This StormWatch episode begins with a discussed of the latest happenings in the cybersecurity world, focusing on the latest phones, developments at Censys and GreyNoise, and important cybersecurity news, including conspiracy theories. They also discussed their "scariest vulnerabilities," with one mentioning mercenary spyware like Pegasus as a significant concern.
The episode then moved on to discuss recent security breaches involving Okta, Beyond Trust, and 1Password, with praise for 1Password's transparent response. They also covered recent vulnerabilities in SolarWinds and the subsequent SEC charges against SolarWinds and their Chief Information Security Officer for fraud and internal control failures.
Additionally, they discussed a tool called cvecrowd.com, which tracks CVE mentions on Mastodon, praising its usefulness in tracking cybersecurity incidents, and mentioned an upcoming event at a brewery where threat hunting techniques and tips would be discussed.
Further, they delved into recent vulnerabilities found in Cisco IOS, with one sharing findings from her investigation into the vulnerabilities, and emphasized the importance of patching and updating systems to protect against such vulnerabilities.
