Security Serengeti

By: David Schwendinger and Matthew Keener
  • Summary

  • A news analysis focused information security podcast dedicated to getting you the actionable information and analysis you need to improve your company's posture and response!
    © 2021
    Show More Show Less
activate_Holiday_promo_in_buybox_DT_T2
Episodes
  • SS-NEWS-154 - Salt Typhoon and MS MFA Brute Forcing
    Dec 16 2024

    This week we discuss Salt Typhoon and the terrible idea of backdoors (and I mis-remember the backdoor discussion in 2008 - encryption vs. telcos!) and the Microsoft MFA brute forcing.

    Article 1 - Salt Typhoon forces FCC's hand on making telcos secure their networks
    Supporting Articles:
    China's Salt Typhoon recorded top American officials' calls, says White House
    US alleges China hacked calls of 'very senior' political figures, official says
    US lawmakers seek answers on alleged Salt Typhoon breach of telecom giants
    Wyden legislation would mandate FCC cybersecurity rules for telecoms
    Wiretap Telecom

    Article 2 - Microsoft MFA AuthQuake Flaw Enabled Unlimited Brute-Force Attempts Without Alerts

    If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!

    Show More Show Less
    43 mins
  • SS-NEWS-153 - Lawyers will Inherit Cyber
    Nov 18 2024

    This week we discuss an academic paper through Venture in Security talking about how companies will rely more and more on legal reasoning and decision making vs. technical reasoning and decision making, and we quickly hit on ATT&CK v16.

    Article 1 - Venture in Security Response - Blessed are the lawyers, for they shall inherit cybersecurity
    Supporting Articles:
    Original Paper - Blessed Are The Lawyers, For They Shall Inherit Cybersecurity

    Article 2 - V16 Brings (Re)Balance: Restructured Cloud, New Analytics, and More Cybercriminals

    If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!

    Show More Show Less
    46 mins
  • SS-DISC-152 - Detection Engineering Behavior Maturity Model
    Nov 4 2024

    Today we discuss the Detection Engineering Behavior Maturity Model, which is a new Capability Maturity Model for Detection Engineering (surprise!) from Elastic. It seems a little overly complicated to me (M.) but super useful despite that!

    Article that we originally saw

    Direct link to Elastic Blog Post

    If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!

    Show More Show Less
    41 mins

What listeners say about Security Serengeti

Average customer ratings

Reviews - Please select the tabs below to change the source of reviews.