Join former CISOs Jerry, Mario, and Sounil as they dissect the latest cybersecurity news, discuss evolving threats, and share their seasoned perspectives on infosec.
1:48 China accuses US of stealing trade secrets
10:05 Taiwan reports 2.4M Chinese cyberattacks/day
18:21 Christmas day Chrome Extension hacks, including Cyberhaven
23:28 Krebs: U.S. Army Soldier arrested for Snowflake customer extortions
26:40 Wired: Popular apps hijacked to spy on locations through ad tracking
33:28 Holiday DoS vulnerabilities in Palo Alto and Windows LDAP
34:36 Are DoS vulnerabilities neglected by security programs?
40:37 TI news feeds are noisy and vulnerabilities are overhyped
49:37 Are Passkeys ready for prime time?
54:49 Adversarial Podcast YouTube comments
57:06 YouTube comment cryptowallet scams
59:24 What should security teams try to accomplish during offsites?
China Accuses US of Cyberattacks: https://www.reuters.com/world/china/chinas-internet-emergency-center-says-it-dealt-with-two-us-cyber-attacks-against-2024-12-18/
Taiwan Reports 2.4M Chinese Cyberattacks Daily: https://www.reuters.com/technology/cybersecurity/chinese-cyberattacks-taiwan-government-averaged-24-mln-day-2024-report-says-2025-01-06/
Christmas Day Chrome Extension Hacks: https://thehackernews.com/2024/12/16-chrome-extensions-hacked-exposing.html https://adversarialgroup.slack.com/archives/C073BTZ6ZSR/p1735336226170729
U.S. Army Soldier Arrested for AT&T and Verizon Extortions: https://krebsonsecurity.com/2024/12/u-s-army-soldier-arrested-in-att-verizon-extortions/
Geo-Data Privacy and App Hijacks: https://www.wired.com/story/gravy-location-data-app-leak-rtb/
Holiday DoS Vulnerabilities: https://security.paloaltonetworks.com/CVE-2024-3393 https://www.securityweek.com/exploit-code-published-for-potentially-dangerous-windows-ldap-vulnerability/
Passkeys: Are They Ready for Prime Time: https://arstechnica.com/security/2024/12/passkey-technology-is-elegant-but-its-most-definitely-not-usable-security/
Cryptowallet Scams and YouTube Comments: https://www.kaspersky.com/blog/cryptowallet-free-seed-phrase-scam/52810