Security Serengeti David Schwendinger and Matthew Keener

We turn back to one of my (Matthew's) favorite analysts, Anton Chuvakin and his recent article on what a Minimum Viable SOC Transformation looks like.  Then we take a few minutes at the end to discuss making self-driving cars ignore stop signs. Cheeky and fun shenanigans!
Article 1 - Baby ASO: A Minimal Viable Transformation for Your SOC
Article 2 - GhostStripe attack haunts self-driving cars by making them ignore road signs
If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!

This week, David and I discuss how GM is fraudulently collecting driving data and selling it to insurers, and Anton Chuvakin has another article on Detection Engineering - How to test your detections!
Article 1 - Long Article on GM Spying on Its Cars’ DriversSupporting Articles:How GM Tricked Millions of Drivers Into Being Spied On (Including Me) [Non-Paywalled]GM Shuts Down Tool That Collects Data on Driving Style
Article 2 - Testing in Detection Engineering (Part 8)
If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!

This week we review the new, proposed American Privacy Rights Act.  Lots of words that sound good, but like most government legislation, there are exceptions big enough to drive a truck through.
Article - Committee Chairs Rodgers, Cantwell Unveil Historic Draft Comprehensive Data Privacy LegislationSupport Links:Philip Dru: Administrator
If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!

This week David and I discuss an article from Venture in Security on how other industries have consolidated, and what lessons we can take from that into Security.  It's more interesting than it sounds, I swear!
Article - Three types of consolidation in cybersecurity, and how monopolization and commoditization are shaping the industry of tomorrow
If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!

This week we discuss eSIM Stealing (not swapping!), the EPA attempting to secure water systems again, and the coming, future Maximum Overdrive like Apocalypse where Big Rigs become the dominant life form.
Article 1 - SIM swappers hijacking phone numbers in eSIM attacksSupporting Articles:About eSIM on iPhoneI Stopped Using Passwords. It’s Great—and a Total Mess
Article 2 - US task force aims to plug security leaks in water sectorSupporting Articles:Official says 'hack' of Oldsmar city water treatment plant in 2021 didn't happenTop Cyber Actions for Securing Water Systems
Article 3 -  Truck-to-truck worm could infect – and disrupt – entire US commercial fleet
If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!

This week we take a look at a book that's been making the podcast rounds - Your Face Belongs to Us by Kashmir Hill.  We discuss the history of facial recognition, the privacy concerns and what exactly Clearview AI has been doing.  Then we finish up with our thoughts on where this all is going.  Spoiler - It's not a happy ending.  Good book, you should read it!
We recorded this episode in a restaurant, and used an AI tool to remove background noise.  This can result in... weird transient sounds.  One of them sounded like a ghost.  This podcast is not haunted, I swear.
Link - https://a.co/d/i3OJWbb
If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!