7MS #459: Cyber News - Microsoft Exchange Makes the World Cry Edition
7 Minute Security17 Maalis 2021

7MS #459: Cyber News - Microsoft Exchange Makes the World Cry Edition

Happy mid-March! Our good pal Gh0sthax joins us today for another hot dish of cyber news! Stories include:

  • Microsoft Exchange cyber attack - Hacker News has a nice what we know so far story, but things have evolved really fast, so make sure you check Microsoft's primary advisory, the script to run on local servers and newer updates such as the recent one-click remediation for unsupported Exchange versions

  • SonicWall zero day - yuck, looks like the SonicWall troubles we talked about recently were a true zero day. In contrast to the Exchange story, it looks like SonicWall's official response offers (frighteningly?) little by way of logs and forensics to tell if you were truly popped. Either way, be sure to patch!

  • Hackers attempt to contaminate Florida town's water supply - the story itself is interesting, but the way it got picked up by some outlets seems to send the message of "TeamViewer = bad" but we think the true lessons learned here are:

    • Out of date and/or unsupported OS = bad
    • Weak credentials = bad
    • Connecting this type of equipment directly to the Internet instead of MFA + VPN = bad

CISA has a great breakdown of this incident as well.

Jaksot(703)

7MS #79: My Love-Hate Relationship with Nessus

7MS #79: My Love-Hate Relationship with Nessus

In this episode I talk about one of my favorite vulnerability scanners, Nessus, and why I want to simultaneously hug it and punch it in the neck.

23 Heinä 20157min

7MS #78: It's All About Segmentation

7MS #78: It's All About Segmentation

In this episode I advocate for proper network segmentation, as doing it (well and right!) can seriously reduce your risks!

21 Heinä 20157min

7MS #77: OFFTOPIC-Rickrolling Your Coworkers for Fun and Profit

7MS #77: OFFTOPIC-Rickrolling Your Coworkers for Fun and Profit

This week i used my Wifi Pineapple to scare and amuse my coworkers and lure them into a Rickroll trap. All the gory details in today's episode!

16 Heinä 20157min

7MS #76: Lessons Learned from LastPass

7MS #76: Lessons Learned from LastPass

I know this is a bit late, but I wanted to talk a little about the LastPass breach and why I'll still remain a customer.

14 Heinä 20157min

7MS #75: OFFTOPIC-My Son's Piano Recital

7MS #75: OFFTOPIC-My Son's Piano Recital

I wanted to share (what I think is) an amusing anecdote about my son's first piano recital, which was topped off by a kid playing the song "Lucky." Many LOLs commenced for me.

9 Heinä 20159min

7MS #74: How to Become a More Organized Information Security Professional

7MS #74: How to Become a More Organized Information Security Professional

In this episode I share some strategies and apps that may help you stay more organized as you go about your infosec work!

8 Heinä 20158min

7MS #73: PCI Pentesting 101 – Part 2 (audio)

7MS #73: PCI Pentesting 101 – Part 2 (audio)

This episode is the exciting continuation of a recent pentest I did, in which I got some serious pwnage, including cracking the domain admin password! 7MS #73: PCI Pentesting 101 – Part 2 (audio)

30 Kesä 20157min

7MS #72: PCI Pentesting 101 (audio)

7MS #72: PCI Pentesting 101 (audio)

I'm pumped to talk about an about an awesome, free little tool that made my Internet connection feel like new again. 7MS #72: PCI Pentesting 101 (audio)

25 Kesä 20157min

Suosittua kategoriassa Politiikka ja uutiset

rss-ootsa-kuullut-tasta
aikalisa
tervo-halme
ootsa-kuullut-tasta-2
politiikan-puskaradio
otetaan-yhdet
rss-podme-livebox
et-sa-noin-voi-sanoo-esittaa
aihe
rss-kaikki-uusiksi
rss-raha-talous-ja-politiikka
rss-tasta-on-kyse-ivan-puopolo-verkkouutiset
radio-antro
rss-uusi-juttu
rss-lets-talk-about-hair
rss-hyvaa-huomenta-bryssel
linda-maria
rss-terveisia-seelannista
rss-toisten-taskuilla
rss-podcast-podcast-3