It has been a little while since my last update episode, and a lot has been happening in the world of cybersecurity. So today I want to catch you up on three things that have been on my radar and, more importantly, should be on yours.
First, we are going to talk about ClickFix — a social engineering attack technique that has exploded in popularity over the past year and is now being used by everyone from cybercriminals to nation-state hackers. I will explain what it is, how it works, and why it is so dangerous.
Second, we are going to tackle a question that more and more people are asking: can I just ask an AI chatbot to generate a password for me? The short answer is no, and I will explain exactly why using some very revealing research that just came out.
And third, we are going to cover an important change happening in the world of digital certificates right now — specifically code signing certificates, which are getting significantly shorter lifespans starting this year. I will explain what code signing is, why it matters to defenders, and what your organisation needs to do.
Lots to get through, so let us dive right in.
