BrakeSec Education Podcast – Details, episodes & analysis

Podcast details

Technical and general information from the podcast's RSS feed.

BrakeSec Education Podcast

Bryan Brake, Amanda Berlin, and Brian Boettcher

News

Technology

Frequency: 1 episode/9d. Total Eps: 451

A podcast about the world of Cybersecurity, Privacy, Compliance, and Regulatory issues that arise in today's workplace. Co-hosts Bryan Brake, Brian Boettcher, and Amanda Berlin teach concepts that aspiring Information Security professionals need to know, or refresh the memories of seasoned veterans.

Site

RSS

Apple

Recent rankings

Latest chart positions across Apple Podcasts and Spotify rankings.

Apple Podcasts

🇺🇸 USA - techNews
23/02/2025
#100
🇺🇸 USA - techNews
21/01/2025
#93
🇨🇦 Canada - techNews
20/12/2024
#89
🇨🇦 Canada - techNews
19/12/2024
#76
🇨🇦 Canada - techNews
18/12/2024
#70
🇬🇧 Great Britain - techNews
17/10/2024
#99
🇬🇧 Great Britain - techNews
16/10/2024
#85
🇬🇧 Great Britain - techNews
15/10/2024
#67
🇬🇧 Great Britain - techNews
14/10/2024
#44
🇺🇸 USA - techNews
14/10/2024
#80

Spotify

No recent rankings available

Shared links between episodes and podcasts

Links found in episode descriptions and other podcasts that share them.

See all

https://mastersofscale.com/
573 shares
https://brakesec.com/BrakesecRSS
564 shares
https://brakesec.com/BDS-GooglePlay
564 shares

https://youtube.com/
1009 shares
http://www.youtube.com/c/BDSPodcast
592 shares
https://www.youtube.com/channel/UCZFjAqFb4A60M1TMa0t1KXw
90 shares

https://twitter.com/brakesec
270 shares
https://twitter.com/boettcherpwned
270 shares
https://twitter.com/bryanbrake
270 shares

RSS feed quality and score

Technical evaluation of the podcast's RSS feed quality and structure.

See all

RSS feed quality

To improve

Score global : 42%

Publication history

Monthly episode publishing history over the past years.

Year

Episodes published by month in

Latest published episodes

Recent episodes with titles, durations, and descriptions.

See all

steam distributes malware in game form, RDP open from DOGE servers, hacking a supply chain for 50K

Season 2025 · Episode 1

lundi 17 février 2025 • Duration 01:01:47

Youtube VOD: https://www.youtube.com/watch?v=zu_smyQGvG4

https://lcamtuf.substack.com/p/how-security-teams-fail
https://cyberintel.substack.com/p/doge-exposes-once-secret-government
https://x.com/SteamDB/status/1889610974484705314 – supply chain issues can crop up anywhere… are you blocking people from steam and popular software downloads online?
https://www.landh.tech/blog/20250211-hack-supply-chain-for-50k/
https://medium.com/@cyberengage.org/rethinking-incident-response-from-picerl-to-dair-7b153a76e044
https://www.youtube.com/watch?v=3HRkKznJoZA <- 100 digits of pi
https://www.youtube.com/watch?v=rz4Dd1I_fX0 <- periodic table song

Additional information / pertinent LInks (Would you like to know more?):

https://www.socvel.com/quiz/
https://xphantom.nl/posts/Offensive-Security-Lab/

Show points of Contact:

Amanda Berlin: https://www.linkedin.com/in/amandaberlin/

Brian Boettcher: https://www.linkedin.com/in/bboettcher96/

Bryan Brake: https://linkedin.com/in/brakeb

Brakesec Website: https://www.brakeingsecurity.com

Youtube channel: https://youtube.com/@brakeseced

discord: https://discord.gg/brakesec

Twitch Channel: https://twitch.tv/brakesec

Music: https://chillhop.ffm.to/creatorcred "Flex" by Jeremy Blake

Courtesy of Youtube media library

Tanya Janca Talks secure coding, Semgrep Academy, and community building, and more!

Season 2024

samedi 1 juin 2024 • Duration 01:27:18

Check out the BrakeSecEd Twitch at https://twitch.tv/brakesec

Join the Discord! https://discord.gg/brakesec

#youtube VOD (in 1440p): https://www.youtube.com/watch?v=axQWGyd79NM

Questions and topics:
Bsides Vancouver discussion
Semgrep Community and Academy
Building communities
What are ‘secure guardrails’
Reducing barriers between security and developers
How to sell security to devs: “hey, if you want to see us less, buy/use this?”
“Security is your barrier, but we have goals that we can’t reach without your help.”
https://wehackpurple.com/devsecops-worst-practices-artificial-gates/
How are you seeing things like AI being used to help with DevOps or is it just making things more complicated? Not just helping write code, but infrastructure Ops, software inventories, code repo hygiene, etc?
OWASP PNW https://www.appsecpnw.org/
Alice and Bob coming next year!

Additional information / pertinent LInks (Would you like to know more?):
shehackpurple.ca
Semgrep (https://semgrep.dev/)
https://aliceandboblearn.com/
https://academy.semgrep.dev/ (free training)
Netflix ‘paved roads’: https://netflixtechblog.com/how-we-build-code-at-netflix-c5d9bd727f15
https://en.wikipedia.org/wiki/Nudge_theory
https://www.perforce.com/blog/qac/what-is-linting
https://www.youtube.com/watch?v=FSPTiw8gSEU
https://techhq.com/2024/02/air-canada-refund-for-customer-who-used-chatbot/

Show points of Contact:
Amanda Berlin: @infosystir @hackershealth
Brian Boettcher: @boettcherpwned
Bryan Brake: https://linkedin.com/in/brakeb
Brakesec Website: https://www.brakeingsecurity.com
Youtube channel: https://youtube.com/@BrakeSecEd
Twitch Channel: https://twitch.tv/brakesec

Nicole Sundin - CPO at Axio - SEC compliance, usable security, setting up risk mgmt programs

Season 2022

samedi 23 septembre 2023 • Duration 01:06:08

Disclaimer: The views, information, or opinions expressed on this program are solely the views of the individuals involved and by no means represent absolute facts. Opinions expressed by the host and guests can change at any time, and do not represent views of past, present, or future employers.

Guest Bio: Nicole is the Chief Product Officer at Axio. Nicole has spent her career building awareness around the benefits of usable security and human-centered security as a way to increase company revenue and create a seamless user experience.

Youtube VOD Link: https://youtube.com/live/tFaAB9an47g

Questions and topics: Usable security: is it an oxymoron?

What determines if the security is ‘usable’ or no? We sacrifice security for a better UX, what can be done to alleviate that? Or is it some sort of sliding scale in “poor UX, amazing security or awesome UX, poor security” Examples of poor UX for ‘people’: MFA, and password managers.

SEC updates and ‘material events’ and how that would affect security, IR, and other company reporting functions.

Also, additional documentation (Regulation S-K Item 106) https://www.linkedin.com/posts/nicole-sundin-5225a1149_sec-adopts-rules-on-cybersecurity-risk-management-activity-7090065804083290112-ISD8

Are companies ready to talk about their cybersecurity? Can the SEC say “you’re not doing enough?”

What is ‘enough’?

Are we heading toward yet another audit needed for public companies, similar to SOX?

When does an 8-K get publicly disclosed?

Materiality is based on a “reasonable investor”?

So, you don’t need to announce that until you’re certain, and it’s based on what you can collect? Cyber Risk Management and some good examples of how to set up a proper cyber risk organization

Additional Links:

https://csrc.nist.gov/CSRC/media/Projects/usable-cybersecurity/images-media/Is%20Usable%20Security%20an%20Oxymoron.pdf

http://web.mit.edu/Saltzer/www/publications/protection/Basic.html

https://www.sec.gov/news/press-release/2023-139

https://www.sec.gov/news/statement/munter-statement-assessing-materiality-030922

https://www.pwc.com/us/en/services/consulting/cybersecurity-risk-regulatory/sec-final-cybersecurity-disclosure-rules.html

https://www.nasa.gov/centers/ames/research/technology-onepagers/hc-computing.html

https://securityscorecard.com/blog/what-is-cyber-security-performance-management/

2021-006-Ronnie Watson (@secopsgeek), building a security monitoring system with ELK, and Wazuh - part2

Season 2021 · Episode 6

dimanche 14 février 2021 • Duration 39:21

Ronnie Watson (@secopsgeek)

Youtube: watson infosec - YouTube

watsoninfosec (Watsoninfosec) · GitHub

Feel free to add anything you like

Wazuh - fork of OSSEC (Migrating from OSSEC · Wazuh · The Open Source Security Platform)

GitHub - ossec/ossec-hids: OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

Implementing a Network Security Metrics Programs (giac.org)

What to track.

Some suggested metrics to start with:

Number of Successful Logons – from security audits.
Number of Unsuccessful Logons – from security audits.
Number of Virus Infections during a given period.
Number of incidents reported.
Number of security policy violations during a given period.
Number of policy exceptions during a given period.
Percentage of expired passwords.
Number of guessed passwords – use a password cracker to test passwords.
Number of incidents.
Cost of monitoring during a given period – use your time tracking system if you have one.

6 Essential Security Features for Network Monitoring Solutions (solutionsreview.com)

Metrics of Security (nist.gov)

Security metrics are essential to comprehensive network security and CSA management. Without good metrics, analysts cannot answer many security related questions. Some examples of such questions include “Is our network more secure today than it was before?” or “Have the changes of network configurations improved our security posture?”

The ultimate aim of security metrics is to ensure business continuity (or mission success) and minimize business damage by preventing or minimizing the potential impact of cyber incidents.

DNS over HTTPs DNS over HTTPS - Wikipedia

2021-005-Ronnie Watson (@secopsgeek), building a security monitoring system with ELK, and Wazuh

Season 2021 · Episode 5

mardi 9 février 2021 • Duration 35:43

Ronnie Watson (@secopsgeek)

Youtube: watson infosec - YouTube

watsoninfosec (Watsoninfosec) · GitHub

Wazuh - fork of OSSEC (Migrating from OSSEC · Wazuh · The Open Source Security Platform)

Implementing a Network Security Metrics Programs (giac.org)

What to track.

Some suggested metrics to start with:

Number of Successful Logons – from security audits.
Number of Unsuccessful Logons – from security audits.
Number of Virus Infections during a given period.
Number of incidents reported.
Number of security policy violations during a given period.
Number of policy exceptions during a given period.
Percentage of expired passwords.
Number of guessed passwords – use a password cracker to test passwords.
Number of incidents.
Cost of monitoring during a given period – use your time tracking system if you have one.

6 Essential Security Features for Network Monitoring Solutions (solutionsreview.com)

Metrics of Security (nist.gov)

The ultimate aim of security metrics is to ensure business continuity (or mission success) and minimize business damage by preventing or minimizing the potential impact of cyber incidents.

DNS over HTTPs DNS over HTTPS - Wikipedia

Check out our Store on Teepub! https://brakesec.com/store

Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email [email protected]

#AmazonMusic: https://brakesec.com/amazonmusic

#Spotify: https://brakesec.com/spotifyBDS

#Pandora: https://brakesec.com/pandora

#RSS: https://brakesec.com/BrakesecRSS

#Youtube Channel: http://www.youtube.com/c/BDSPodcast

#iTunes Store Link: https://brakesec.com/BDSiTunes

#Google Play Store: https://brakesec.com/BDS-GooglePlay

Our main site: https://brakesec.com/bdswebsite

#iHeartRadio App: https://brakesec.com/iHeartBrakesec

#SoundCloud: https://brakesec.com/SoundcloudBrakesec

Comments, Questions, Feedback: [email protected]

Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon

https://brakesec.com/BDSPatreon

#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir

#Player.FM : https://brakesec.com/BDS-PlayerFM

#Stitcher Network: https://brakesec.com/BrakeSecStitcher

#TuneIn Radio App: https://brakesec.com/TuneInBrakesec

2021-004-Danny Akacki talks about Mergers and Acquisitions - Part 2

Season 2021 · Episode 4

mercredi 3 février 2021 • Duration 47:45

Discussion on Mergers and acquisitions processes

On being acquired, but also if you’re acquiring a company

Best Practices

Best Practices of Mergers and Acquisitions (workforce.com)

Best Practices In Merger Integration - Institute for Mergers, Acquisitions and Alliances (IMAA) (imaa-institute.org)

The Role of Information Security in a Merger/Acquisition (bankinfosecurity.com)

Security Considerations in the Merger/Acquisition Process (sans.org)

The 10 steps to successful M&A integration | Bain & Company

Savvy Hackers Use Spearphishing to steal Wall Street M&A info (knowbe4.com)

“We’ve been acquired by X!”

First thing people think “oh no, what’s gonna happen to me.”

Check out our Store on Teepub! https://brakesec.com/store

Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email [email protected]

#AmazonMusic: https://brakesec.com/amazonmusic

#Brakesec Store!: https://brakesec.com/teepub

#Spotify: https://brakesec.com/spotifyBDS

#Pandora: https://brakesec.com/pandora

#RSS: https://brakesec.com/BrakesecRSS

#Youtube Channel: http://www.youtube.com/c/BDSPodcast

#iTunes Store Link: https://brakesec.com/BDSiTunes

#Google Play Store: https://brakesec.com/BDS-GooglePlay

Our main site: https://brakesec.com/bdswebsite

#iHeartRadio App: https://brakesec.com/iHeartBrakesec

#SoundCloud: https://brakesec.com/SoundcloudBrakesec

Comments, Questions, Feedback: [email protected]

Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon

https://brakesec.com/BDSPatreon

#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir

#Player.FM : https://brakesec.com/BDS-PlayerFM

#Stitcher Network: https://brakesec.com/BrakeSecStitcher

#TuneIn Radio App: https://brakesec.com/TuneInBrakesec

2021-003- Danny Akacki, open communications, mergers&acquistions

Season 2021 · Episode 3

mardi 26 janvier 2021 • Duration 46:09

Discussion on Mergers and acquisitions processes

On being acquired, but also if you’re acquiring a company

Best Practices

Best Practices of Mergers and Acquisitions (workforce.com)

Best Practices In Merger Integration - Institute for Mergers, Acquisitions and Alliances (IMAA) (imaa-institute.org)

The Role of Information Security in a Merger/Acquisition (bankinfosecurity.com)

Security Considerations in the Merger/Acquisition Process (sans.org)

Women Unite Over CTF 3.0 (ittakesahuman.com)

The 10 steps to successful M&A integration | Bain & Company

Savvy Hackers Use Spearphishing to steal Wall Street M&A info (knowbe4.com)

“We’ve been acquired by X!”

First thing people think “what’s gonna happen to me.”

Check out our Store on Teepub! https://brakesec.com/store

Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email [email protected]

#AmazonMusic: https://brakesec.com/amazonmusic

#Brakesec Store!: https://brakesec.com/teepub

#Spotify: https://brakesec.com/spotifyBDS

#Pandora: https://brakesec.com/pandora

#RSS: https://brakesec.com/BrakesecRSS

#Youtube Channel: http://www.youtube.com/c/BDSPodcast

#iTunes Store Link: https://brakesec.com/BDSiTunes

#Google Play Store: https://brakesec.com/BDS-GooglePlay

Our main site: https://brakesec.com/bdswebsite

#iHeartRadio App: https://brakesec.com/iHeartBrakesec

#SoundCloud: https://brakesec.com/SoundcloudBrakesec

Comments, Questions, Feedback: [email protected]

Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon

https://brakesec.com/BDSPatreon

#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir

#Player.FM : https://brakesec.com/BDS-PlayerFM

#Stitcher Network: https://brakesec.com/BrakeSecStitcher

#TuneIn Radio App: https://brakesec.com/TuneInBrakesec

2021-002-Elastic Search license changes, Secure RPC patching for windows, ironkey traps man's $270 million in Bitcoin

Season 2021 · Episode 2

mardi 19 janvier 2021 • Duration 46:50

Secure RPC issue -

Netlogon Domain Controller Enforcement Mode is enabled by default beginning with the February 9, 2021 Security Update, related to CVE-2020-1472 – Microsoft Security Response Center

How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (microsoft.com)

Netlogon Domain Controller Enforcement Mode is enabled by default beginning with the February 9, 2021 Security Update, related to CVE-2020-1472 – Microsoft Security Response Center

Elastic Search

https://anonymoushash.vmbrasseur.com/2021/01/14/elasticsearch-and-kibana-are-now-business-risks

“There are those who will point to the FAQ for the SSPL and claim that the license isn’t interpreted in that way because the FAQ says so. Unfortunately, when you agree to a license you are agreeing to the text of that license document and not to a FAQ. If the text of that license document is ambiguous, then so are your rights and responsibilities under that license. Should your compliance to that license come before a judge, it’s their interpretation of those rights and responsibilities that will hold sway. This ambiguity puts your organisation at risk.”

Doubling down on open, Part II | Elastic Blog - license change affecting Elastic Search and Kibana

MongoDB did something similar in 2018: mjg59 | Initial thoughts on MongoDB's new Server Side Public License (dreamwidth.org)

Hacker News Discussion: MongoDB switches up its open source license | Hacker News (ycombinator.com)

@vmbrasseur: (1) VM (Vicky) Brasseur on Twitter: "With today's relicensing to #SSPL, Elasticsearch & Kibana are no longer #OpenSource but are instead business risks: https://t.co/XNx2EMLNfH" / Twitter

(1) Adam Jacob on Twitter: "Yeah, come on - how can this be "doubling down on open"? Some true duplicity here. https://t.co/rlJVnLxYwP - we're taking two widely used, widely distributed, widely incorporated open source projects and making them no longer open source. But we're doubling down on open!" / Twitter

[License-review] Approval: Server Side Public License, Version 2 (SSPL v2) (opensource.org)

“We continue to believe that the SSPL complies with the Open Source

Definition and the four essential software freedoms. However, based on its

reception by the members of this list and the greater open source

community, the community consensus required to support OSI approval does

not currently appear to exist regarding the copyleft provision of SSPL.

Thus, in order to be respectful of the time and efforts of the OSI board

and this list’s members, we are hereby withdrawing the SSPL from OSI

consideration.”

(could be ‘open-source’, but negative feedback on mailing lists and elsewhere made the remove it from consideration from OSI)

Open Source license requirements: The Open Source Definition | Open Source Initiative

What does this mean?

If you have products that utilize ElasticSearch/MongoDB/Kibana in some way, talk to your legal teams to find out if you need to divest your org from them. These are not ‘opensource’ licenses… they are ‘source available’

It might not affect your organization and moving to SSPL might be feasible. If your product makes any changes internally to ElasticSearch,

Notable links

JTNYDV - specifically the CIS docker hardening

Twitter: @jtnydv

Bug Detected in Linux Mint Virtual Keyboard by Two Kids - E Hacking News - Latest Hacker News and IT Security News

https://www.bleepingcomputer.com/news/microsoft/microsoft-sysmon-now-detects-malware-process-tampering-attempts/

https://www.coindesk.com/anchorage-becomes-first-occ-approved-national-crypto-bank

https://www.cnn.com/2021/01/15/uk/bitcoin-trash-landfill-gbr-scli-intl/index.html

https://www.techradar.com/news/man-has-two-attempts-left-to-unlock-bitcoin-wallet-worth-dollar270-million

https://www.linkedin.com/posts/amandaberlin_podcast-mentalhealth-neurodiversity-activity-6755910847148691456-Lms5

https://www.linkedin.com/posts/amandaberlin_swag-securitybreach-infosecurity-activity-6755884694501498880-yAck

Check out our Store on Teepub! https://brakesec.com/store

Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email [email protected]

#AmazonMusic: https://brakesec.com/amazonmusic

#Brakesec Store!: https://brakesec.com/teepub

#Spotify: https://brakesec.com/spotifyBDS

#Pandora: https://brakesec.com/pandora

#RSS: https://brakesec.com/BrakesecRSS

#Youtube Channel: http://www.youtube.com/c/BDSPodcast

#iTunes Store Link: https://brakesec.com/BDSiTunes

#Google Play Store: https://brakesec.com/BDS-GooglePlay

Our main site: https://brakesec.com/bdswebsite

#iHeartRadio App: https://brakesec.com/iHeartBrakesec

#SoundCloud: https://brakesec.com/SoundcloudBrakesec

Comments, Questions, Feedback: [email protected]

Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon

https://brakesec.com/BDSPatreon

#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir

#Player.FM : https://brakesec.com/BDS-PlayerFM

#Stitcher Network: https://brakesec.com/BrakeSecStitcher

#TuneIn Radio App: https://brakesec.com/TuneInBrakesec

2021-001-news, youtuber 'dream' doxxed, solarwind passwords bruteforced, malware attacks

Season 2021 · Episode 1

mardi 12 janvier 2021 • Duration 46:57

Dream Doxxed:

Minecraft YouTuber Dream Doxxed Following Speedrun Controversy (screenrant.com)

Def Noodles on Twitter: "STANS TAKING IT TOO FAR: Dream doxed after posting a picture of his kitchen on his 2nd Twitter account. Dream has not published statement about situation yet in his public accounts. https://t.co/QuKpIYRODQ" / Twitter

Osint issues… found him by breadcrumbs and using zillow internal pics of his house. Craziness

Password Guessing Used as a Weapon by SolarWinds Hackers to Breach Targets - E Hacking News - Latest Hacker News and IT Security News

How to Use APIs (explained from scratch) (secjuice.com)

Hackers target cryptocurrency users with new ElectroRAT malware | ZDNet

Cobalt Strike and Metasploit accounted for a quarter of all malware C&C servers in 2020 | ZDNet

Check out our Store on Teepub! https://brakesec.com/store

Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email [email protected]

#AmazonMusic: https://brakesec.com/amazonmusic

#Brakesec Store!: https://brakesec.com/teepub

#Spotify: https://brakesec.com/spotifyBDS

#Pandora: https://brakesec.com/pandora

#RSS: https://brakesec.com/BrakesecRSS

#Youtube Channel: http://www.youtube.com/c/BDSPodcast

#iTunes Store Link: https://brakesec.com/BDSiTunes

#Google Play Store: https://brakesec.com/BDS-GooglePlay

Our main site: https://brakesec.com/bdswebsite

#iHeartRadio App: https://brakesec.com/iHeartBrakesec

#SoundCloud: https://brakesec.com/SoundcloudBrakesec

Comments, Questions, Feedback: [email protected]

Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon

https://brakesec.com/BDSPatreon

#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir

#Player.FM : https://brakesec.com/BDS-PlayerFM

#Stitcher Network: https://brakesec.com/BrakeSecStitcher

#TuneIn Radio App: https://brakesec.com/TuneInBrakesec

2020-046-solarwinds-fireeye-breaches-GE-medical-device-issues-and-2021_predictions

jeudi 17 décembre 2020 • Duration 52:02

End of year podcast

Blumeria sponsorship

NEWS:

IT company SolarWinds says it may have been hit in 'highly sophisticated' hack | Reuters

FireEye hacked: US cybersecurity firm FireEye hit by 'state-sponsored' attack - BBC News

https://krypt3ia.wordpress.com/ - 16 december 2020

Microsoft flexing muscle to shutdown c2: Microsoft unleashes ‘Death Star’ on SolarWinds hackers in extraordinary response to breach - GeekWire

Little-known SolarWinds gets scrutiny over hack, stock sales (apnews.com)

FireEye, GoDaddy,and Microsoft create kill switch for SolarWinds backdoorSecurity Affairs

US Gov has hacked: US government agencies hacked; Russia a possible culprit (apnews.com)

Not mentioned during the podcast: Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor | FireEye Inc

Not trying to spread FUD, but would infiltration by using FOSS tools be easier than Solarwinds?

Time to remove Nano Adblocker and Defender from your browsers (except Firefox) - gHacks Tech News

System oriented programming - Cloud-Sliver (cloud-sliver.com)

Google Cloud (over)Run: How a free trial experiment ended with a $72,000 bill overnight • The Register

G’bye Flash… Adobe releases final Flash Player update, warns of 2021 kill switch (bleepingcomputer.com)

IT workers worried about AI making them obsolete… IT Workers Fear Becoming Obsolete in Cyber Roles - Infosecurity Magazine (infosecurity-magazine.com)

Vulnerabilities Found in Multiple GE Imaging Systems - Infosecurity Magazine (infosecurity-magazine.com)

Qbot malware switched to stealthy new Windows autostart method (bleepingcomputer.com)

https://www.atlasobscura.com/places/encryption-lava-lamps - “The randomness of this wall of lava lamps helps encrypt up to 10 percent of the internet. “

It’s been the year of the business continuity program this year… and how agile yours is.

--thoughts?

Future?

Bryan: Companies that are ‘all in’ on remote work will back track.

Amanda: I think we’ll see way more keep the wfh now that they realize it saves $$

heck out our Store on Teepub! https://brakesec.com/store

Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email [email protected]

#AmazonMusic: https://brakesec.com/amazonmusic

#Brakesec Store!: https://brakesec.com/teepub

#Spotify: https://brakesec.com/spotifyBDS

#Pandora: https://brakesec.com/pandora

#RSS: https://brakesec.com/BrakesecRSS

#Youtube Channel: http://www.youtube.com/c/BDSPodcast