Talkin’ About Infosec News – 4/6/2022

ORIGINALLY AIRED ON APRIL 4, 2022 Articles discussed in this episode: 00:00 – PreShow Banter™ — Blame it on the Intern 06:24 – Spring Time for Java – https://www.darkreading.com/application-security/zero-day-vulnerability-discovered-in-java-spring-framework 09:10 – GitLab for Account Access – https://www.bleepingcomputer.com/news/security/critical-gitlab-vulnerability-lets-attackers-take-over-accounts/ 10:33 – No Passwords for Okta – https://www.bleepingcomputer.com/news/security/sitel-on-okta-breach-spreadsheet-did-not-contain-passwords/ 11:11 – Legacy Networks for Okta – https://therecord.media/sitel-blames-okta-breach-on-legacy-network-from-acquisition/ 12:40 – Lawsuit for Ubiquity – https://arstechnica.com/tech-policy/2022/03/ubiquiti-sues-journalist-alleging-defamation-in-coverage-of-data-breach/ 17:01 – MITRE AT&T&CK for EDMs 21:17 – Breach for Mailchimp – https://www.bleepingcomputer.com/news/security/hackers-breach-mailchimps-internal-tools-to-target-crypto-customers/ 30:54 – 15 Characters for John – https://blog.pcisecuritystandards.org/pci-dss-v4-0-a-conversation-with-the-council 40:17 – Data Requests for Apple – https://www.macrumors.com/2022/03/30/apple-user-data-forged-legal-requests/ 46:52 – Drones for Ukraine – https://www.forbes.com/sites/davidhambling/2022/03/08/how-small-drones-could-win-the-fight-in-ukraines-cities-and-the-truth-about-that-anti-drone-pickle-jar-story We are self-publishing free Infosec Zines called PROMPT#. PROMPT# will contain:  Infosec articles  Challenging puzzles  Comic book based on real-life hacking adventures  Coloring contests  Bonus Backdoors & Breaches Consultant ...