Enterprise Linux Security Episode 75 – RepoJacking

Play

We’ve talked about Supply Chain Attacks on this podcast before, and in this episode Jay and Joao discuss another form of this popular attack vector – RepoJacking! RepoJacking occurs when a repository (such as one hosted on Github) changes information, and due to a link between the old repository info and the new – threat actors can take advantage of this. Join Jay and Joao for a discussion on this attack vector.

Thanks to TuxCare for sponsoring this episode! Check them out to see how they can help take your Linux Administration game to the next level.

Relevant Articles

Download Links

Enterprise Linux Security Episode 74 – Unlucky in Vegas

Play

There’s a multitude of ways you can lose money in Las Vegas, but this time it’s not from gambling. In this episode, Jay and Joao will discuss a recent and still developing story where MGM was the target of what appears to be a ransomware attack.

Thanks to TuxCare for sponsoring this podcast! Check them out and make your life as a SysAdmin much easier!

Relevant Articles

Download Links

Enterprise Linux Security Episode 73 – TruffleHog and CVSS version 4.0

Play

In this episode, Jay and Joao will discuss a recent discovery by Truffle Security that has found 4,500 websites that have exposed a very critical directory. In addition, the upcoming Common Vulnerability Scoring System (CVSS) update, which will bring to version 4.0 – along with some important changes you’ll need to understand.

Relevant Articles

Download Links

Enterprise Linux Security Episode 72 – Surveillance Facepalm

Play

Imagine needing to ask your government permission in order to perform tasks such as installing a security patch, implementing an Intrusion Detection System, updating firmware or upgrading your operating system? If this sounds too ridiculous to be true, then you’re right – it is ridiculous, but unfortunately it’s a real proposal. In the U.K., Investigatory Powers Act 2016 (IPA) has had an adjustment proposed that could potentially make securing your systems more difficult than it’s ever been. In this episode, Jay and Joao discuss how these potential changes will complicate pretty much everything.

Relevant Articles

Download Links

Enterprise Linux Security Episode 71 – Internet DRM

Play

In this episode, Jay and Joao talk about two recent news developments that may have important implications on the overall industry. First, In response to Microsoft’s recent Azure debacle, a US Senator calls for a probe to look into the matter. Second, our main story is yet another facepalm worthy idea from Google that aims to add “integrity” to our browsers, but it’s oddly lacking in said integrity and almost completely devoid of common sense. Google’s “Web Integrity Protection” seems to protect only their ad dollars while making browsing more tedious for the end-user. Will it pass? What is it exactly? Jay and Joao have all the answers in this episode!

Download Links

Relevant Articles

Enterprise Linux Security Episode 70 – The Red Hat Saga Continues

Play

The ongoing saga with Red Hat continues, and now that some time has passed since their controversial announcement, we now have statements from other distributions, including (but not limited to) Oracle and SUSE. In this episode, Jay and Joao talk about the recent developments on this story, and also touch on some trouble that Fortigate has been having nowadays.

Download Links

Relevant Articles

Enterprise Linux Security Episode 69 – Red Hat vs Enterprise IT

Play

When it comes to Linux in the Enterprise, we have quite a few challenges we have to overcome on a day to day basis to ensure we can depend on our technology. We never thought Red Hat themselves would some day become our opponent, but here we are. In this episode, Jay and Joao will discuss discuss the latest impulsive and irresponsible decision Red Hat has made – as well as how that decision results in the company undermining their own customer base, while alienating the Linux Community at the same time.

Download Links

Relevant Articles

Enterprise Linux Security Episode 68 – The Barracuda Vulnerability

Play

Don’t you just love e-mail? It’s the gift that keeps on giving, and this time managing e-mail is even more annoying for Barracuda’s customers, with CVE-2023-2868. This isn’t just any CVE, this is a complete system own by the threat actors. In fact, it’s so bad that the situation isn’t as simple as installing a patch. In this episode, Jay and Joao discuss this vulnerability and just how big of a deal it is.

Download Links

Relevant articles

Enterprise Linux Security Episode 67 – No One Else’s Computer

Play

We’ve all heard the cloud referred to as “Someone Else’s Computer”, but what do you do if you find your data is on No One Else’s Computer? In this example, there was a happy ending (data was restored) but it’s still an important consideration all the same. What do you do if your cloud provider all of a sudden doesn’t have your data? In this episode, Jay and Joao discuss a recent situation in which Azure customers found themselves in a bit of a bad situation.

Relevant Articles

Download Links

Enterprise Linux Security Episode 66 – Job Security

Play

In this episode, Jay and Joao discuss another form of security, job security! Throughout the series, we’ve advised and educated on enhancing the security of your enterprise network, but in this episode the focus is on YOU. Specifically, how to safeguard yourself from turnover, raise awareness of your importance to your organization, and how to navigate potential “awkward” conversations that System Administrators may find themselves having with their boss. Don’t miss this episode!

Download links