Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec Defensive Security Podcast Episode 318
Aug 26, 2025
This installment dives into the latest cybersecurity threats, including a downgrade attack that circumvents FIDO authentication in Microsoft Entra ID. There's a deep exploration of vulnerabilities in Docker Hub and the rising danger of ransomware such as Charon. The concept of vibe coding is introduced, discussing how AI can assist novice coders while also raising security concerns. Additionally, the podcast highlights the market for initial access brokers, revealing how compromised access is sold on the dark web. Tune in for practical security tips and a fun teaser about an upcoming live event!
AI Snips
Chapters
Transcript
Episode notes
Attackers Target Surrounding Logic
- This attack highlights that adversaries focus on surrounding implementation and fallback logic, not the core FIDO protocol itself.
- Treat FIDO as strong but monitor and harden the surrounding authentication flows and proxies.
Treat Public Images As Untrusted
- Avoid running unvetted public container images and treat Docker Hub images like unknown USB drives.
- Use image scanning, SCA, and short-lived container redeploys to reduce exposure to embedded vulnerabilities like the XZ backdoor.
Hidden Risks Inside Containers
- Container security often depends on the image maintainer; many consumers lack SCA or image governance.
- That creates a systemic, long-tail risk where vulnerable components persist inside deployed containers.