Enterprise Linux Security Podcast Posts

Enterprise Linux Security Episode 42 – Do NOT Fire Your Security Team!

Published 2022-09-15 by jayhttps://media.blubrry.com/enterprise_linux_security/enterpriselinuxsecurity.show/wp-content/uploads/2022/09/els_42.mp3

Recent news of Patreon firing their security team is making the rounds online, and in this episode, Jay and Joao will talk about this very strange story and some takeaways from it.

Relevant Links

Patreon confirms security team layoffs7 Patreon Alternatives to Keep Your Crowdfunding Income SecurePatreon Lays Off 17% of Employees

Download Links

MP3 versionMP3 version (low)Ogg versionComments closed

Enterprise Linux Security Episode 41 – Important CISO Focus Areas

Published 2022-09-13 by jayhttps://media.blubrry.com/enterprise_linux_security/enterpriselinuxsecurity.show/wp-content/uploads/2022/09/els_41.mp3

What are some of the important areas that a Chief Information Security Officer should focus on? In this episode, Jay and Joao discuss a recent article where Aman Sood (a CISO for Jimdo) discusses important aspects of the job to pay attention to. This information from the perspective of an actual CISO offers a unique lens through which to look at these critical focus areas.

Relevant links

The thinking of a CISO at the front end of the cyber threat landscape

Download links

MP3 versionMP3 version (low)Ogg versionComments closed

Enterprise Linux Security Episode 40 – Continuous Integration / Continuous Delivery

Published 2022-09-04 by jayhttps://media.blubrry.com/enterprise_linux_security/enterpriselinuxsecurity.show/wp-content/uploads/2022/09/els_40.mp3

Continuous Integration/Continuous Delivery is huge concept when it comes to application deployment nowadays, and with good reason. Automating the compilation, testing, and other aspects of the development process increases efficiency and reliability. Security is another layer of a good CI/CD system, and in this episode, Jay and Joao discuss CI/CD and the security aspects of the popular deployment style.

Relevant Links

Unpacking Cloud-Based Cryptocurrency Miners That Abuse GitHub Actions and Azure Virtual Machines

Download Links

MP3 versionMP3 version (low)Ogg versionComments closed

Enterprise Linux Security Episode 39 – Publicly Available RDP, What Could Go Wrong?!

Published 2022-08-27 by jayhttps://media.blubrry.com/enterprise_linux_security/enterpriselinuxsecurity.show/wp-content/uploads/2022/08/els_39.mp3

What happens when you open up the Remote Desktop Protocol (RDP) to the public Internet? Definitely some shenanigans, that’s what. In this episode, Jay and Joao discuss some recent news, which includes a company that made the mistake of making RDP available to everyone, multiple crypto-malware infections at the same time, and other news.

Relevant Links

Multiple threat actors encrypting files at the same timeCisco Talos shares insights related to recent cyber attack on Cisco

Download Links

MP3 versionMP3 version (low)Ogg versionComments closed

Enterprise Linux Security Episode 38 – De-anonymizing Ransomware Domains

Published 2022-08-05 by jayhttps://media.blubrry.com/enterprise_linux_security/enterpriselinuxsecurity.show/wp-content/uploads/2022/07/els_38r.mp3

When Ransomware attacks begin spreading, how would officials go about finding the source? Most of the time, finding the culprit(s) behind cyber-attacks is a very challenging task. In this episode of Enterprise Linux Security, Joao and Jay discuss some methods that were recently used to de-anonymize ransomware domains.

Relevant Links

De-anonymizing ransomware domains on the dark web

Download Links

MP3 versionMP3 version (low)Ogg versionComments closed

Enterprise Linux Security Episode 37 – System Administrator Appreciation Day 2022

Published 2022-07-29 by jayhttps://media.blubrry.com/enterprise_linux_security/enterpriselinuxsecurity.show/wp-content/uploads/2022/07/els_37a.mp3

System Administrators are the heroes we need, and in today’s episode of Enterprise Linux Security, we celebrate Sysadmin Day 2022 and the many people that work tirelessly to keep our servers running.

Relevant Links

System Administrator Appreciation DaySysAdminDay video for 2022 on LearnLinuxTV

Download Links

MP3 versionMP3 version (low)Ogg versionComments closed

Enterprise Linux Security Episode 36 – First Live Episode!

Published 2022-07-22 by jayhttps://media.blubrry.com/enterprise_linux_security/enterpriselinuxsecurity.show/wp-content/uploads/2022/07/els_36.mp3

In episode 36 of the Enterprise Linux Security podcast, Jay and Joao record an episode live for the first time.

Download Links

MP3 versionMP3 version (low)Ogg versionComments closed

Enterprise Linux Security Episode 35 – Top 25 Dangerous Software Weaknesses

Published 2022-07-11 by jayhttps://media.blubrry.com/enterprise_linux_security/enterpriselinuxsecurity.show/wp-content/uploads/2022/07/els_35.mp3

In this episode, Jay and Joao discuss a recent report that identifies the “Top 25 most dangerous software weaknesses.” This list includes the usual suspects, as well as some very interesting findings as well. In addition, the descriptions of the common weaknesses serves as a good jumping in point if you’re new to this podcast.

Download Links

MP3 versionMP3 version (lower bitrate)Ogg version

Relevant Articles

2022 CWE Top 25 Most Dangerous Software WeaknessesComments closed

Enterprise Linux Security Episode 34 – How one business lost Everything

Published 2022-06-30 by jayhttps://media.blubrry.com/enterprise_linux_security/enterpriselinuxsecurity.show/wp-content/uploads/2022/06/els_34.mp3

What would it be like to suffer a cyberattack event, that literally closes down an entire business? That’s exactly what happened to United Structures of America, a steel manufacturing company. In this episode, Jay and Joao discuss what happened, and some of the lessons learned that should cause other organizations to take a hard look at how insecure their own systems are.

Download Links

MP3 versionMP3 version (low bitrate)Ogg version

Relevant Articles

The Anatomy of a Cyberattack (Wallstreet Journal)
Note: There’s a paywall in that article, but you can just watch the video.Comments closed

Enterprise Linux Security Episode 33 – Patch your Confluence Server!

Published 2022-06-23 by jayhttps://media.blubrry.com/enterprise_linux_security/enterpriselinuxsecurity.show/wp-content/uploads/2022/06/els_33.mp3

Atlassian software is constantly under attack, and often the source of many lost weekends for IT admins. Recently, a brand-new vulnerability has been discovered – CVE-2022-26134. This particular vulnerability is remotely exploitable, and has been listed as critical. In this episode, Jay and Joao discuss this vulnerability, as well as some of the struggles around Atlassian software in general.

Download Links

MP3 versionMP3 version (lower bitrate)Ogg version

Relevant Articles

Confluence CVE-2022-26134Comments closed