Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec Defensive Security Podcast Episode 307
May 27, 2025
The conversation kicks off with a lighthearted vibe as the hosts share personal anecdotes. They dive into a significant Coinbase data breach tied to insider threats, emphasizing the importance of proactive cybersecurity. The challenges of patch management are explored, highlighting the need for adaptive strategies in a rapidly evolving threat landscape. They discuss the cybersecurity risks in mergers and acquisitions and the dangers of inflexible security programs. The episode wraps up with a troubling look at emerging threats, particularly ransomware targeting CPUs.
AI Snips
Chapters
Transcript
Episode notes
Coinbase Insider Breach Anecdote
- An insider breach at Coinbase exposed 70,000 customers' personal data through bribed contractors.
- Coinbase chose not to pay ransom and offered a $20 million bounty for identifying the perpetrators.
Insider Threat Program Advice
- Implement a robust insider threat program with limited access to customer data.
- Monitor and restrict support agents' ability to view unrelated customer records and keep audit trails.
Complexities of Patch Management
- Patching every vulnerability uniformly is impractical; focus varies between components and criticality.
- Successful attacks haven't decreased solely due to patching; threats evolve and adapt to defenses.