Welcome back! Episode 81 is sure to be a good one, but before I get started, just a few thoughts…
We just went through our first Memorial Day weekend under COVID-19. I don’t know what to say about it, other than the world seems as crazy, or crazier, than ever. Seems like 1/2 the country is out and about like everything’s normal while the other 1/2 of the country stays cooped up as though the apocalypse were upon us. To complicate matters, both halves seem to look upon each other with disdain.
We’re learning more and more each day about this coronavirus we call COVID-19. One thing appears certain, we’ve had crappy data to work with since day one. Crappy data leads to crappy decisions and crappy decisions lead to crappy outcomes. I’ll just leave it at that.
This is one of my favorite holidays. I wonder how many of us know what it stands for or what it means. I wonder because I was wished a Happy Memorial Day numerous times yesterday, yet there’s nothing “happy” about it. The day is set aside to remember and honor our nation’s war dead from the Civil War onwards. It’s a day to stop what you’re doing, spend (at least) a few moments remembering the sacrifices that were made by our soldiers, and be grateful.
I suppose there are happy parts too, but these are mostly the product of what somebody else gave for you and me.
Not sure if I’m in a pissier mood today or what. No matter, I’ll snap out of it soon. Let’s get to Brad’s show notes!
SHOW NOTES – Episode 81
Date: Tuesday, May 26th, 2020
Episode 81 Topics
- Catching Up (as per usual)
- Hard Truths
- Wrapping Up – Shout outs
[Brad] Welcome back! This is episode 81 of the UNSECURITY Podcast, and I’m your host this week, Brad Nigh. Today is May 26th, and joining me this morning as usual is Evan Francen.
[Evan] Has some sort of story for us I’m sure
[Brad] We’ve got a good show planned today! Before we get going though, let’s recap our week.
Quick discussion about last week, Memorial Day, last weekend, COVID-19, life, and other stuff.
[Evan] Evan talks about the cool things he did.
[Brad] I talk about the cool things I did.
[Brad] So interestingly, at least to me, this is the first time I struggled with what to cover in our podcast. Maybe the monotony of quarantine, the tidal wave of news around breaches and new attack vectors, or just plain old writer’s block but even sitting down to write this I don’t know where it ended up.
Because I was stuck I decided to start with news, there have been several really interesting things that have come out lately and that’s when I found this article from CSO Online 6 hard truths security pros must learn to live with and, yeah we can talk about this.
The Hard Truths
Discussion about the hard truths outlined in the CSO Online article:
- Hackers are probably inside your network right now
- You can do everything right and a careless end user can ruin everything
- You face critical staffing and skills shortages
- IoT creates new and unforeseen security problems
- You sometimes feel misunderstood and underappreciated
- Stress, anxiety and burnout come with the territory
[Brad] Good conversation, thank you Evan.
Let’s do some news…
[Brad] Always plenty of things to talk about in the news, and here’s a few stories that caught my eye
- The ransomware that attacks you from inside a virtual machine – https://nakedsecurity.sophos.com/2020/05/22/the-ransomware-that-attacks-you-from-inside-a-virtual-machine/
- ThreatList: People Know Reusing Passwords Is Dumb, But Still Do It – https://threatpost.com/threatlist-people-know-reusing-passwords-is-dumb-but-still-do-it/155996/
- North Dakota’s Contact Tracing App Sends User Data to Third Parties – https://www.infosecurity-magazine.com/news/nd-contact-tracing-app-shares-data/
- Clever Phishing Attack Bypasses MFA to Nab Microsoft Office 365 Credentials – https://threatpost.com/phishing-campaign-allows-for-mfa-bypass-on-office-365/155864/
Wrapping Up – Shout outs
[Brad] That’s it, Episode 81 is a wrap. Evan, you have any shout outs?
[Evan] Of course he does!
[Brad] Here’s mine…
[Brad] Huge thank you to our listeners! Keep the questions and feedback coming. Send things to us by email at firstname.lastname@example.org. If you’re the social type, socialize with us on Twitter, I’m @BradNigh and Evan’s @evanfrancen. Lastly, be sure to follow SecurityStudio (@studiosecurity) and FRSecure (@FRSecure) for more goodies.
That’s it! Talk to you all again next week!