Defensive Security Podcast Episode 285

In this episode of the Defensive Security Podcast, we discuss the theft of cloud credentials, the exploitation of SharePoint vulnerabilities, evolving malware techniques, and the importance of cyber due diligence for suppliers. They reflect on the challenges of managing secrets, the implications of auto-updates, and the need for robust risk management practices in the face of increasing cyber threats. Links: * https://www.bleepingcomputer.com/news/security/hackers-steal-15-000-cloud-credentials-from-exposed-git-config-files/ * https://www.bleepingcomputer.com/news/security/microsoft-sharepoint-rce-bug-exploited-to-breach-corporate-network/ * https://thehackernews.com/2024/11/5-most-common-malware-techniques-in-2024.html * https://www.theregister.com/2024/11/06/windows_server_2025_surprise/ * https://databreaches.net/2024/11/08/nist-publishes-guide-on-due-diligence-for-cyber-supply-chain-risk-management/

Om Podcasten

Defensive Security is a weekly information security podcast which reviews recent high profile security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.