Risky Business #611 -- MalwareBytes the latest "Holiday Bear" victim
Risky Business - A podcast by Patrick Gray - Miercuri
Categories:
On this week’s show Dmitri Alperovitch, Sherrod DeGrippo and Joe Slowik join host Patrick Gray to talk through the week’s news: MalwareBytes the latest victim in the increasingly poorly-named “SolarWinds campaign” FireEye issues helpful guidance, tools, to help orgs detect “golden SAML” and related techniques Rob Joyce, Anne Neuberger, Michael Sulmeyer all get promoted! Wooo! Much, much more This week’s show is brought to you by Airlock Digital. They make what we’re calling an execution control platform. Its central feature is easy-to-use and hard-to-bypass allowlisting. It’s a bunch of sensible and useable controls packaged up into a 7Mb. It slices, it dices, it slays lolbins and user powershell rights, and it comes in a beautiful suede pouch! It’s the endpoint protection you get when it’s built by practitioners in concert with people who actually understand windows internals. That’s right! Patrick is drinking the Kool-Aid on this one! Airlock founders Dave Cottingham and Daniel Schell join in this week’s sponsor interview to talk through allow-listings second wave of popularity. Links to everything are below!