Atlassian software is constantly under attack, and often the source of many lost weekends for IT admins. Recently, a brand-new vulnerability has been discovered – CVE-2022-26134. This particular vulnerability is remotely exploitable, and has been listed as critical. In this episode, Jay and Joao discuss this vulnerability, as well as some of the struggles around Atlassian software in general.
Are you a fan of MySQL? What if we told you that there’s an infinite supply of it online, right out in the open?! It’s literally as bad as it sounds! In this episode, Jay and Joao discuss how over 3.6 million MySQL instances are publicly available, as well as other forms of unintended public access.
A “researcher” with a screen name of “Sockpuppets” decides to demonstrate how insecure some specific online resources are, in the worst way possible. You can’t make this stuff up! In this episode, Jay and Joao discuss what this individual wanted to accomplish (and what happened instead).
In this episode, Jay and Joao unpack some recent news around the BVP47 vulnerability, and some very interesting details around it and how it came to be. This is one of those “spy thriller” type episodes, so don’t miss it!
Through the course of the podcast so far, Jay and Joao have discussed foundational topics, as well as news and current trends. In this episode, second factor authentication is discussed. This foundational episode will go over what it is, why you should use it, and also some of the things that can potentially weaken its benefit.
In the industry, we spend a great deal of time hardening our security, doing our due diligence when it comes to patching, implementing firewalls, avoiding EOL software, as well as many other aspects of our security focus. But unfortunately, even a well thought out implementation of common security controls can be rendered useless if we miss the low hanging fruit – such as training our employees and making sure they understand how serious security is, and how they can help. In this episode, Jay and Joao will discuss that and more.
We talk a lot about patching on this podcast, and the reason for that is because a lot of organizations don’t seem to handle this important aspect of security very well. A recent patching report from the Ponemon institute seems to reflect this, and the stats regarding patching definitely don’t look good. In this episode of Enterprise Linux Security, Jay and Joao discuss some of the findings within this report.
In the 25th episode of Enterprise Linux Security, Jay and Joao catch up on a few things in the news, including the results of a recent Internet Crime Report, and more!