopter's internal network has been published on the LockBit gang's blog, hosted on the dark web.
Ransomware gangs are now cold-calling victims if they restore from backups without paying
Tactic used since August by ransomware gangs like Sekhmet, Maze, Conti, and Ryuk.
