security – Page 2 – Enterprise Linux Security Podcast

Enterprise Linux Security Episode 73 – TruffleHog and CVSS version 4.0

2023-09-06 by jay

Podcast: Play in new window | Download (Duration: 43:19 — 79.4MB)

Subscribe: Apple Podcasts | Spotify | RSS

In this episode, Jay and Joao will discuss a recent discovery by Truffle Security that has found 4,500 websites that have exposed a very critical directory. In addition, the upcoming Common Vulnerability Scoring System (CVSS) update, which will bring to version 4.0 – along with some important changes you’ll need to understand.

Relevant Articles

Download Links

MP3 version
MP3 version (lower bitrate, smaller file size)
Ogg version

Enterprise Linux Security Episode 69 – Red Hat vs Enterprise IT

2023-06-28 by jay

Podcast: Play in new window | Download (Duration: 1:03:46 — 116.8MB)

Subscribe: Apple Podcasts | Spotify | RSS

When it comes to Linux in the Enterprise, we have quite a few challenges we have to overcome on a day to day basis to ensure we can depend on our technology. We never thought Red Hat themselves would some day become our opponent, but here we are. In this episode, Jay and Joao will discuss discuss the latest impulsive and irresponsible decision Red Hat has made – as well as how that decision results in the company undermining their own customer base, while alienating the Linux Community at the same time.

Download Links

MP3 version
MP3 version (lower bitrate, smaller file size)
Ogg version

Relevant Articles

Red Hat’s Announcement
Response from Jeff Geerling (frequent contributor to open-source)
Red Hat strikes a crushing blow against RHEL downstreams
Response from Mike McGrath (Red Hat) regarding these changes
Response from Learn Linux TV

Enterprise Linux Security Episode 68 – The Barracuda Vulnerability

2023-06-21 by jay

Podcast: Play in new window | Download (Duration: 43:12 — 79.2MB)

Subscribe: Apple Podcasts | Spotify | RSS

Don’t you just love e-mail? It’s the gift that keeps on giving, and this time managing e-mail is even more annoying for Barracuda’s customers, with CVE-2023-2868. This isn’t just any CVE, this is a complete system own by the threat actors. In fact, it’s so bad that the situation isn’t as simple as installing a patch. In this episode, Jay and Joao discuss this vulnerability and just how big of a deal it is.

Download Links

MP3 version
MP3 version (lower bitrate, smaller file size)
Ogg version

Relevant articles

CVE-2023-2868 article from Mandiant

Enterprise Linux Security Episode 66 – Job Security

2023-05-112023-05-10 by jay

Podcast: Play in new window | Download (Duration: 51:13 — 93.8MB)

Subscribe: Apple Podcasts | Spotify | RSS

In this episode, Jay and Joao discuss another form of security, job security! Throughout the series, we’ve advised and educated on enhancing the security of your enterprise network, but in this episode the focus is on YOU. Specifically, how to safeguard yourself from turnover, raise awareness of your importance to your organization, and how to navigate potential “awkward” conversations that System Administrators may find themselves having with their boss. Don’t miss this episode!

Download links

MP3 version
MP3 version (lower bitrate, smaller file size)
Ogg version

Enterprise Linux Security Episode 64 – FIPS

2023-04-26 by jay

Podcast: Play in new window | Download (Duration: 45:59 — 84.3MB)

Subscribe: Apple Podcasts | Spotify | RSS

There are many security certifications that an organization can utilize to prove compliance with one or more standards, and being in compliance can bring additional benefits and opportunities. Federal Information Processing Standard (FIPS) is one of these certifications, and in this episode, Jay and Joao are joined by Nikos from Tuxcare to discuss FIPS and why your organization might consider it.

Download Links

MP3 version
MP3 version (lower bitrate, smaller file size)
Ogg version

Enterprise Linux Security Episode 63 – Their Cloud

2023-04-19 by jay

Podcast: Play in new window | Download (Duration: 46:57 — 86.0MB)

Subscribe: Apple Podcasts | Spotify | RSS

According to several sources, and confirmed by Western Digital themselves, there’s been a breach regarding the company’s cloud related offerings, such as “My Cloud” and various cloud-enabled storage products. Many of the details have yet to be revealed, but considering that Western Digital filed a 10-K form with the SEC, it’s very possible that it could be serious. In this episode, Jay and Joao discuss this story so far, with more specific details sure to come.

Download Links

MP3 version
MP3 version (lower bitrate, smaller file size)
Ogg version

Relevant Articles

Enterprise Linux Security Episode 61 – The Principle of Least Privilege

2023-03-29 by jay

Podcast: Play in new window | Download (Duration: 43:24 — 79.8MB)

Subscribe: Apple Podcasts | Spotify | RSS

With the recent takeover of the “Linus Tech Tips” YouTube channel, what can we learn? In this episode, Jay and Joao will discuss some of the ways you can prevent such an event from happening to you (and it’s not just YouTube that’s a target).

Download Links

MP3 version
MP3 version (lower bitrate, smaller size)
Ogg version

Enterprise Linux Security Episode 60 – AI Enhanced Security

2023-03-222023-03-22 by jay

Podcast: Play in new window | Download (Duration: 40:27 — 74.4MB)

Subscribe: Apple Podcasts | Spotify | RSS

When it comes to Enterprise IT (and especially the security sector) we have our work cut out for us. As the workload increases, we look for tools and utilities to help us keep up with the demand. But what about artificial intelligence? As we discussed in a previous episode, AI is here to stay and will be making waves in security. In this episode, Jay and Joao dive in to just a few of the ways this tech might transform the security field and those that work within it (directly or indirectly).

Download Links

MP3 version
MP3 version (smaller file, lower bitrate)
Ogg version

Relevant Articles

Enterprise Linux Security Episode 59 – AlmaLinux OS

2023-03-15 by jay

Podcast: Play in new window | Download (Duration: 51:12 — 94.1MB)

Subscribe: Apple Podcasts | Spotify | RSS

AlmaLinux OS was created around the time of “that big CentOS” announcement, and has been a worthy solution for enterprises that wish to continue with Enterprise Linux, but without the fear of the distribution being changed into something else entirely. As a drop-in replacement for Red Hat, AlmaLinux OS continues to tackle new ground and builds a strong community. In this video, Jay and Joao are joined by Atalay Kelestemur who works on the project to discuss this distribution – and there may even be some surprises in store.

Download Links

MP3 version
MP3 version (smaller file, lower bitrate)
Ogg version

Relevant Articles

ELevate (migration utility for switching between RHEL derivatives)
AlmaCare (enterprise support for AlmaLinux OS)

Enterprise Linux Security Episode 57 – Record Breaking DDoS Attacks

2023-03-222023-02-16 by jay

Podcast: Play in new window | Download (Duration: 41:47 — 76.9MB)

Subscribe: Apple Podcasts | Spotify | RSS

DDoS (Denial of Service) attacks are incredibly common, and apparently, are breaking records. In this episode, Jay and Joao discuss a recent blog post from Cloudflare regarding how popular this attack vector is becoming nowadays, as well as a quick refresher on Denial of Service attacks in general.

Download Links

MP3 version
MP3 version (smaller file, lower bitrate)
Ogg version

Relevant Articles

Cloudflare mitigates record-breaking 71 million request-per-second DDoS attack