tj-actions Lessons Learned, US Cyber Offense, this week's enterprise security news - Dimitri Stiliadis - ESW #417

Interview Segment - Lessons Learned from the tj-actions GitHub Action Supply Chain Attack with Dimitri Stiliadis

Breach analysis is one of my favorite topics to dive into and I’m thrilled Dimitri is joining us today to reveal some of the insights he’s pulled out of this GitHub Actions incident. It isn’t an overstatement to say that some of the lessons to be learned from this incident represent fundamental changes to how we architect development environments.

Why are we talking about it now, 4 months after it occurred? In the case of the Equifax breach, the most useful details about the breach didn’t get released to the public until 18 months after the incident. It takes time for details to come out, but in my experience, the learning opportunities are worth the wait.

Topic Segment - Should the US Go on the Cyber Offensive?

Triggered by an op-ed from Dave Kennedy, the discussion of whether the US should launch more visible offensive cyber operations starts up again. There are a lot of factors and nuances to discuss here, and a lot of us have opinions here. We'll see if we can do any of it justice in 15 minutes.

News Segment

Finally, in the enterprise security news,

1. We discuss the latest fundings
2. a few acquisitions
3. a vibe coding campfire story
4. how to hack AI agents
5. zero-days in AI coding apps
6. more AI zero days
7. why Ivanti vulns are still alive and well in Japan
8. how wiper commands made their way into Amazon’s AI coding agent
9. it seems like vulnerabilities and AI are pairing up in this week’s news stories!

All that and more, on this episode of Enterprise Security Weekly.

Show Notes: https://securityweekly.com/esw-417