Risky Business #615 -- Dependency confusion is, uh, pretty badPLUS: US floats new RU sanctions, TikTok gets stay of execution...
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:
- USA floats new sanctions against Russia
- TikTok, WeChat get stay of execution
- Dependency confusion is ugh
- US indicts Lazarus crypto-thieves
- France ties Sandworm crew to Centreon intrusion
This week’s show is brought to you by Thinkst Canary. Thinkst’s founder Haroon Meer is this week’s sponsor guest and he joins us to have a very Haroon-style conversation. We talk about how security controls and detections often fall over when things happen that take place outside of our assumptions: trojaned software updates, attackers hiding in unconventional places like monitors, things like that. That’s a great conversation.