Tuesday, August 3, 2021

Weekly Update 254

Presently sponsored by: Varonis. Reduce your SaaS blast radius with data-centric security for AWS, G Drive, Box, Salesforce, Slack and more.The plan this week was to do a super simple update whilst having some time out. In the back...

Weekly Update 253

Presently sponsored by: Guarantee peace of mind from credential stuffing attacks. Learn how at Arkose Labs’ webinar with Troy July 27 at 10 am PT. Save your seat!This week, by popular demand, it's Charlotte! Oh - and Scott. People...

Weekly Update 252

Presently sponsored by: AppTrana Ranks #1 on Customer Experience in 2021 Gartner Peer Insights 'Voice of Customer' for WAF. Only Vendor with 100% recommendation.Next week first: based on popular demand, at 18:00 on our end Friday 23 (that's 09:00...

Weekly Update 251

Presently sponsored by: Varonis. Reduce your SaaS blast radius with data-centric security for AWS, G Drive, Box, Salesforce, Slack and more.Between school holidays and a house full of tradies repairing things, there wasn't a lot a free time this...

Weekly Update 250

Presently sponsored by: Axonius gives IT and security teams the confidence they need to focus on the bigger picture. Learn more and try it free.This week is a bit of everything again, although the main difference this time was...

Weekly Update 249

Presently sponsored by: ANY.RUN sandbox reveals a malicious sample in seconds. Try the unique approach with an interactive and easy process of analysis!A bit of a shorter work week this one as we escaped to a little getaway for...

Weekly Update 248

Presently sponsored by: Axonius gives IT and security teams the confidence they need to focus on the bigger picture. Learn more and try it free.Thought I'd do a bit of AMA this week given the rest of the content...

Weekly Update 247

Presently sponsored by: Varonis. Reduce your SaaS blast radius with data-centric security for AWS, G Drive, Box, Salesforce, Slack and more.Lots of stuff going on this week, beginning with me losing my mind try to get local control of...

Weekly Update 246

Presently sponsored by: Credential stuffing is currently the biggest threat to organisations, find out how you can protect your network right now with safepass.meThis week has been absolutely dominated by code contributions to Pwned Passwords. This is such an...

Weekly Update 245

Presently sponsored by: Tired of poor coverage and false positives with your DAST scanner? Reinvent web application security. Try Probely today!This week is the culmination of planning that began all the way back in August last year when I...

Weekly Update 244

Presently sponsored by: Tired of poor coverage and false positives with your DAST scanner? Reinvent web application security. Try Probely today!For a week where I didn't think I had much to talk about, I was surprised by what I...

Weekly Update 243

Presently sponsored by: SecurityFWD. A brand new YouTube show from Varonis. Watch Episode 1: How Far can Wi-Fi Travel?This one is a real short intro as right now, it hurts to type (copy and paste is earlier 😊): I’m...

Weekly Update 242

Presently sponsored by: CrowdSec - The open-source massively multiplayer firewall: respond to attacks & share signals across the community. Download it for free.A fairly hectic week this one, in a large part due to chasing down really flakey network...

Weekly Update 241

Presently sponsored by: CrowdSec - The open-source massively multiplayer firewall: respond to attacks & share signals across the community. Download it for free.What. A. Week. Heaps of data breaches, heaps of law enforcement and gov stuff and somehow, I...

Weekly Update 241

Presently sponsored by: CrowdSec - The open-source massively multiplayer firewall: respond to attacks & share signals across the community. Download it for free.What. A. Week. Heaps of data breaches, heaps of law enforcement and gov stuff and somehow, I...

Weekly Update 240

Presently sponsored by: CrowdSec - The open-source massively multiplayer firewall: respond to attacks & share signals across the community. Download it for free.Lots of bit and pieces this week, most of which is self-explanatory based on the references below....

Weekly Update 239

Presently sponsored by: SecurityFWD. A brand new YouTube show from Varonis. Watch Episode 1: How Far can Wi-Fi Travel?Geez I'm glad the Facebook stuff was the week before this one! With that (mostly) out of the way, we headed...

Weekly Update 238

Presently sponsored by: Credential stuffing is currently the biggest threat to organisations, find out how you can protect your network right now with safepass.me"What a shit week". I stand by that statement in the opening couple of minutes of...

Weekly Update 237

Presently sponsored by: @Hack – from the masterminds behind Black Hat. Taking place in Saudi Arabia, 2021. Watch this space.As soon as I started watching this video back, I remembered why I don't do daylight mode in these any...

Weekly Update 236

Presently sponsored by: SecurityFWD. A brand new YouTube show from Varonis. Watch Episode 1: How Far can Wi-Fi Travel?This 🤬🤬🤬 DAC! I mean it's a lovely device, but it's just impossible to use it as an audio source in...
SecurityWeek

Mismanagement Driving Cybersecurity Skills Gap: Research

“To some extent, this data supports the theory that the cybersecurity skills shortage is related to mismanagement rather than a dearth of qualified candidates or advanced skills.” read more
Google

Linux Kernel Security Done Right

Posted by Kees Cook, Software Engineer, Google Open Source Security TeamTo borrow from an excellent analogy between the modern computer ecosystem and the US automotive industry of the 1960s, the Linux kernel runs well: when driving down the highway,...

Raccoon Stealer Bundles Malware, Propagates Via Google SEO

An update to the stealer-as-a-service platform hides in pirated software, pilfers crypto-coins and installs a software dropper for downloads of more malware.
SecurityWeek

SAP Customer Survey Reveals False Sense of Security

Many SAP customers have a false sense of security, according to a new report from risk management consultancy Turnkey Consulting and business-critical application security firm Onapsis. The SAP Security Survey Report 2021 is based on information from over 100 SAP...

BazarCaller – the malware gang that talks you into infecting yourself

Calling someone back feels safer than clicking an unknown link... but it isn't! Remind your friends and family.