This week David and I talk about how current phishing tests closely resemble early attempts at fire drills, through the Google Security Blog, and then we discuss a Schneier post about what the recent CS failure says about the resiliency of the internet.

Article 1 - On Fire Drills and Phishing Tests

Article 2 - The CrowdStrike Outage and Market-Driven Brittleness

If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!

This week we discuss two articles - One about how the Technology Adoption Cycle applies to companies and how they acquire a new security capability, and a second about how Sysmon isn't a replacement for EDR, mostly due to the time commitment required.

Article 1 - Cybersecurity technology adoption cycle and its implications for startups and security teams

Article 2 - Sysmon: a viable alternative to EDR?
Supporting Articles:
Getting Started with ATT&CK: Detection and Analytics

If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!

This week we discuss the FY23 incidents in the US Government's annual report, and then we discuss Snowflake a bit, and some of the issues around SAAS and Malware Remediation (infostealers steal more than just the work accounts!)

Article 1 - White House report dishes deets on all 11 major government breaches from 2023
Supporting Article:
Microsoft breach led to theft of 60,000 US State Dept emails

Article 2 - Snowflake customers not using MFA are not unique – over 165 of them have been compromised
Supporting Articles:
UNC5537 Targets Snowflake Customer Instances for Data Theft and Extortion
No Snow, No Flakes: Pondering Cloud Security Shared Responsibility, Again!
Mapping Snowflake’s Access Landscape

If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!