top of page

Risky Business #638 -- Licensed to Pwn

Updated: Jul 6





Introduction

Welcome to another insightful episode from Risky Business! In this week's show, host Patrick Gray, along with Adam Boileau, delves into the latest security news and developments. The highlight of the episode is an in-depth interview with Fayyaz Rajpari, Security Product Manager at Gigamon, who shares the groundbreaking integration work between Gigamon's Network Detection and Response (NDR) product and Crowdstrike's endpoint detection capabilities.


Key Discussions


Apple 0day Vulnerability

Apple recently patched a critical iMessage vulnerability exploited by NSO Group's Pegasus spyware. The discussion underscores the growing challenge of 0day exploits affecting major tech companies like Apple, Microsoft, and Google.


Azure Security Issues

Two significant security issues in Azure's cloud infrastructure were highlighted: a remote code execution vulnerability due to missing authentication headers and a cross-account container takeover vulnerability. These issues stress the importance of robust security measures in cloud environments.


SEC's New Breach Disclosure Requirement

The SEC's mandate for companies to disclose breaches aims to increase transparency and improve corporate cybersecurity postures.


Sponsor Interview with Fayyaz Rajpari

Fayyaz Rajpari talks about Gigamon's innovative integration with Crowdstrike. This collaboration enhances visibility and response capabilities, providing customers with a more comprehensive security solution.


Excerpt: "Patrick Gray: So, Fayyaz, Gigamon has been working on integrating its NDR product with Crowdstrike. Can you tell us more about that? Fayyaz Rajpari: Yes, absolutely. The integration aims to enhance visibility and response capabilities for our customers. By combining Gigamon's deep network visibility with Crowdstrike's endpoint detection and response, we're providing a more comprehensive security solution."


For the full episode, listen here.


Conclusion

This episode offers a deep dive into current cybersecurity challenges and innovations. Don't miss out on the detailed analysis and expert insights that can help bolster your organization's security posture. Stay tuned for more updates and expert interviews from Risky Business.


[00:00] Introduction: Patrick Gray: Welcome back to Risky Business. My name is Patrick Gray, and this week's show is brought to you by Gigamon. We're going to be talking to Fayyaz Rajpari, Security Product Manager at Gigamon, about some work they've been doing to integrate their NDR product with Crowdstrike.


[00:39] News Discussion: Patrick Gray: Alright, first up, Adam Boileau is back with me to discuss the week's news. Adam, let's start with the big one: the Apple 0day that has everyone freaking out. Adam Boileau: Yeah, this one is quite serious. Apple has pushed out an urgent update to address an iMessage vulnerability that was being actively exploited. This is another example of NSO Group's Pegasus spyware being used in the wild.


[02:07] Further 0day Discussion: Patrick Gray: And it's not just Apple; we've seen a lot of 0day activity recently. Microsoft, Google, and Zoho have all had critical vulnerabilities exploited. Adam, what's your take on this surge? Adam Boileau: It's definitely alarming. The pace at which these 0days are being discovered and exploited suggests a highly active threat landscape.


[04:17] Project Raven Settlement: Patrick Gray: Moving on, former American Project Raven staffers have settled with the Department of Justice over their involvement in providing hacking services to the UAE. Adam, this case is pretty wild. Adam Boileau: Absolutely. This is a rare instance where we see American citizens facing consequences for their participation in offensive cyber operations on behalf of a foreign government.


[06:09] Azure Security Issues: Patrick Gray: And then there are these two bonkers Azure security problems that came to light. One involving a simple RCE vulnerability due to missing auth headers, and another that allows cross-account container takeover. What do you make of these? Adam Boileau: It's shocking, really. The Azure issues highlight some fundamental security lapses in cloud infrastructure that shouldn't be happening in 2021.


[09:54] SEC Breach Disclosure: Patrick Gray: The SEC is now telling corporate America to spill the beans on breaches. This is a big move towards transparency. How effective do you think this will be? Adam Boileau: It could be very effective. Mandatory disclosure could push companies to improve their security postures to avoid the reputational damage that comes with public breach disclosures.


[11:33] Sponsor Interview: Patrick Gray: Now it's time for this week's sponsor interview. We're speaking with Fayyaz Rajpari, Security Product Manager at Gigamon. Fayyaz, welcome to the show. Fayyaz Rajpari: Thanks, Patrick. It's great to be here. Patrick Gray: So, Fayyaz, Gigamon has been working on integrating its NDR product with Crowdstrike. Can you tell us more about that? Fayyaz Rajpari: Yes, absolutely. The integration aims to enhance visibility and response capabilities for our customers. By combining Gigamon's deep network visibility with Crowdstrike's endpoint detection and response, we're providing a more comprehensive security solution.


[14:27] Closing Remarks: Patrick Gray: Well, that's all we have time for this week. Thanks to our sponsor Gigamon, and thanks to Adam Boileau for joining us to discuss the news. We'll be back next week with more security updates.


The original audio can be found here.

9 views0 comments

Recent Posts

See All

The Autonomous SOC, is It Here Yet?

One of my first jobs back when I was in high school was a PBX Operator at a Hospital.  It was a new experience for me as I did the weekend graveyard shift and got to learn the hospital systems, their

Comments


bottom of page