Forecast: High pressure system over Georgia Tech as DOJ storm rolls in. SolarWinds experiencing unexpected credential precipitation.
This episode features the DOJ hot takes on Georgia Tech, SolarWinds dropping the ball (again), and why Keanu Reeves may want to re-think some of his recent life choices. Plus, we're decoding the latest KEV advisory. Tune in for our usual no-holds-barred analyses and commentary.
Cyberside Chat
A major legal action by the U.S. Department of Justice targets Georgia Tech and its research corporation over alleged cybersecurity violations. The case underscores the critical importance of cybersecurity compliance, even for prestigious academic institutions.
Cyber Spotlight: Blooper Reel
Keanu Reeves' involvement in a Palo Alto Networks AI security campaign raises questions about celebrity endorsements in tech. SolarWinds faces scrutiny after a recent credential leak in a hotfix for their Web Help Desk product, highlighting the risks of rushed patches. Additionally, a critical authentication flaw in DiCal-RED illustrates the ongoing challenge of securing essential software functions.
Shameless Self-Promotion
- Emily and Glenn will be speaking at LABSCON
- Glenn's BSidesLV presentation on vulnerability insights from the CISA KEV Catalog.
- GreyNoise's blog "BLUUID: Firewallas, Diabetics, And... Bluetooth," explores the intersection of technology and healthcare.
Tag Round-Up / Let’s Talk About KEV
A roundup of the latest tags from the GreyNoise Visualizer and a deep dive into the KEV (Known Exploited Vulnerabilities) Roundup, with special attention on CVE-2024-39717, a Versa Director vulnerability that has stirred controversy due to its rapid addition to the KEV catalog despite limited public information on its exploitation.