Episode 225: Unpacking the Azure CHAOS DB Flaw with Nir Ohrfeld of Wiz
We’re joined by Nir Ohfeld of Wiz. Nir helped discover the recent CHAOS DB flaw in Azure COSMOS DB, the flagship database for Microsoft’s Azure cloud platform. The post Episode 225: Unpacking...
As Mobile Fraud Rises, The Password Persists
A new study released by Incognia that measures user friction in mobile financial apps yields important results about the fate of the password. The post As Mobile Fraud Rises, The Password Persists...
Spotting Hackers at the Pace of XDR – From Alerts to Incidents
Extended Detection and Response (XDR) technology is gaining traction within enterprises. But how can organizations handle the increased volume of alerts XDR systems produce? Samuel Jones, of cyber AI firm Stellar...
Episode 216: Signed, Sealed and Delivered: The Future of Supply Chain Security
In this episode of the podcast (#216) we talk with Brian Trzupek, Digicert’s Vice President of Product, about the growing urgency of securing software supply chains, and how digital code signing can...
What SolarWinds Tells Us About Securing the Software Development Supply Chain
The recent SolarWinds attack highlights an Achilles heel for enterprises: software updates for critical enterprise applications. Digital signing of code is one solution, but organizations need to modernize their code signing...
UPS Announces eVTOL Use for Package Delivery
United Parcel Service (UPS) announced this week that it will test electric vertical takeoff and landing aircraft (eVTOLs) for package delivery. UPS purchased 10 eVTOL from Beta Technologies (Beta), which it...
Critical Flaw Found In Widely Used Netmask Open Source Module
An IP address parsing flaw in the netmask NPM module affects hundreds of thousands of applications that rely on it. But that may be just the tip of the iceberg, researchers...
Episode 203: Don’t Hack The Water and Black Girls Hack Founder Tennisha Martin
In this episode of the Security Ledger Podcast (#203) we talk about the apparent hack of a water treatment plant in Oldsmar Florida with Frank Downs of the firm BlueVoyant. In...
Episode 200: Sakura Samurai Wants To Make Hacking Groups Cool Again. And: Automating Our Way Out of PKI Chaos
In this episode of the podcast (#200), sponsored by Digicert: John Jackson, founder of the group Sakura Samurai talks to us about his quest to make hacking groups cool again. Also:...
Episode 199 COVID’s Other Legacy: Data Theft and Enterprise Insecurity
In this episode of the podcast (#199), sponsored by LastPass, we talk with Sareth Ben of Securonix about how massive layoffs that have resulted from the COVID pandemic put organizations at...