Podcast: Play in new window | Download (Duration: 43:16 — 79.5MB)
Subscribe: Apple Podcasts | Spotify | RSS
2021 is now in the past, but there’s some very interesting details in the year-end vulnerability report produced by RBS. These details give us a look at some of the trends that will impact 2022 and beyond. In this episode, Joao and Jay discuss the report and some of its findings.
Trust is a very important aspect of security, but who/what exactly should you trust? How about no one? Join Jay and Joao for episode 18 of the Enterprise Linux Security show, as they discuss Zero Trust Security.
Podcast: Play in new window | Download (Duration: 34:44 — 63.9MB)
Subscribe: Apple Podcasts | Spotify | RSS
The New Year is just beginning, and we already have a few important CVE’s to discuss, this time around Polkit and LUKS. The CVE numbers for these vulnerabilities are CVE-2021-4034 and CVE-2021-4122 respectively. In this episode, Jay and Joao discuss these vulnerabilities.
Podcast: Play in new window | Download (Duration: 53:03 — 97.5MB)
Subscribe: Apple Podcasts | Spotify | RSS
We’ve discussed supply-chain attacks in the past, and now it’s time to see an actual example that happened recently. However, this particular incident is especially unique as the libraries in question were allegedly poisoned by the actual developer. In this episode, Joao and Jay discuss the recent sabotage regarding two very popular NPM libraries.
Podcast: Play in new window | Download (Duration: 54:15 — 99.7MB)
Subscribe: Apple Podcasts | Spotify | RSS
It’s frustrating when critical infrastructure encounters an issue that results in a disruption of service. High Availability is a concept that aims to help alleviate (or hopefully eliminate) such downtime, and is a very attractive goal for system administrators. In this episode, Jay and Joao discuss high availability, as well as its pros and cons.
Podcast: Play in new window | Download (Duration: 54:43 — 100.5MB)
Subscribe: Apple Podcasts | Spotify | RSS
Disasters in the world of tech are frustrating for everyone, not just the company that experienced the incident. In this episode, Jay and Joao discuss thoughts around what it actually means to recovery from a disaster, and why it’s typically not a quick process.
The Log4Shell vulnerability is making its rounds all over security news sites, and with good reason – it’s quite easy to execute. In this episode, Jay and Joao discuss the vulnerability that exists within log4j, as well as some ways to keep your server safe.
Earlier this year, Ubiquiti allegedly suffered a breach, which seemed to reinforce the hesitation some customers have with using the UniFi platform, given that it has a cloud-connected controller. Now, months later, an unexpected bombshell was dropped – it looks like the company wasn’t compromised by an outside attacker after all, recent developments seem to point to the whole fiasco being an inside job!
Check out this story on The Verge.
Podcast: Play in new window | Download (Duration: 55:15 — 101.5MB)
Subscribe: Apple Podcasts | Spotify | RSS
CrowdSec is a free application you can run on your Linux server, which provides an additional layer of security. CrowdSec aims to prevent intrusions and other forms of malicious activity, but it does it in a different way – it utilizes intelligence gathered from other users in order to enhance its protection. In this episode, Jay and Joao discuss CrowdSec with Philippe Humeau, the CEO of the project.
Podcast: Play in new window | Download (Duration: 47:34 — 87.4MB)
Subscribe: Apple Podcasts | Spotify | RSS
Joao and Jay talk about the worst healthcare breaches of 2021, and some lessons that can be learned from these events. Specifically, this article is discussed.