Risky Business #615 -- Dependency confusion is, uh, pretty bad
PLUS: US floats new RU sanctions, TikTok gets stay of execution...On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:
- USA floats new sanctions against Russia
- TikTok, WeChat get stay of execution
- Dependency confusion is ugh
- US indicts Lazarus crypto-thieves
- France ties Sandworm crew to Centreon intrusion
- MORE
This week’s show is brought to you by Thinkst Canary. Thinkst’s founder Haroon Meer is this week’s sponsor guest and he joins us to have a very Haroon-style conversation. We talk about how security controls and detections often fall over when things happen that take place outside of our assumptions: trojaned software updates, attackers hiding in unconventional places like monitors, things like that. That’s a great conversation.