The TWiET crew delves into botnets, securing hybrid work environments, the future of DNS architecture, and more.

News Blips:

• Researchers uncover sophisticated IoT botnet named "K- Botnet" targeting US entities; linked to Chinese state-aligned hackers
• AI startup Vanta (a TWiT.tv Sponsor) launches AI suite to automate repetitive security and compliance tasks
• DARPA funds revolutionary laser-based aerial energy delivery system for military operations
• Networking company Cradlepoint acquires SASE vendor ERA to provide a potential combined 5G and zero-trust networking solution

DNS Deep Drive Part 3 with DNS Expert Josh Kuo and Principal Solutions Architect of Infoblox Ross Gibson

• Internal vs external DNS; differences in intended audience and integration
• Decoupling DNS services from domain controllers for stability
• Namespace planning tips; use owned domains, avoid random internal TLDs
• Encrypted DNS tradeoffs; privacy vs. visibility for security teams
• DNS security options like RPZ for control over internal resolution
• Future DNS role predictions like firewall integration and threat intel protections

The episode concludes with the announcement that the long-running show will be coming to an end after 12 years of enterprise content.

Hosts: Louis Maresca, Brian Chee, and Curtis Franklin

Guests: Josh Kuo, Ross Gibson, and Leo Laporte

Help support TWiT by joining Club TWiT at https://twit.tv/clubtwit

Sponsors:

• GO.ACILEARNING.COM/TWIT
• vanta.com/ENTERPRISE
• Miro.com/podcast

• Proxy trojan targets macOS users for traffic redirection
• Indoor navigation has had a slow start
• Krasue RAT uses cross-kernel Linux rootkit to attack telecoms
• U.S. approves first gene-editing treatment, Casgevy, for sickle cell disease
• The DNS Deep-Drive continues with guests Josh Kuo, DNS expert, and Ross Gibson, Principal Solutions Architect of Infoblox, to talk about external authoritative DNS - whether enterprises should fully manage their own external DNS or use managed services, threats like domain hijacking, using load balancers, and more.

Hosts: Curtis Franklin and Brian Chee

Guests: Josh Kuo and Ross Gibson

Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

Sponsors:

• canary.tools/twit - use code: TWIT
• lookout.com
• vanta.com/ENTERPRISE

• Hackers Can Easily Extract ChatGPT Training Data
• Cheebert's prediction about VDI just came true
• Big Tech jobs are not as immune to layoffs as we thought
• Siemens PLCs are Still Vulnerable to Stuxnet-like Cyberattacks
• Josh Kuo, DNS Expert and Ross Gibson, Principal Solutions Architect of Infoblox join Brian Chee and Curt Franklin for part 1 of a 3 part in-depth primer on enterprise DNS, from the basics of DNS lookup, key considerations like security and encryption, and why run your own DNS versus other free alternatives?

Hosts: Brian Chee and Curtis Franklin

Guests: Josh Kuo and Ross Gibson

Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

Sponsors:

• kolide.com/twiet
• bitwarden.com/twit
• GO.ACILEARNING.COM/TWIT

• Ransomware group reports a victim company to the SEC for failing to promptly disclose a breach.
• Shadowy hack-for-hire group behind sprawling web of global cyberattacks
• Electrical arc detection devices that can prevent dangerous home fires caused by faulty wiring.
• The worst passwords of 2023
• The NIS2 Directive: The first piece of EU-wide legislation on cybersecurity
• Jenna Bilotta of LaunchDarkly joins to discuss transforming DevOps tools with better user experiences.

Hosts: Louis Maresca, Brian Chee, and Curtis Franklin

Guest: Jenna Bilotta

Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

Sponsors:

• Miro.com/podcast
• lookout.com
• nureva.com/twit

• CISA Alerts: High-Severity SLP Vulnerability currently being exploited.
• ChatGPT outages attributed to DDoS activity.
• Gen Z and Millennial employees are a bigger cybersecurity risk than older employees.
• Security firm finds highly invasive malware hidden in software developer tools.
• Strategies for bridging the cybersecurity skills gap.
• Mike Star, CEO and founder of trackd talks about managing patches and how the community can help preventing disruption from bad updates.

Hosts: Louis Maresca, Brian Chee, and Curtis Franklin

Guest: Mike Star

Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

Sponsors:

• GO.ACILEARNING.COM/TWIT
• paloaltonetworks.com/ot-security-tco
• canary.tools/twit - use code: TWIT

• Okta customer data exposed in support breach impacting 134 companies.
• Biden requests $3.1B more for FCC's "rip-and-replace" program to remove insecure equipment from federal networks, targeting Huawei and ZTE equipment.
• Kaspersky finds Android spyware targeting WhatsApp users, reusing malware from Telegram cyber attacks.
• U.S. Immigration and Customs Enforcement agency is using AI to scan social media for derogatory content before approving visas. Brian warns about oversharing online.
• President Biden signs executive order governing federal agency use of AI, requiring non-discrimination, privacy, security, and responsible testing. The hosts debate if AI needs unique regulation.
• Chris Heard, CEO of Olive Technologies talks about how businesses can properly evaluate the total cost of ownership when looking for the right software solutions.

Hosts: Louis Maresca, Brian Chee, and Curtis Franklin

Guest: Chris Heard

Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

Sponsors:

• nureva.com/twit
• bitwarden.com/twit
• paloaltonetworks.com/ot-security-tco

• iLeakage gives hackers access passwords and sensitive data on iOS and macOS browsers.
• 0ktapus is "one of the world's most dangerous financial criminal groups" says Microsoft.
• Apple backs national right-to-repair bill.
• Pro-Russia hackers exploiting 0-day in Roundcube webmail software.
• 9 innovative ways to boost security hygiene for Cyber Awareness Month
• Josh Kuo, Senior Educator and SME in Cyber Security of Infoblox talks about why we need Punycode and how DNS can be a security solution for malicious Punycode.

Hosts: Louis Maresca, Brian Chee, and Curtis Franklin

Guest: Josh Kuo

Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

Sponsors:

• lookout.com
• kolide.com/twiet
• Miro.com/podcast

• NSA, FBI expose Russian intelligence hacking tool
• MFA might not be enough to thwart the latest BECs
• By hook or by Kr00k, hackers are coming for your IoT
• The real story on Intel's 7nm Processors
• The Race to Hack a Satellite at DEF CON
• The TWiET gang have a roundtable discussion with Perry Correll of Extreme Networks about the benefits and downsides of Wi-Fi 6 and Wi-Fi 6e

Hosts: Louis Maresca, Curt Franklin, and Heather "Mo" Williams

Guest: Perry Correll

Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech.

Sponsors:

• ZipRecruiter.com/twiet
• expressvpn.com/enterprise
• Melissa.com/twit