2.5 Admins

The discussion kicks off with vulnerabilities in outdated SSH implementations, sparking debate about secure protocols. A staggering incident reveals how a weak RSA key enabled control of a massive virtual power plant. The hosts delve into the intricacies of file synchronization tools and advocate for strong encryption practices. They also explore self-hosted photo management solutions, emphasizing the importance of backups and data control in the cloud. Tune in for insights on enhancing security and navigating modern tech challenges!

Discover how to exploit a Windows security flaw that reverts systems to outdated versions. Delve into a critical IPv6 vulnerability with a high CVSS score and the challenges of inadequate mitigation guidance from Microsoft. Explore alarming CPU vulnerabilities in AMD and Intel chips, including the sync close bug and damaging firmware issues. Learn about the complexities of using Samba on Linux within Active Directory, with practical insights on managing file permissions and access controls.

A serious vulnerability exposes over 200 device models, raising alarms about Secure Boot security. Amazon is fervently pushing to monetize Alexa after losing substantial funds since its launch. Listeners receive valuable tips on how to evaluate open-source software on GitHub, ensuring safe usage. The conversation also emphasizes the importance of using trusted Linux distribution repositories over direct installs, enhancing software management and security.

Jake Williams, a cybersecurity expert renowned for his insights on ransomware, dives into the chaos sparked by a faulty CrowdStrike update that left Windows users in a blue screen frenzy. He shares the hilariously awkward ESXi vulnerability that ransomware gangs are eagerly exploiting. The conversation also touches on the complexities of memory management and the challenges of kernel vulnerabilities. Plus, Jake provides actionable advice on optimizing storage performance with SAS drives and PCIe cards, ensuring your system runs smoother.

Discover how a Bitcoin mine affects a Texas town's health, debate on paying for Windows 10 extended support, and learn about managing router redundancy for better network stability.

A widely-used login system is still using MD5 which is bad news, miscreants took over some domains when they moved from Google to Squarespace, Linksys’ sloppy app isn’t a huge problem but is a bad sign, and why backing up an Android phone in one go is pretty much impossible without root.   Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes   News New Blast-RADIUS attack breaks 30-year-old protocol used in networks everywhere Squarespace migration linked to DNS hijacking, claims report Linksys Velop routers send Wi-Fi passwords in plaintext to US servers   Free Consulting We were asked about backing up Android phones.       Automox Check out the brand new Autonomous IT podcast. Listen in as a variety of experts in the IT Operations space discuss the latest Patch Tuesday releases, mitigation tips, and custom automations to help with CVE remediations. Listen now on Spotify, Apple, or wherever you get your podcasts.             See our contact page for ways to get in touch.  

Topics include new UK smart devices law for security, learning ZFS, SMB vs other file sharing methods, and backing up secrets. They explore cost-efficient solutions for off-site data backup and discuss OnePassword Extended Access Management for enhanced security.

Topics in this podcast include Microsoft's failed underwater data center experiment, warnings about compromised WordPress plugins, an Australian ISP's data breach, and tips for remoting into desktop Linux for optimal performance.

Vulnerabilities in Asus hardware make us think there should be some regulations about what can be sold as a router, a VPN feature that we hadn’t heard of is removed from Windows, and why we don’t believe that Microsoft will ever take security as seriously as they claim.   Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes   News/discussion High-severity vulnerabilities affect a wide range of Asus router models Dear Asus router user: You’ve been pwned, thanks to easily exploited flaw Microsoft to remove DirectAccess from Windows, recommends switching to Always On VPN Microsoft fixes hack-me-via-Wi-Fi Windows security hole CVE-2024-30078 Microsoft in damage-control mode, says it will prioritize security over AI Pluralistic: Microsoft pinky swears that THIS TIME they’ll make security a priority             Tailscale Tailscale is an easy to deploy, zero-config, no-fuss VPN that allows you to build simple networks across complex infrastructure. Go to tailscale.com/25a and try Tailscale out for free for up to 100 devices and 3 users, with no credit card required.   Automox Check out the brand new Autonomous IT podcast. Listen in as a variety of experts in the IT Operations space discuss the latest Patch Tuesday releases, mitigation tips, and custom automations to help with CVE remediations. Listen now on Spotify, Apple, or wherever you get your podcasts.             See our contact page for ways to get in touch.  

In this special episode, Jim and Allan offer free consulting on hard drive availability, USB-C durability, ZFS performance on VPS, cold storage with 2.5" form factor, gaining knowledge, disk enclosure issues, and monitoring Windows servers. They touch on topics like data backup strategies, access control with Tailscale, risks of NVMe SSD enclosures, and setting alerts for Windows Server CPU temperature.