Paul's Security Weekly (Audio) Live from ZTW - PSW #862
Feb 20, 2025
The discussion kicks off with excitement around the return of in-person conferences and insights from Zero Trust World. Listeners learn about current cybersecurity threats and the significance of Managed Service Providers. Humorous anecdotes about aging tech and personal experiences keep it lively. There's a deep dive into firmware security vulnerabilities and the challenges of timely updates. Plus, the exploration of access risks associated with AI tools offers a thought-provoking look at evolving security needs.
AI Snips
Chapters
Transcript
Episode notes
Zero Trust World Focus
- Zero Trust World conference focuses more on manageable vendor interactions and MSP support than large enterprise discussions.
- It emphasizes securing IT basics before detecting threats, especially for SMBs and MSPs.
Default Deny Beats Zero Trust
- Many vendors struggle to define Zero Trust clearly, often defaulting to product pitches.
- "Default deny" is a clearer, more practical alternative concept to Zero Trust.
North Korean Laptop Farm Scam
- A woman ran a North Korean laptop farm using stolen identities for remote work, laundering about $17M.
- North Koreans gained employment at major US companies unknowingly, exposing serious identity verification gaps.