In this episode of Below the Surface, the hosts discuss various cybersecurity topics, including the evolution of malware with a focus on Hybrid Petya, the implications of UEFI vulnerabilities, and the security risks associated with Windows 10's end of life. They also explore the vulnerabilities of Cisco ASA devices, the rise of supply chain attacks exemplified by NPM worms, and the persistent threat of Row Hammer attacks on DDR5 technology. The conversation highlights the significance of visibility in cybersecurity and the necessity for enhanced security practices to counter evolving threats.
Chapters
00:00 Introduction and Podcast Overview
02:55 Hybrid Petya: The New Threat Landscape
06:03 Understanding UEFI and Secure Boot Vulnerabilities
09:00 The Evolution of Ransomware Techniques
11:54 Windows 10 End of Life Concerns
14:56 The Future of Secure Boot and User Responsibility
22:50 The Shift in Consumer Trust Towards Microsoft
25:11 The Rise of Alternatives: Linux and SteamOS
28:41 Security Concerns with Windows 10 and 11
31:57 Exploiting End-of-Life Devices
36:39 The Challenge of Legacy Infrastructure
39:41 VPN Security: Risks and Solutions
45:40 The Dilemma of Compliance and Visibility
50:16 Supply Chain Vulnerabilities and NPM Attacks
55:54 The Rowhammer Attack and Hardware Security
01:03:40 The Need for Visibility and Signatures in Security
