Saturday, June 25, 2022

Weekly Update 301

Presently sponsored by: Varonis for Salesforce. Protect Salesforce data from overexposure and cyberthreats. Try it free!First up, I'm really sorry about the audio quality on this one. It's the exact same setup I used last week (and carefully tested...

Weekly Update 300

Presently sponsored by: Meet compliance objectives in a remote-first world without resorting to rigid device management. Try Kolide for 14-days free!Well, we're about 2,000km down on this trip and are finally in Melbourne, which was kinda the point...

Weekly Update 299

Presently sponsored by: Varonis for Salesforce. Detect suspicious behavior and strengthen your Salesforce security posture. Try it free!How on earth does an enterprise rack-mounted NAS not come with rails to actually install it in the rack?! So yeah, that's...

Weekly Update 298

Presently sponsored by: Kolide enables cross-platform fleet visibility for your Linux, Mac, and Windows devices. Start your free 14-day trial today!I somehow ended up blasting through an hour and a quarter in this week's video with loads of...

Weekly Update 297

Presently sponsored by: Varonis for Salesforce. Protect Salesforce data from overexposure and cyberthreats. Try it free!So I basically spent my whole day yesterday playing with Ubiquiti gear and live-tweeting the experience 😊 This was an unapologetically geeky pleasure and...

Weekly Update 296

Presently sponsored by: Kolide provides endpoint security for teams that value privacy, transparency, and employee productivity. Try Kolide for free today!Data breaches, 3D printing and passwords - just the usual variety of things this week. More specifically, that...

Weekly Update 295

Presently sponsored by: Varonis for Salesforce. Detect suspicious behavior and strengthen your Salesforce security posture. Try it free!A short one this week as the previous 7 days disappeared with AusCERT and other commitments. Geez it was nice to not...

Weekly Update 294

Presently sponsored by: Got Slack? Got Macs? Get Kolide: Device security that fixes challenging problems by messaging users on Slack. Try Kolide for 14 days free.It's back to business as usual with more data breaches, more poor handling of...

Weekly Update 293

Presently sponsored by: Got Slack? Got Macs? Get Kolide: Device security that fixes challenging problems by messaging users on Slack. Try Kolide for 14 days free.Didn't get a lot done this week, unless you count scuba diving, snorkelling, spear...

Weekly Update 292

Presently sponsored by: Varonis for Salesforce. Protect Salesforce data from overexposure and cyberthreats. Try it free!Well that was an unusual ending. Both my mouse and keyboard decided to drop off right at the end of this week's video and...

Weekly Update 291

Presently sponsored by: Detack. Detect & prevent weak, leaked, shared passwords with EPAS, a patented, privacy compliant solution used in 40 countries. Try it free!Bit of a long one this week, just due to a bunch of stuff all...

Weekly Update 290

Presently sponsored by: Varonis for Salesforce. Detect suspicious behavior and strengthen your Salesforce security posture. Try it free!I hope scheduling these in advance is working well for everyone, the analytics certainly suggest a much higher viewership so I'm going...

Weekly Update 289

Presently sponsored by: Detack. Detect & prevent weak, leaked, shared passwords with EPAS, a patented, privacy compliant solution used in 40 countries. Try it free!Everyone just came for the Ubiquiti discussion, right? This is such a tricky one; if...

Weekly Update 288

Presently sponsored by: Varonis. Reduce your ransomware blast radius with the leader in data-first security. Try it free!Wow, what a day yesterday! I mentioned at the start of this week's update that Charlotte and I jumped on a chopper...

Weekly Update 287

Presently sponsored by: CrowdSec - The open-source & collaborative IPS: respond to attacks & share signals across the community. Download it for free.So the plan was to schedule this week's session in advance then right on 17:30 at my...

Weekly Update 286

Presently sponsored by: Varonis. Reduce your ransomware blast radius with the leader in data-first security. Try it free!Somehow this week ended up being all about Russia and Cloudflare. Mostly as 2 completely separate topics, but also a little bit...

Weekly Update 285

Presently sponsored by: CrowdSec - Check out our CTI Console, monitor attacks on your network, mitigate them and get intelligence on attackers. Sign up for free.With travel now behind me, I'm back to a stable schedule and doing these...

Weekly Update 284

Presently sponsored by: Varonis. Reduce your ransomware blast radius with the leader in data-first security. Try it free!A little late this week as the tail end of travel bites into my time, but it's nice to be home again...

Weekly Update 283

Presently sponsored by: Varonis. Reduce your ransomware blast radius with the leader in data-first security. Try it free!A super quick intro this week as I take a bit of time out before a hectic week. It's hotel room quality...

Weekly Update 282

Presently sponsored by: Fastmail. Check out Masked Email, built with 1Password. One click gets you a unique email address for every online signup. Try it now!Just listening back to this now, I'm really happy with the Focusrite Scarlett Solo...
Security Affairs

Multiple malicious packages in PyPI repository found stealing AWS secrets

Researchers discovered multiple malicious Python packages in the official PyPI repository stealing AWS credentials and other info. Sonatype researchers discovered multiple Python packages in the official PyPI repository that have been developed to steal secrets (i.e. AWS credentials and environment...

The Post-Roe Privacy Nightmare Has Arrived

Plus: Microsoft details Russia’s Ukraine hacking campaign, Meta’s election integrity efforts dwindle, and more.

How to Move Your WhatsApp Chats Across Devices and Apps

It's never been easier to switch between iPhone and Android—and to get your messages out of the Meta ecosystem entirely.
The Register

We’re now truly in the era of ransomware as pure extortion without the encryption

Why screw around with cryptography and keys when just stealing the info is good enough Feature  US and European cops, prosecutors, and NGOs recently convened a two-day workshop in the Hague to discuss how to respond to the growing...
The Hacker News

Learn NIST Inside Out With 21 Hours of Training @ 86% OFF

In cybersecurity, many of the best jobs involve working on government projects. To get a security clearance, you need to prove that you meet NIST standards. Cybersecurity firms are particularly interested in people who understand the RMF, or Risk Management...