Risky Business Weekly (771): Palo Alto's firewall 0days are very, very stupid
HTML-код
- Опубликовано: 6 фев 2025
- On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
Microsoft introduces some sensible sounding post-Crowdstrike changes
Palo Alto patches hella-stupid bugs in its firewall management webapp
CISA head Jen Easterly to depart as Trump arrives
AI grandma tarpits phone scammers in family-tech-support hell
Academic research supports your gut-reaction; phishing training doesn't work
And much, much more.
This week's episode is sponsored by Greynoise. The always excitable Andrew Morris joins to remind us that the edge-device vulnerabilities Pat and Adam complain about on the show are in fact actually even worse than we make them out to be. Andrew also tells us about a zero-day Greynoise' AI system truffle-pigged out of their data set.
Show notes:
Windows security and resiliency: Protecting your business | Windows Experience Blog
blogs.windows....
Microsoft revamps how it will disclose vulnerabilities | Cybersecurity Dive
www.cybersecur...
NIST says exploited vulnerability backlog cleared but end-of-year goal for full list unlikely
therecord.medi...
Pots and Pans, AKA an SSLVPN - Palo Alto PAN-OS CVE-2024-0012 and CVE-2024-9474
labs.watchtowr...
Palo Alto Networks customers grapple with another actively exploited zero-day | Cybersecurity Dive
www.cybersecur...
Unpatched zero-days in Fortinet and Palo Alto Networks software
news.risky.biz...
Palo Alto Networks’ customer migration tool hit by trio of CVE exploits | Cybersecurity Dive
www.cybersecur...
Readout of President Joe Biden’s Meeting with President Xi Jinping of the People’s Republic of China | The White House
www.whitehouse...
Easterly to step down from CISA director role on Inauguration Day | Cybersecurity Dive
www.cybersecur...
Top White House cyber official urges Trump to focus on ransomware, China
therecord.medi...
Ransomware gang Akira leaks unprecedented number of victims’ data in one day
therecord.medi...
Hacker Is Said to Have Gained Access to File With Damaging Testimony About Gaetz
www.nytimes.co...
1,400 Pegasus spyware infections detailed in WhatsApp’s lawsuit filings
therecord.medi...
NSO Group admits cutting off 10 customers because they abused its Pegasus spyware, say unsealed court documents | TechCrunch
techcrunch.com...
Ransomware gang Akira leaks unprecedented number of victims’ data in one day
therecord.medi...
Ohio man behind Helix cryptocurrency mixer gets 3-year sentence
therecord.medi...
O2 unveils Daisy, the AI granny wasting scammers’ time - Virgin Media O2
news.virginmed...
Understanding the Efficacy of Phishing Training in Practice
www.computer.o...
Bunnings facial recognition cameras breach Privacy Act, retailer to challenge ruling | news.com.au - Australia’s leading news site
www.news.com.a...
Nudity, punches in newly released Bunnings CCTV as company found to breach Privacy Act | news.com.au - Australia’s leading news site
www.news.com.a...
Bitfinex Hack Launderer Heather 'Razzlekhan' Morgan Sentenced to 18 Months in Prison
www.coindesk.c...
