Defensive Security Podcast Episode 268

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec - A podcast by Jerry Bell and Andrew Kalat

Categories:

  Stories: https://www.scmagazine.com/feature/incident-response/why-solarwinds-just-may-be-one-of-the-most-secure-software-companies-in-the-tech-universe https://www.computerweekly.com/news/252522789/Log4Shell-on-its-way-to-becoming-endemic https://www.bleepingcomputer.com/news/security/hackers-impersonate-cybersecurity-firms-in-callback-phishing-attacks/ https://www.cybersecuritydive.com/news/microsoft-rollback-macro-blocking-office/627004/ jerry: [00:00:00] All right, here we go today. Sunday, July 17th. 2022. And this is episode 268. Of the defensive security podcast. My name is Jerry Bell and joining me tonight as always is Mr. Andrew Kellett. Andy: Hello, Jerry. How are you, sir? jerry: great. How are you doing? Andy: I’m doing good. I see nobody else can see it, but I see this amazing background that you’ve done with your studio and all sorts of cool pictures. Did you take those. jerry: I It did not take those. They are straight off Amazon actually. It’s. jerry: I’ll have to post the picture at some [00:01:00] point, but the pictures are actually sound absorbing panels. Andy: Wow. I there’s jokes. I’m not going to make them, but anyway, I’m doing great. Good to see ya.. jerry: Awesome. Just a reminder that the thoughts and opinions we express on the show are ours and do not represent those of our employers. But as you are apt to point out, they could be for the right price. Andy: That’s true. That’s true. And that, and by the way, what that really means is you’re not going to change our opinions. You’re just going to to hire them. jerry: Correct. right. Sponsor our existing opinions. Andy: Someday that’ll work. jerry: All right. So we have some interesting stories today. The first one comes from SC magazine dot com. The title is why solar winds just might be one of the most secure software companies. In the tech universe. Andy: It’s a pretty interesting one. I went into this a little. Andy: Cynical. But there’s a lot of [00:02:00] really interesting stuff in here. jerry: Yeah there, there is, I think jerry: What I found interesting. A couple of things. One is very obvious. That this is a. Planted attempt to get back into the good graces of the it world. But at the same time, It is very clear that they have made some pretty significant improvements in their security posture. And I think for that, it deserves a. jerry: A discussion. Andy: Yeah, not only improvements, but they’re also. Andy: Having these strong appearance of transparency and sharing lessons learned. Which we appreciate. jerry: Correct. The one thing that I so we’ll get into it a little bit, but they still don’t really tell you. How. The thing happened. Andy: Aliens. jerry: Obviously it was aliens. They did tell you what happened. And so in the. Article here they describe this the [00:03:00] CISO of solar winds describes that the attack didn’t actually. Change their code base. So the attack wasn’t against their code repository. It was actually against one of their build systems. jerry: And so they were the adversary here. Was injecting code. At build time, basically. So it wasn’t something that they could detect through code reviews. It was actually being added as part of the build proc...