13 min listen
MoveIT, Looney Tunables, iPhone zero days, state of DEVOPS
FromPhoenix Cast
ratings:
Length:
72 minutes
Released:
Oct 13, 2023
Format:
Podcast episode
Description
In this episode of Phoenix Cast, hosts John, Rich, and Kyle discuss a trio of terrible items from the news. They also discuss Google’s state of DEVOPS report.
Share your thoughts with us on Twitter: @USMC_TFPhoenix (Now verified!) Follow MARFORCYBER & MCCOG on Twitter, LinkedIn, Facebook, and YouTube. Leave your review on Apple Podcasts.
Links:
Looney Tunables -
https://blog.qualys.com/vulnerabilities-threat-research/2023/10/03/cve-2023-4911-looney-tunables-local-privilege-escalation-in-the-glibcs-ld-so
https://www.bleepingcomputer.com/news/security/exploits-released-for-linux-flaw-giving-root-on-major-distros/?mibextid=Zxz2cZ
https://hackaday.com/2023/10/06/this-week-in-security-looney-tunables-not-a-0-day-and-curl-warning/
MoveIt - https://techcrunch.com/2023/08/25/moveit-mass-hack-by-the-numbers/?guccounter=1&guce_referrer=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8&guce_referrer_sig=AQAAAKI26YxLOJ3LtfPNiJcdBP7BjU5pY0NLPt_rZ1BSmhkA67JuGSVuYD5tuhnZTBdr6h-hdVsmq97cSlvBy-cClsH8C5uTJ5sLvcl9QDYYhdFqMu_8FDx4wLMOKUb7ixUEF2kg6NXDtajrK38ERHg4zm487zavIDNsKJrbDr4h-fGE
https://www.darkreading.com/attacks-breaches/financial-firms-breached-in-moveit-cyberattacks-now-face-lawsuits
https://www.bleepingcomputer.com/news/security/the-moveit-hack-and-what-it-taught-us-about-application-security/
https://www.progress.com/moveit
https://www.bleepingcomputer.com/news/security/sony-confirms-data-breach-impacting-thousands-in-the-us/
Apple Zero Days:
https://www.bleepingcomputer.com/news/apple/apple-emergency-update-fixes-new-zero-day-used-to-hack-iphones/?fbclid=IwAR1V3v3W0kJslsY59ayfrB0UswUzpE9bP0ARmlp1VDLDjx2po4WDUoKuGWs_aem_AVWQ2hLENrbnURcSsKrImQS79tU85DLt59xWTfeGF7ByyJ61n4Nt8jnosltfbzscecE&mibextid=Zxz2cZ
https://support.apple.com/en-us/102657#:~:text=Mac%3A%20Choose%20Apple%20menu%20%EF%A3%BF,system%20files%22%20is%20turned%20on.
State of DevOps Report:
https://cloud.google.com/blog/products/devops-sre/announcing-the-2023-state-of-devops-report
Industrial DevOps:
https://itrevolution.com/product/industrial-devops-book/
National Security Commission on Artificial Intelligence:
https://www.nscai.gov/
Share your thoughts with us on Twitter: @USMC_TFPhoenix (Now verified!) Follow MARFORCYBER & MCCOG on Twitter, LinkedIn, Facebook, and YouTube. Leave your review on Apple Podcasts.
Links:
Looney Tunables -
https://blog.qualys.com/vulnerabilities-threat-research/2023/10/03/cve-2023-4911-looney-tunables-local-privilege-escalation-in-the-glibcs-ld-so
https://www.bleepingcomputer.com/news/security/exploits-released-for-linux-flaw-giving-root-on-major-distros/?mibextid=Zxz2cZ
https://hackaday.com/2023/10/06/this-week-in-security-looney-tunables-not-a-0-day-and-curl-warning/
MoveIt - https://techcrunch.com/2023/08/25/moveit-mass-hack-by-the-numbers/?guccounter=1&guce_referrer=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8&guce_referrer_sig=AQAAAKI26YxLOJ3LtfPNiJcdBP7BjU5pY0NLPt_rZ1BSmhkA67JuGSVuYD5tuhnZTBdr6h-hdVsmq97cSlvBy-cClsH8C5uTJ5sLvcl9QDYYhdFqMu_8FDx4wLMOKUb7ixUEF2kg6NXDtajrK38ERHg4zm487zavIDNsKJrbDr4h-fGE
https://www.darkreading.com/attacks-breaches/financial-firms-breached-in-moveit-cyberattacks-now-face-lawsuits
https://www.bleepingcomputer.com/news/security/the-moveit-hack-and-what-it-taught-us-about-application-security/
https://www.progress.com/moveit
https://www.bleepingcomputer.com/news/security/sony-confirms-data-breach-impacting-thousands-in-the-us/
Apple Zero Days:
https://www.bleepingcomputer.com/news/apple/apple-emergency-update-fixes-new-zero-day-used-to-hack-iphones/?fbclid=IwAR1V3v3W0kJslsY59ayfrB0UswUzpE9bP0ARmlp1VDLDjx2po4WDUoKuGWs_aem_AVWQ2hLENrbnURcSsKrImQS79tU85DLt59xWTfeGF7ByyJ61n4Nt8jnosltfbzscecE&mibextid=Zxz2cZ
https://support.apple.com/en-us/102657#:~:text=Mac%3A%20Choose%20Apple%20menu%20%EF%A3%BF,system%20files%22%20is%20turned%20on.
State of DevOps Report:
https://cloud.google.com/blog/products/devops-sre/announcing-the-2023-state-of-devops-report
Industrial DevOps:
https://itrevolution.com/product/industrial-devops-book/
National Security Commission on Artificial Intelligence:
https://www.nscai.gov/
Released:
Oct 13, 2023
Format:
Podcast episode
Titles in the series (99)
Instant Reaction: July 2020 Twitter Bitcoin Hack by Phoenix Cast