Search the Portal

[image] This week on the podcast we discuss the first update to the OWASP Top 10 since 2017. OWASP servers as an excellent resource for improving web application security so we’re excited to run through the latest refresh of their top security...

[image] Update 1: OMI agent is not installed on Azure FireboxV/Cloud instances (September 17th, 2021): We reviewed our FireboxV/Cloud instance for Azure and confirmed that the OMI agent cannot be installed on the image. We recommend reviewing...

[image] This week on the podcast we cover ProxyWare, a form of malware that monetizes your internet access for the benefit of the attacker. After that, we discuss ChaosDB, a vulnerability that could have enabled any Azure user to gain full...

[image] This week on the podcast we dig back in the archives to 2019 where we discussed how web servers manage to track users across sites using browser fingerprinting methods. Even though some improvements like removing third-party cookies have...

[image] This week on the podcast we cover one of the largest cryptocurrency heists in history, with a surprising twist of an ending! Before that we’ll chat about the latest T-Mobile data breach and what we can learn about protecting user...

[image] Over the last week we saw 70 million AT&T customers and 53 million T-Mobile customers have their personal data leaked to hackers. While we didn’t find any connections between these two breaches the timing of the incidents is strange...

[image] David Dworken, a Google security researcher, presented a recent Defcon talk about how he found over 30 vulnerabilities in various Integrated Development Environments (IDEs) over the course of a few months of research. Many believe that...

[image] With the 2021 editions of the BlackHat and DEF CON security conferences all wrapped up, one of the presentation that made the biggest waves was the latest research from Orange Tsai of Devcore Security Consulting. Tsai was the researcher...

[image] This week on the podcast, we chat about a recent report from Qrator that highlights some of the massive weaknesses in the backbone of the internet. After that, we discuss a recent research blog post from Yan (@bcrypt) showing her work in...

[image] A recent Defcon talk by Tom Van Goethem and Mathy Vanhoef, “Timeless Timing Attacks” made significant progress on ways to create timing attacks over a network. Timing attacks work by extracting data form devices based on how long it...

[image] This week on the podcast we talk Zero-Trust. What is it? How do you implement it? And why should all IT professionals work towards updating their networks to this security architecture? We’ll answer all that and more after a quick Kaseya...

[image] Yesterday, the Biden Administration unveiled a new initiative to help improve the cybersecurity stance of the industrial control systems (ICS) that manage the nation’s critical infrastructure. As recent events (like the Colonial Pipeline...

[image] This week on the podcast we cover the latest Microsoft Windows privilege escalation vulnerability, SeriousSAM aka HaveNightmare. Before that, we discuss NSO Group and their spyware software known as Pegasus and whether private...

[image] With the White House announcing this month that it plans to investigate potential changes to Section 230, the safe harbor laws that enable websites to moderate content without risk of liability for content they fail to remove, we wanted...

[image] Many of the recent high-profile ransomware attacks like those against Acer, JBS and more recently, customers of Kaseya, have been the work of the ransomware as a service group REvil. After the most recent attack that exploited multiple...

[image] Update 1: Third PrintNightmare CVE published (July 16th, 2021): Microsoft published CVE-2021-34481 on July 15th for a local privilege escalation vulnerability. The third Print Spooler service vulnerability is considered separate from...

[image] This week on the podcast we cover the Kaseya mass ransomware incident from July 7. While the event is still ongoing, we already have evidence for how the attack occurred and exactly what the threat actors did on affected endpoints. In...

[image] We recorded this episode before news of the massive attack against Kasaye users broke on Friday. Suffice to say, next week’s episode will give a full debrief of the incident including how it happened, who it affected, and what all MSPs...

[image] Managed Service Providers (MSPs), especially ones using Kaseya VSA, should read this and take action as soon as possible. High-level Summary: On Friday, July 2, some MSPs using the on-premises version of Kaseya VSA suffered ransomware...