In this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They talk about:
- Thought eels were slippery? Check out AnyDesk’s PR!
- Why Microsoft’s 365 is a nightmare to secure
- Cloudflare’s needlessly hostile blog post
- US Government introduces “Disneyland ban” for spyware peddlers
- Much, much more…
This week’s feature guest is Eric Goldstein, the executive assistant director for cybersecurity at CISA. He’s joining the show to talk about CISA’s demand that US government agencies unplug their Ivanti appliances. He also chimes in on why the US government is so rattled by Volt Typhoon and addresses a recent report from Politico that claims CISA’s Joint Cyber Defense Collaborative is a bit of a shambles.
This week’s sponsor guest is Dan Guido from Trail of Bits. He joins us to talk about their new Testing Handbook. Trail of Bits does a bunch of audit work and they’ve committed to trying to make bug discovery a one time thing – if you find that bug once, you shouldn’t have to manually find it on another client engagement. Semgrep for the win!