Risky Business Podcast
April 17, 2024
Risky Business #745 – Tales from the PANageddon
Presented by
CEO and Publisher
Technology Editor
On this week’s show Patrick and Adam discuss the week’s security news, including:
- Palo Alto’s firewalls have a ../ bad day
- Sisense’s bucket full of creds gets kicked over
- United Healthcare draws the ire of congress
- FISA 702 reauthorisation finally moves forward
- Apple warns about “mercenary exploitation” but what’s the India link?
- And much, much, more
This week’s sponsor is Panther, a platform that does detection as code on massive amounts of data. Panther’s founder Jack Naglieri is this week’s sponsor guest, and we spoke with him about some common detection-as-code approaches.
Brought to you by Panther
A Cloud SIEM Platform for Modern Security Teams
Show notes
Palo Alto Networks releases fixes for zero-day as attackers swarm VPN vulnerability
CVE-2024-3400 PAN-OS: OS Command Injection Vulnerability in GlobalProtect
Why CISA is Warning CISOs About a Breach at Sisense – Krebs on Security
Congress rails against UnitedHealth Group after ransomware attack | CyberScoop
The US Government Has a Microsoft Problem | WIRED
House GOP bridges divide to reauthorize FISA surveillance bill - The Washington Post
Top officials again push back on ransom payment ban | Cybersecurity Dive
Ex-White House cyber official says ransomware payment ban is a ways off | CyberScoop
Over 500 people targeted by Pegasus spyware in Poland, officials say
Apple drops term 'state-sponsored' attacks from its threat notification policy
“All Your Secrets Are Belong To Us” — A Delinea Secret Server AuthN/AuthZ Bypass
PuTTY vulnerability vuln-p521-bias
Security engineer jailed for 3 years for $12M crypto hacks | TechCrunch
Alleged cryptojacking scheme consumed $3.5M of stolen computing to make just $1M | Ars Technica
Twitter’s Clumsy Pivot to X.com Is a Gift to Phishers – Krebs on Security