Welcome to your weekend cybersecurity digest! Here's everything you need to know from this week's CyberHub Podcast shows, organized by category for easy scanning.
Excellent comprehensive digest James. The coordinated firewall/VPN targeting across Cisco, Palo Alto, and Fortinet is really telling, attackers are clearly going after market share rather than specific CVEs. Your actionable list at the end is gold, particularly the Fortinet SSL VPN hardening steps and auto-ban on brute force IPs. The shift from steal-then-encrypt to steal-dont-encrypt data blackmail is exactly what Im seeing too, especially in the Salesforce ecosytem where OAuth sprawl creates so many attack vectors. The identity focus is spot on, we really need to treat VPN portals and developer pipelines as tier zero assets now.
Excellent comprehensive digest James. The coordinated firewall/VPN targeting across Cisco, Palo Alto, and Fortinet is really telling, attackers are clearly going after market share rather than specific CVEs. Your actionable list at the end is gold, particularly the Fortinet SSL VPN hardening steps and auto-ban on brute force IPs. The shift from steal-then-encrypt to steal-dont-encrypt data blackmail is exactly what Im seeing too, especially in the Salesforce ecosytem where OAuth sprawl creates so many attack vectors. The identity focus is spot on, we really need to treat VPN portals and developer pipelines as tier zero assets now.
Perfectly stated!