Brakeing Down Security Podcast   /     How to get more headcount, BLUFFs Vulnerability, and Ranty Clause debuts!

Description

Show Topic Summary: Ms. Berlin proposes a question of how to gather more headcount with metrics, we discuss the BLUFFS bluetooth vulnerability, and “Ranty Claus” talks about CISA’s remarks of putting the onus on device product makers to remove choice for customers and implement secure defaults. #youtube VOD: https://www.youtube.com/watch?v=emcAzTx9z0c  Questions and topics: https://cyberscoop.com/cisa-goldstein-secure-by-design/ https://hackaday.com/2023/12/02/update-on-the-bluffs-bluetooth-vulnerability/ Additional information / pertinent LInks (Would you like to know more?): https://cyberscoop.com/jen-easterly-secure-by-design/ https://www.cisa.gov/resources-tools/resources/stop-passing-buck-cybersecurity  Examples of companies forcing changes https://www.bleepingcomputer.com/news/microsoft/microsoft-will-roll-out-mfa-enforcing-policies-for-admin-portal-access/   https://github.com/aya-rs/aya - eBPF implementation in Rust https://ossfortress.io/   https://www.darkreading.com/endpoint-security/critical-logofail-bugs-secure-boot-bypass-millions-pcs  Show points of Contact: Amanda Berlin: @infosystir @hackershealth  Brian Boettcher: @boettcherpwned Bryan Brake: @bryanbrake on Mastodon.social, https://linkedin.com/in/brakeb  Brakesec Website: https://www.brakeingsecurity.com Twitter: @brakesec  Youtube channel: https://youtube.com/c/BDSPodcast Twitch Channel: https://twitch.tv/brakesec

Subtitle
Show Topic Summary: Ms. Berlin proposes a question of how to gather more headcount with metrics, we discuss the BLUFFS bluetooth vulnerability, and “Ranty Claus” talks about CISA’s remarks of putting the onus on device product makers to remove...
Duration
01:19:11
Publishing date
2023-12-04 20:01
Link
http://brakeingsecurity.com/how-to-get-more-headcount-bluffs-vulnerability-and-ranty-clause-debuts
Contributors
  Brian Boettcher, Amanda Berlin, and Bryan Brake
author  
Enclosures
https://traffic.libsyn.com/secure/brakeingsecurity/final-03Dec.mp3?dest-id=177487
audio/mpeg

Shownotes

Show Topic Summary:

Ms. Berlin proposes a question of how to gather more headcount with metrics, we discuss the BLUFFS bluetooth vulnerability, and “Ranty Claus” talks about CISA’s remarks of putting the onus on device product makers to remove choice for customers and implement secure defaults.

#youtube VOD: https://www.youtube.com/watch?v=emcAzTx9z0c 

Questions and topics:

  1. https://cyberscoop.com/cisa-goldstein-secure-by-design/

  2. https://hackaday.com/2023/12/02/update-on-the-bluffs-bluetooth-vulnerability/

Additional information / pertinent LInks (Would you like to know more?):

  1. https://cyberscoop.com/jen-easterly-secure-by-design/

  2. https://www.cisa.gov/resources-tools/resources/stop-passing-buck-cybersecurity 

  3. Examples of companies forcing changes https://www.bleepingcomputer.com/news/microsoft/microsoft-will-roll-out-mfa-enforcing-policies-for-admin-portal-access/  

  4. https://github.com/aya-rs/aya - eBPF implementation in Rust

  5. https://ossfortress.io/  

  6. https://www.darkreading.com/endpoint-security/critical-logofail-bugs-secure-boot-bypass-millions-pcs 

Show points of Contact:

Amanda Berlin: @infosystir @hackershealth 

Brian Boettcher: @boettcherpwned

Bryan Brake: @bryanbrake on Mastodon.social, https://linkedin.com/in/brakeb 

Brakesec Website: https://www.brakeingsecurity.com

Twitter: @brakesec 

Youtube channel: https://youtube.com/c/BDSPodcast

Twitch Channel: https://twitch.tv/brakesec