This episode of Storm Watch begins with introductions of the hosts - Bob, Emily (Censys), Glenn, Remy, and guest Jake Baines (VulnCheck).
The hosts discuss two ransomware groups being taken down - the Ukrainian Cyber Alliance taking down Trigona, and RagnarLocker ceasing operations. However, they note ransomware attacks often continue in new forms. The increase in Bitcoin value is also concerning, as it tends to correlate with more ransomware attacks.
A significant portion of the podcast focuses on the vulnerabilities in Cisco routers and Citrix systems. The hosts explain the vulnerabilities, provide background, and detail the work done by their teams to analyze the issues. They are critical of Cisco's disclosure and patching process.
The hosts discuss the recent Okta breach, criticizing their response time and communication process. They explain how the breach occurred via access to support systems, and compromised session tokens and HAR files. The hosts emphasize the sensitivity of HAR files.
Other topics covered include:
The hosts close out with recommendations for tabletop incident response exercises, favorite Halloween candies, and a plea for better security awareness and coordination across the industry.