Two Guys and an Opinion

It's our first podcast! Woot! This episode's ramblings cover our opinions on the last day of Trump, company culture regarding cybersecurity, the Solarwinds incident, ransomware, risk, phishing and other matters!

Just when you thought you'd heard enough about GDPR - it's back! And there's now two of them! Who knew? Also in this episode we introduce you to a new drinking game and a shocking development in the war against ransomware.

Now you may be forgiven for thinking that this episode is a montage of 3 or 4 of our previous podcasts... but alas, no...
We do however visit some old friends like SolarWinds, Travelex and HAFNIUM as they all become topical again following the US/UK sanctions imposed on Russia this week.
Of course Russia, 'does not conduct offensive operations in the cyber domain', but we unpick what is being reported anyway, and again arrive at two indubitable facts of cyber-readiness.....

In a shocking turn of events, Richard gets triggered regarding the seemingly inexorable rise and rise of Ransomware attacks on organisations big and small.
Vlad stays uncharacteristically calm!
We discuss the facts and figures of cyber breaches during 2020 and also attempt to fix the whole sorry problem with a few off-piste thought experiments...

In this episode we study in detail, (apologies, Richard rambled!), the shocking story of the demise of Travelex due in no small part to a highly successful ransomware attack. We cover just how avoidable these incidents are by dealing with those pesky vulnerabilities! And the drinking word this week sounds like you're already half-cut when you say it....
Show Notes:

1. Apple - iOS and iPadOS 14.4. - iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and the 7th generation iPod touch. Apple also issued security updates for one of the vulnerabilities across a range of its other offerings, including Apple Watch (watchOS 7.3) and Apple TVs (tvOS 14.4).

• CVE-2021-1782. Attackers could use the application to gain additional privileges in the device’s operating system, which would allow them to wreak all kinds of havoc.
• CVE-2021-1871 and CVE-2021-1870, reside in the WebKit component, Apple’s open-source web browser engine used by the Safari browser, could be exploited by a remote attacker and allow them to execute arbitrary code. Flaws could be exploited by “by persuading a victim to visit a specially crafted Web site.”

1. SolarWinds - Three new vulnerabilities in SolarWinds products. The vulnerabilities, which have been already been patched, included a remote code execution flaw in Orion that required only network access. That flaw allows hackers to use an improperly installed Microsoft Messaging Queue to send commands for a server to execute.
2. Linux sudo privilege escalation heap overflow vulnerability - CVE-2021-3156 - A successful exploitation allows any unprivileged user to escalate its privileges to root on the vulnerable host. Since it’s a privilege escalation vulnerability, it requires access to a local user on the vulnerable host in order to actually exploit it.

The vulnerability affects all the following sudo versions:

• All legacy versions from 1.8.2 to 1.8.31p2
• All stable versions from 1.9.0 to 1.9.5p1