This week, David and I review the 2024 Picus Blue Report, in a more timely fashion than the last one. As always, interesting insights.

Link to Report

If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!

This week David and I talk about how current phishing tests closely resemble early attempts at fire drills, through the Google Security Blog, and then we discuss a Schneier post about what the recent CS failure says about the resiliency of the internet.

Article 1 - On Fire Drills and Phishing Tests

Article 2 - The CrowdStrike Outage and Market-Driven Brittleness

If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!

This week we discuss two articles - One about how the Technology Adoption Cycle applies to companies and how they acquire a new security capability, and a second about how Sysmon isn't a replacement for EDR, mostly due to the time commitment required.

Article 1 - Cybersecurity technology adoption cycle and its implications for startups and security teams

Article 2 - Sysmon: a viable alternative to EDR?
Supporting Articles:
Getting Started with ATT&CK: Detection and Analytics

If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!

This week we discuss the FY23 incidents in the US Government's annual report, and then we discuss Snowflake a bit, and some of the issues around SAAS and Malware Remediation (infostealers steal more than just the work accounts!)

Article 1 - White House report dishes deets on all 11 major government breaches from 2023
Supporting Article:
Microsoft breach led to theft of 60,000 US State Dept emails

Article 2 - Snowflake customers not using MFA are not unique – over 165 of them have been compromised
Supporting Articles:
UNC5537 Targets Snowflake Customer Instances for Data Theft and Extortion
No Snow, No Flakes: Pondering Cloud Security Shared Responsibility, Again!
Mapping Snowflake’s Access Landscape

If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!

This week we discuss the shocking new revelation of ORB networks! Oh wait, it's just a rebrand. Still, kind of interesting. Then we talk about the privacy implications of Apple and Android Wifi Positioning Systems, which is a little overblown, but still interesting. Wow, this week was kind of a disappointment.

Article 1 - Chinese-linked hacking units increasingly use ‘ORBs’ to obfuscate espionage, researchers say
Supporting Article:
Hackers backed by Russia and China are infecting SOHO routers like yours, FBI warns

Article 2 - Privacy Implications of Tracking Wireless Access Points

If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!

We turn back to one of my (Matthew's) favorite analysts, Anton Chuvakin and his recent article on what a Minimum Viable SOC Transformation looks like. Then we take a few minutes at the end to discuss making self-driving cars ignore stop signs. Cheeky and fun shenanigans!

Article 1 - Baby ASO: A Minimal Viable Transformation for Your SOC

Article 2 - GhostStripe attack haunts self-driving cars by making them ignore road signs

If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!

This week, David and I discuss how GM is fraudulently collecting driving data and selling it to insurers, and Anton Chuvakin has another article on Detection Engineering - How to test your detections!

Article 1 - Long Article on GM Spying on Its Cars’ Drivers
Supporting Articles:
How GM Tricked Millions of Drivers Into Being Spied On (Including Me) [Non-Paywalled]
GM Shuts Down Tool That Collects Data on Driving Style

Article 2 - Testing in Detection Engineering (Part 8)

If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!

This week we review the new, proposed American Privacy Rights Act. Lots of words that sound good, but like most government legislation, there are exceptions big enough to drive a truck through.

Article - Committee Chairs Rodgers, Cantwell Unveil Historic Draft Comprehensive Data Privacy Legislation
Support Links:
Philip Dru: Administrator

If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!