Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On the podcast: DORA compliance just doesn't work as a tick-box exercise, it needs a whole new mindset.

In this episode of The Connectivity Cloud Podcast with Cloudflare, host Mark Dembo is joined by Olivier Busolini, Group Head of Information Security at Mashreq, to explore how cybersecurity leadership has transformed from a purely technical function to a strategic business partnership.

In this TechMonitor vodcast, brought to you in partnership with Tanium and endpointX, we dive into the evolving world of autonomous endpoint management (AEM). Join Dan Jones (Senior Security Advisor, EMEA at Tanium) and Dan Stead (Director at endpointX) as they explore: Whether you're in the public or private sector, this conversation offers valuable insights into how to secure and streamline your enterprise with modern tools.

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

When a single identity is linked to multiple accounts across your environment, visibility gaps can occur, opening opportunities for attackers to exploit. This risk is especially high for executives and privileged users with access to your most sensitive data. In this clip, our expert Tyler Reese explains why identity correlation is essential for proactive threat detection and ITDR. Learn how identity mapping and account cataloging enhance SOC visibility and help prevent cross-account attacks.

This week’s briefing covers: Critical Sudo Vulnerability Allows Priv Esc to Root The flaw arises from unsafe handling of the --chroot (-R) option, where sudo processes user-provided configurations (including nsswitch.conf) from within the chroot environment before validating user privileges. This allows a local attacker to construct a malicious chroot with crafted NSS configuration that forces sudo to load attacker-controlled shared libraries as root, effectively bypassing authentication.