We’re joined by Nir Ohfeld of Wiz. Nir helped discover the recent CHAOS DB flaw in Azure COSMOS DB, the flagship database for Microsoft’s Azure cloud platform.
Vulnerabilities
DEF CON: Security Holes in Deere, Case IH Shine Spotlight on Agriculture Cyber Risk
A demonstration at DEF CON of glaring flaws in software by agricultural equipment giants John Deere and Case IH raise the specter of remote, software-based attacks that could cripple farms and impact US food production.
Dispute Over Data Leak Highlights Legal Risks for UK Researchers
An expensive, months-long legal tussle between a UK engineer and a healthcare non-profit is spurring calls for reform to the country’s 30 year-old Computer Misuse Act, which Dyke and others contend criminalizes the work of ‘Good Samaritan’ security researchers acting in the public interest.
Deere John: Researcher Warns Ag Giant’s Site Provides a Map to Customers, Equipment
Software vulnerabilities in web sites operated by John Deere could allow a remote attacker to harvest information on the company’s customers including their names, physical addresses and the equipment they own. The revelation suggests the U.S. agriculture sector is woefully unprepared for disruptive cyber attacks, experts warn.
Episode 210: Moving The Goal Posts On Vendor Transparency: A Conversation With Intel’s Suzy Greenberg
In this episode of the podcast, Paul speaks with Intel Vice President Suzy Greenberg about a new survey by the Poneman Institute that shows how customers’ expectations are changing when it comes to vendor transparency about software vulnerabilities.
