Ransomware is one of the absolute worst things that can happen to your organization, often resulting in weeks of downtime. We discussed Ransomware recently, and now we have an interesting and time-appropriate story – a popular ransomware group apparently had an imposter within their ranks.
Passwords – for better or worse, they’re a reality and something we have to deal with. With the average person having many accounts, it’s gotten to the point where we just can’t manage these by ourselves. Password managers help us securely store these confidential secrets, but recently Lastpass (one of the most popular password managers) has suffered a breach. Although no actual passwords within vaults were cracked, recent events do raise a red flag. In this episode, Jay and Joao discuss whether or not you should trust password managers.
By using clever infrastructure engineering strategies to increase reliability, you can minimize disruption and downtime for your organization. Another technique to consider is the concept of Digital Twin – having a full system clone/mirror you can use to test enhancements, perform a root-cause analysis, or more. In this episode, Jay and Joao discuss Digital Twins and how the concept can potentially help your organization.
Adding unnecessary components to the Kernel is generally a bad idea, as it increases its threat surface. In this episode, Jay and Joao discuss a recent story that’s a perfect example of why it’s important to keep this under control. A vulnerability was recently discovered in the Linux kernel that scored the highest possible rating, and it all started when ksmbd was added.
When it comes to patching, were you aware that there’s more than one type of patch? In this episode of Enterprise Linux Security, Jay and Joao discuss the various types of patching that’s performed today.
While it’s certainly never a good thing to become the victim of a cyber-attack, it can be even more embarrassing if the CVE the threat actor used to get a foothold into your systems was patched a long time ago. In this episode, Jay and Joao discuss malware that’s currently taking advantage of vulnerabilities that were patched over a year ago! As important as software updates happen to be, why are so many organizations unable to keep up with them?
If you’re in charge of maintaining servers and related equipment, what should you monitor? While monitoring is something that will grow and expand over time, Jay and Joao will give you some tips in this episode to get you started. Check out this episode for some tips on some of the baseline checks you should implement with your monitoring solution of choice.
In this episode, Jay and Joao discuss a handful of cybersecurity events in the news. While none of these stories are super exciting from a technical standpoint, there’s definitely some lessons to be learned. As part of this discussion, Jay and Joao will talk about topics related to the recent Grand Theft Auto leak, as breaches that targeted Uber, 2k games, and more.
Continuous Integration/Continuous Delivery is huge concept when it comes to application deployment nowadays, and with good reason. Automating the compilation, testing, and other aspects of the development process increases efficiency and reliability. Security is another layer of a good CI/CD system, and in this episode, Jay and Joao discuss CI/CD and the security aspects of the popular deployment style.