Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Adam Dudley, Nucleus VP of Strategy and Alliances, provides some background on the Common Vulnerability Scoring System (CVSS) version 4.0 in this Nucleus conversation. He discusses the improvements made in the new version, the evolving role of CVSS in vulnerability management, the limitations practitioners face, and the future of scoring systems in the context of emerging technologies like AI. The conversation emphasizes the importance of context and quality inputs in effectively utilizing CVSS for risk assessment.

Richard Bejtlich sits down with Vince Stoffer, Corelight's Field CTO, to dive into the recent wave of cyberattacks attributed to Chinese threat actors, known as "Typhoon" groups. Vince unpacks the distinctions between "Volt Typhoon," targeting critical infrastructure sectors such as energy and transportation, and "Salt Typhoon," which is infiltrating telecommunications networks for espionage. The conversation explores the evolving tactics, techniques, and procedures (TTPs) used by these groups, including their exploitation of zero-day vulnerabilities and outdated infrastructure.

his week on the podcast, we have our resident ransomware expert, Ryan Estes, on to give an update on the latest in the ransomware ecosystem. We cover a few recent changes to operators, extortion techniques, and business impact from ransomware attacks in recent months.

Datadog Detect is a virtual mini-conference dedicated to helping security teams modernize detection and response by applying engineering best practices. Hear talks from industry experts, including security researchers and engineers at Datadog, Red Canary, and Corelight to learn about building scalable, effective security operations.

In their talk, Katie Nickels (Sr. Director of Intelligence Operations) and Jesse Griggs (Sr. Threat Researcher) from Red Canary show you how to adapt an endpoint detection mindset to the cloud, specifically focusing on pre-impact TTPs and building robust cloud detections.

Kubernetes is powerful — but let’s be honest, managing access and identities across users, clusters, kubectl sessions, RBAC rules, CI/CD pipelines, and AI agents can feel like wandering through a corn maze in the dark. Static kubeconfigs, sprawling IAM roles, and long-lived credentials are the cobwebs and skeletons cluttering your path to secure, scalable infrastructure.

Is your VMware environment secure? A sophisticated backdoor called BRICKSTORM, used by espionage actor UNC5221, could be hiding in your vCenter backups right now. Restoring from a compromised snapshot means letting the attackers right back in. But what if your backups could be your best defense? In our new 4-minute demo, we walk through the exact steps to: Proactively hunt for BRICKSTORM within your backups using YARA rules. Instantly quarantine infected snapshots to stop the threat from spreading. Identify a guaranteed 'Gold Copy' for a fast, safe, clean-room recovery.