In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including the launch of their new podcast, Getting Defensive. They delve into a CISA report on exploited vulnerabilities, highlighting the concerning trend of zero-day vulnerabilities being exploited. The conversation also covers a GitHub incident involving malicious commits aimed at framing a researcher, Microsoft’s new Windows resiliency initiative, and insights from a CISA red team assessment of a critical infrastructure organization. We emphasize the importance of consent in security assessments and the challenges organizations face in managing risks associated with outdated software.

Takeaways

• 
  
• The launch of the new podcast ‘Getting Defensive’ aims to explore deeper cybersecurity topics.
  
• CISA’s report indicates a troubling trend of zero-day vulnerabilities being exploited more frequently.
  
• Organizations must prioritize patching and mitigating controls to address vulnerabilities effectively.
  
• The GitHub incident highlights the risks of malicious commits and the importance of code review.
  
• Microsoft’s Windows resiliency initiative introduces new features to enhance security and system integrity.
  
• Consent is crucial in penetration testing and security assessments.
  
• Organizations often accept risks associated with outdated software, which can lead to vulnerabilities.
  
• Effective monitoring and detection are essential to mitigate potential attacks.
  
• Ransomware is not the only threat; organizations must be aware of various attack vectors.
  
• The CISA red team assessment provides valuable insights into the security posture of critical infrastructure.
  

 

Links:

• 
  
• https://www.darkreading.com/cyberattacks-data-breaches/zero-days-wins-superlative-most-exploited-vulns
  
• https://www.bleepingcomputer.com/news/security/github-projects-targeted-with-malicious-commits-to-frame-researcher/
  
• https://thehackernews.com/2024/11/microsoft-launches-windows-resiliency.html?m=1
  
• https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-326a