(no title)
BasilPH | 1 year ago
Andres Freund starts speaking at 5:09.
I'm not affiliated with the podcast. I only did a very cursory review of the S2T results, so expect mistakes.
BasilPH | 1 year ago
Andres Freund starts speaking at 5:09.
I'm not affiliated with the podcast. I only did a very cursory review of the S2T results, so expect mistakes.
bdzr|1 year ago
- A serious SSH backdoor was discovered in the xz Linux compression library, allowing attackers to compromise SSH servers.
- The backdoor was discovered by Andres Freund, a Postgres developer, who noticed suspicious CPU usage and login attempts on his systems.
- The xz backdoor allowed attackers to bypass authentication and gain root access on compromised systems.
- Microsoft faced significant criticism from the CSRB (Cybersecurity Review Board) for a cascade of errors related to a China-based hack.
- Ukraine was able to leverage an old WinRAR vulnerability to hack into Russian systems as part of the ongoing conflict.
- There have been recent "MFA bombing" attacks targeting Apple users, combining push notifications and social engineering.
- A ransomware gang leaked stolen Scottish healthcare patient data as part of an extortion attempt.
- Renowned security expert and author Ross Anderson passed away.
- The episode features a discussion with Andres Freund about his discovery of the xz backdoor.
- The podcast sponsor, Island, discusses how enterprises are moving away from VDI (Virtual Desktop Infrastructure) towards security-focused enterprise browsers.
williamstein|1 year ago