Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss Troy Hunt’s recent announcement about his HaveIBeenPwned service, a VMWare patch you need to apply immediately to vCenter Server as well as how the US Department of Homeland Security has responded to the Colonial Pipeline hacked.

Timecodes:

• 0:00 – Intro
• 0:19 – Today’s 3 topics
• 0:34 – Topic 1: HaveIBeenPwned Announcement
• 7:06 – Topic 2: VMWare Vulnerability
• 9:32 – Topic 3: Colonial Pipeline Update
• 15:29 – Closing remarks

Troy Hunt’s call for help with his HaveIBeenPwned service:

• Pwned Passwords, Open Source in the .NET Foundation and Working with the FBI

Patch immediately: VMware warns of critical remote code execution hole in vCenter Server:

• VMware vCenter Server updates address remote code execution and authentication vulnerabilities (CVE-2021-21985, CVE-2021-21986)
• Questions & Answers for VMSA-2021-0010
• How to Disable VMware Plugins in vCenter Server (83829)

After Ransomware hit Colonial Pipeline DHS issues directive:

• DHS Announces New Cybersecurity Requirements for Critical Pipeline Owners and Operators

Stuff You Should Know Podcast – How the Electrical Grid Works:

• https://podcasts.apple.com/au/podcast/how-the-electrical-grid-works/id278981407?i=1000516928439

Other Links:

• Outdated computer system exploited in Florida water treatment plant hack
• A password for the Hawaii emergency agency was hiding in a public photo, written on a Post-it note