Episode 108: The Biggest Security Vulnerability of All Time

Log4Shell, a vulnerability in the Java application logging framework Log4J has been called the worst security vulnerability ever. Is that just the usual hype, though? Or why haven't we seen the forecast large scale exploitation of this bug? Is there something more sinister at play here?
Full show notes >

Episode 83: The Conspiracy Theorists Get It Right Again

Pegasus isn't new. Anyone in the field has known about NSO Group's spyware and its use against politicians, activists and journalists for half a decade. What's worth discussing, though, is how the topic has been ignored for so long. Both by the press and by iPhone maker Apple.
Full show notes >

Episode 62: Exchange Hell

After talking about a hack that was caused by Microsoft's cloud email service last week, we now look at the next infosec disaster in recent months: How Microsoft stood by as hundreds of thousands of their customers' on-premise Exchange mail servers got breached and totally owned.
Full show notes >

Episode 61: The Most Sophisticated Attack

Analysing the SolarWinds hacker attack, which has been called the largest data breach the world has ever seen. Was it actually that bad? I'm trying to put it in perspective and discuss some aspects that have been neglected by much of the mainstream coverage.
Full show notes >

Episode 60: Cyber War

What is cyber war? Who engages in it, what consequences does it have? What's the difference to everyday hacker attacks? And does it actually exist?
Full show notes >