Blumira Briefings
Blumira Briefings
Podcast Description
Staying on top of security news shouldn't be another full-time job.Enter Blumira Briefings, our weekly panel series where security experts break down the headlines you might have missed, and explain what they actually mean for your security practice! 🔒Each week, join a lineup of different Blumira experts (and sometimes special guests!) who will:Share the top threats, suspects, and risks we're seeing across our detection and response platformDiscuss significant security stories and what they mean for YOUProvide practical advice you can actually implement right away••Keep it conversational, informative, and under 30 minutes
Podcast Insights
Content Themes
The show focuses on critical security issues, trending threats, and risk analysis, with episodes discussing topics such as major vulnerabilities in software, breach incidents involving well-known companies, and analysis of specific security tools and methods. For example, the latest episode covers new flaws in VMware Tools and CrushFTP, CheckPoint's breach confirmation, and the rise of ransomware techniques like BlackSuit.
Staying on top of security news shouldn’t be another full-time job.
Enter Blumira Briefings, our weekly panel series where security experts break down the headlines you might have missed, and explain what they actually mean for your security practice! 🔒
Each week, join a lineup of different Blumira experts (and sometimes special guests!) who will:
- Share the top threats, suspects, and risks we’re seeing across our detection and response platform
- Discuss significant security stories and what they mean for YOU
- Provide practical advice you can actually implement right away
••Keep it conversational, informative, and under 30 minutes
🔐 Welcome to Blumira Briefings! This week, Zoe is joined by Chris Furner and Mike Toole to download the latest on critical vulnerabilities and emerging threats you need to know about. 🔐
What We Cover This Week:
🐳 Critical Docker Desktop vulnerability would allow attacks on host through unauthenticated Engine API access
🔑 Git code execution vulnerability added to CISA's Known Exploited Vulnerabilities catalog
🌐 High-severity vulnerabilities patched in Chrome and Firefox browsers (yes, V8 JS Engine again…)
🔒 Attackers using legit office.com links with ADFS redirects to phish
🤖 AI agent security in 2025: non-human identities now outnumber humans 82:1, so… what's your plan?
🚨 Whistleblower reports Social Security database exposure affecting 300+ million Americans
💡 Quick tip of the week: Treat containers as applications running on your machine and scan them before execution, and check container images for vulnerabilities before running them on your system.
Expert Insights On:
- Container security best practices beyond built-in controls
- Preventing developers from cloning risky Git repositories
- How to start keeping count of non-human identities in your environment
- Evaluating when legacy systems might have better modern alternatives
📰 SOURCES:
Docker Desktop Vulnerability: https://www.bleepingcomputer.com/news/security/critical-docker-desktop-flaw-lets-attackers-hijack-windows-hosts/
CISA Git Vulnerability Alert: https://www.bleepingcomputer.com/news/security/cisa-warns-of-actively-exploited-git-code-execution-flaw/
Chrome/Firefox Patches: https://www.securityweek.com/high-severity-vulnerabilities-patched-in-chrome-firefox/
Microsoft ADFS Phishing: http://bleepingcomputer.com/news/security/hackers-steal-microsoft-logins-using-legitimate-adfs-redirects/
AI Identity Management: https://www.darkreading.com/cybersecurity-operations/growing-challenge-ai-agent-nhi-management
Social Security Whistleblower: https://whistleblower.org/press-release/whistleblower-warns-of-possible-risks-to-americans-social-security-information/
🔍 LINKS:
How to freeze your credit (Krebs on Security): https://krebsonsecurity.com/2018/09/credit-freezes-are-free-let-the-ice-age-begin/
OWASP Agentic AI Threats & Mitigations: https://genai.owasp.org/resource/agentic-ai-threats-and-mitigations/
Disclaimer
This podcast’s information is provided for general reference and was obtained from publicly accessible sources. The Podcast Collaborative neither produces nor verifies the content, accuracy, or suitability of this podcast. Views and opinions belong solely to the podcast creators and guests.
For a complete disclaimer, please see our Full Disclaimer on the archive page. The Podcast Collaborative bears no responsibility for the podcast’s themes, language, or overall content. Listener discretion is advised. Read our Terms of Use and Privacy Policy for more details.