Talkin’ About Infosec News – 4/6/2022
ORIGINALLY AIRED ON APRIL 4, 2022
Articles discussed in this episode:
00:00 – PreShow Banter™ — Blame it on the Intern
06:24 – Spring Time for Java – https://www.darkreading.com/application-security/zero-day-vulnerability-discovered-in-java-spring-framework
09:10 – GitLab for Account Access – https://www.bleepingcomputer.com/news/security/critical-gitlab-vulnerability-lets-attackers-take-over-accounts/
10:33 – No Passwords for Okta – https://www.bleepingcomputer.com/news/security/sitel-on-okta-breach-spreadsheet-did-not-contain-passwords/
11:11 – Legacy Networks for Okta – https://therecord.media/sitel-blames-okta-breach-on-legacy-network-from-acquisition/
12:40 – Lawsuit for Ubiquity – https://arstechnica.com/tech-policy/2022/03/ubiquiti-sues-journalist-alleging-defamation-in-coverage-of-data-breach/
17:01 – MITRE AT&T&CK for EDMs
21:17 – Breach for Mailchimp – https://www.bleepingcomputer.com/news/security/hackers-breach-mailchimps-internal-tools-to-target-crypto-customers/
30:54 – 15 Characters for John – https://blog.pcisecuritystandards.org/pci-dss-v4-0-a-conversation-with-the-council
40:17 – Data Requests for Apple – https://www.macrumors.com/2022/03/30/apple-user-data-forged-legal-requests/
46:52 – Drones for Ukraine – https://www.forbes.com/sites/davidhambling/2022/03/08/how-small-drones-could-win-the-fight-in-ukraines-cities-and-the-truth-about-that-anti-drone-pickle-jar-story
We are self-publishing free Infosec Zines called PROMPT#.
PROMPT# will contain:
- Infosec articles
- Challenging puzzles
- Comic book based on real-life hacking adventures
- Coloring contests
- Bonus Backdoors & Breaches Consultant Cards (print version only)
- Other stuffs
You can check out current and upcoming issues here: https://www.blackhillsinfosec.com/prompt-zine/