Defensive Security Podcast Episode 294

In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including a hidden backdoor in Juniper routers, PayPal’s recent data breach settlement, the exploitation of older Ivanti bugs, the PowerSchool data breach affecting millions, and CISA’s new software security recommendations. The conversation emphasizes the importance of proactive security measures and the evolving landscape of cybersecurity threats.

If you find this podcast useful, please consider supporting us here: https://www.patreon.com/defensivesec

Takeaways

• The hidden backdoor in Juniper routers raises concerns about network security.
• PayPal’s settlement highlights the need for better data protection practices.
• Older vulnerabilities in Ivanti products continue to be exploited, stressing the importance of timely patching.
• The PowerSchool data breach underscores the risks of inadequate credential protection.
• CISA’s recommendations aim to improve software security across critical infrastructure.

Links:

• https://www.theregister.com/2025/01/25/mysterious_backdoor_juniper_routers/
• https://www.bleepingcomputer.com/news/security/paypal-to-pay-2-million-settlement-over-2022-data-breach/
• https://www.bleepingcomputer.com/news/security/cisa-hackers-still-exploiting-older-ivanti-bugs-to-breach-networks/
• https://www.securityweek.com/millions-impacted-by-powerschool-data-breach/
• https://www.securityweek.com/cisa-fbi-update-software-security-recommendations/