PLAY PODCASTS
How to get more headcount, BLUFFs Vulnerability, and Ranty Clause debuts!

How to get more headcount, BLUFFs Vulnerability, and Ranty Clause debuts!

BrakeSec Education Podcast · Brian Boettcher, Amanda Berlin, and Bryan Brake

December 4, 20231h 19mExplicit

Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.

Original episode page

Show Notes

Show Topic Summary:

Ms. Berlin proposes a question of how to gather more headcount with metrics, we discuss the BLUFFS bluetooth vulnerability, and "Ranty Claus" talks about CISA's remarks of putting the onus on device product makers to remove choice for customers and implement secure defaults.

#youtube VOD: https://www.youtube.com/watch?v=emcAzTx9z0c

Questions and topics:

  1. https://cyberscoop.com/cisa-goldstein-secure-by-design/

  2. https://hackaday.com/2023/12/02/update-on-the-bluffs-bluetooth-vulnerability/

Additional information / pertinent LInks (Would you like to know more?):

  1. https://cyberscoop.com/jen-easterly-secure-by-design/

  2. https://www.cisa.gov/resources-tools/resources/stop-passing-buck-cybersecurity

  3. Examples of companies forcing changes https://www.bleepingcomputer.com/news/microsoft/microsoft-will-roll-out-mfa-enforcing-policies-for-admin-portal-access/

  4. https://github.com/aya-rs/aya - eBPF implementation in Rust

  5. https://ossfortress.io/

  6. https://www.darkreading.com/endpoint-security/critical-logofail-bugs-secure-boot-bypass-millions-pcs

Show points of Contact:

Amanda Berlin: @infosystir @hackershealth

Brian Boettcher: @boettcherpwned

Bryan Brake: @bryanbrake on Mastodon.social, https://linkedin.com/in/brakeb

Brakesec Website: https://www.brakeingsecurity.com

Twitter: @brakesec

Youtube channel: https://youtube.com/c/BDSPodcast

Twitch Channel: https://twitch.tv/brakesec

← All episodes of BrakeSec Education Podcast