Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On this week's episode, we cover the latest in car hacking, this time involving a vulnerability that could have given remote attackers full control over certain Hyundai models' doors, lights and engine. After that, we discuss the latest breach impacting a major password management app and how it's different from previous ones we've seen. We end with a discussion on the latest 'custom security solution' vendor selling spyware tools for profit.

About TrustCloud: Our mission is to make it effortless to earn trust in every business relationship. TrustCloud's Trust Assurance platform democratizes every company's ability to quickly and cost-effectively set up, test and get audited for security and compliance certifications, automatically respond to security questionnaires, and confidently share its compliance program with enterprise customers.

This video shows you how to use Python and Bytesafe to install secure packages.

State of Arizona and Arctic Wolf leaders share approaches to balancing cybersecurity compliance with multiple operational frameworks.

FirstBank CISO Brenden Smith and David Kruse, Arctic Wolf’s Tetra Defense executive, discuss strategies to improve cyber readiness — and meet increasingly stringent cyber insurance requirements.

Synovus CISO Kevin Gowen and Arctic Wolf CTO Christopher Fielder discuss tactical and strategic actions to ensure security operating practices remain nimble.

Email attachments have size limitations and aren’t a secure way to share content. Replace those attachments with Egnyte’s file, folder or upload links instead.

This video shows you how to use Python and Bytesafe to install secure packages.

With every hardcoded secret, the software supply chain attack surface grows larger, opening more avenues for the resourceful attacker. Remember Codecov? It all started with a hardcoded secret, ultimately leading to the downstream poisoning of 20,000+ CI pipelines and the exfiltration of more secrets than attackers could ever dream of. It’s time for us, developers and security pros, to take a hard look at our hardcoded secrets – or else, we accept living with the risks and consequences of secrets sprawl.