web02.fireside.fm Mon, 15 Jun 2026 03:55:05 -0500 Fireside (https://fireside.fm) Sudo Show - Episodes Tagged with “Security” https://sudo.show/tags/security Thu, 14 May 2026 05:00:00 -0600 The Sudo Show covers topics ranging from Open Source in business to deep dives into complex technology. en-us episodic Where Business Meets Open Source Sudo Show The Sudo Show covers topics ranging from Open Source in business to deep dives into complex technology. no devops, it, cloud native, technology, sudo, linux, open source, work from home, productivity, red hat, FOSS, information technology Sudo Show podcast@sudo.show 76: ABCs of CVEs | SUDO Show 76 https://sudo.show/76 943423ac-1f30-43fd-ac3c-532e95f34891 Thu, 14 May 2026 05:00:00 -0600 Sudo Show full Sudo Show SUDO Show 76, “ABCs of CVEs,” walks through how modern Linux vulnerabilities are discovered, disclosed, and patched—from AI‑assisted finds like Pack2TheRoot and copy.fail to Dirty Frag’s embargo drama. Bill, Neal, and Brandon then dig into real‑world patching practices, tools like Foreman and Uyuni, and how to interpret CVSS scores and risk without panicking. 51:43 no <p>SUDO Show 76, “ABCs of CVEs,” breaks down how modern Linux vulnerabilities go from scary headlines to real-world fixes. Bill, Neal, and Brandon start with conferences and Neal’s new Framework 13 Pro running Fedora, then dive into AI‑assisted security research and what tools like Claude and others are actually doing in the CVE pipeline. Neal walks through recent high‑profile issues like Pack2TheRoot in PackageKit, the copy.fail kernel optimization bug, and the Dirty Frag vulnerability, explaining how disclosure, embargoes, and coordination really work from a distro maintainer’s perspective. Brandon then focuses on CVE patching best practices, testing and release strategies, tools like Foreman and Uyuni for managing updates, and how to interpret CVSS scores and risk without panicking, before the crew wraps with advice for new grads who want to get into security without setting their hair—or their clusters—on fire.</p> <p><strong>Show Links:</strong></p> <ul> <li>Foreman – <a href="https://theforeman.org/" rel="nofollow noopener">https://theforeman.org/</a></li> <li>Uyuni – <a href="https://www.uyuni-project.org/" rel="nofollow noopener">https://www.uyuni-project.org/</a></li> <li>Pack2TheRoot – Linux local privilege escalation write‑up <ul> <li><a href="https://github.security.telekom.com/2026/04/pack2theroot-linux-local-privilege-escalation.html" rel="nofollow noopener">https://github.security.telekom.com/2026/04/pack2theroot-linux-local-privilege-escalation.html</a></li> </ul></li> <li>copy.fail – kernel copy‑on‑write vulnerability <ul> <li><a href="https://copy.fail/" rel="nofollow noopener">https://copy.fail/</a></li> </ul></li> <li>Dirty Frag – universal Linux LPE PoC <ul> <li><a href="https://github.com/V4bel/dirtyfrag#dirty-frag-universal-linux-lpe" rel="nofollow noopener">https://github.com/V4bel/dirtyfrag#dirty-frag-universal-linux-lpe</a></li> </ul></li> </ul> <p><strong>Connect with the Hosts:</strong><br> Bill - @ctlinux on Mastodon<br> Neal - @<a href="mailto:neal@social.gompa.me" rel="nofollow noopener">neal@social.gompa.me</a> on Mastodon<br> Noel - <a href="https://github.com/noelmiller" rel="nofollow noopener">https://github.com/noelmiller</a> </p> open source, opensource, technology, enterprise, business, software, linux, SUDO Show, ABCs of CVEs, Linux, security, CVE, CVSS, vulnerabilities, AI and security, Claude, Mistral, PackageKit, Pack2TheRoot, copy.fail, Dirty Frag, Linux kernel, Fedora, Fedora Workstation, Framework 13 Pro, disclosure, responsible disclosure, embargo, Linux distros, patching best practices, Foreman, Uyuni, risk management, immutability, zero CVE, sysadmin, DevOps, new grads in security SUDO Show 76, “ABCs of CVEs,” breaks down how modern Linux vulnerabilities go from scary headlines to real-world fixes. Bill, Neal, and Brandon start with conferences and Neal’s new Framework 13 Pro running Fedora, then dive into AI‑assisted security research and what tools like Claude and others are actually doing in the CVE pipeline. Neal walks through recent high‑profile issues like Pack2TheRoot in PackageKit, the copy.fail kernel optimization bug, and the Dirty Frag vulnerability, explaining how disclosure, embargoes, and coordination really work from a distro maintainer’s perspective. Brandon then focuses on CVE patching best practices, testing and release strategies, tools like Foreman and Uyuni for managing updates, and how to interpret CVSS scores and risk without panicking, before the crew wraps with advice for new grads who want to get into security without setting their hair—or their clusters—on fire.

Show Links:

Connect with the Hosts:
Bill - @ctlinux on Mastodon
Neal - @neal@social.gompa.me on Mastodon
Noel - https://github.com/noelmiller

]]> SUDO Show 76, “ABCs of CVEs,” breaks down how modern Linux vulnerabilities go from scary headlines to real-world fixes. Bill, Neal, and Brandon start with conferences and Neal’s new Framework 13 Pro running Fedora, then dive into AI‑assisted security research and what tools like Claude and others are actually doing in the CVE pipeline. Neal walks through recent high‑profile issues like Pack2TheRoot in PackageKit, the copy.fail kernel optimization bug, and the Dirty Frag vulnerability, explaining how disclosure, embargoes, and coordination really work from a distro maintainer’s perspective. Brandon then focuses on CVE patching best practices, testing and release strategies, tools like Foreman and Uyuni for managing updates, and how to interpret CVSS scores and risk without panicking, before the crew wraps with advice for new grads who want to get into security without setting their hair—or their clusters—on fire.

Show Links:

Connect with the Hosts:
Bill - @ctlinux on Mastodon
Neal - @neal@social.gompa.me on Mastodon
Noel - https://github.com/noelmiller

]]> 42: CrowdSec Revisited https://sudo.show/42 69dd7fe2-f1c0-4a14-af97-31d1079a0c16 Thu, 06 Jan 2022 06:00:00 -0700 Sudo Show full Sudo Show Brandon sits down the Philippe Humeau the CEO of CrowdSec to talk about the current state of CrowdSec, the Roadmap, the Log4J mitigation, and how the community can help. 28:22 no Sudo Show 42 - CrowdSec Revistied <p><a href="https://sudo.show/42" rel="nofollow noopener">Episode 42</a></p> <h2>Show Notes</h2> <p>Philippe Humeau:</p> <ul> <li><a href="https://twitter.com/philippe_humeau" rel="nofollow noopener">Twitter</a></li> <li><a href="https://opensource.com/article/20/10/crowdsec" rel="nofollow noopener">Opensource.com: New Open Source Project Crowdsources Internet Security</a></li> </ul> <p>Crowdsec:</p> <ul> <li><a href="https://crowdsec.net/" rel="nofollow noopener">Website</a></li> </ul> <p>Contribute to Crowdsec:</p> <ul> <li><a href="https://hub.crowdsec.net/" rel="nofollow noopener">CrowdSec Hub</a></li> <li><a href="https://github.com/crowdsecurity/crowdsec" rel="nofollow noopener">Github: Crowdsec</a></li> <li><a href="https://discourse.crowdsec.net/" rel="nofollow noopener">Discourse</a></li> <li><a href="https://gitter.im/crowdsec-project/community?utm_source=share-link&amp;utm_medium=link&amp;utm_campaign=share-link" rel="nofollow noopener">Gitter</a></li> </ul> <p>Crowdsec on Social Media</p> <ul> <li><a href="https://twitter.com/Crowd_Security" rel="nofollow noopener">Twitter</a></li> </ul> <p>Crowdsec Technical Documentation and Blog Posts</p> <ul> <li><a href="https://crowdsec.net/log4j-tracker/" rel="nofollow noopener">CrowdSec Log4J Threat Tracker</a></li> <li><a href="https://hub.crowdsec.net/author/crowdsecurity/configurations/apache_log4j2_cve-2021-44228" rel="nofollow noopener">CrowdSec Log4J Senarios</a></li> <li><a href="https://crowdsec.net/blog/detect-block-log4j-exploitation-attempts/" rel="nofollow noopener">CrowdSec - Detect and block Log4J exploitation attempts</a></li> <li><a href="https://crowdsec.net/blog/kubernetes-crowdsec-integration/" rel="nofollow noopener">CrowdSec on Kubernetes</a></li> <li><a href="" rel="nofollow noopener">CrowdSec on Public Cloud</a></li> <li><a href="https://crowdsec.net/blog/multi-server-setup/" rel="nofollow noopener">CrowdSec at Scale</a></li> </ul> <p>Destination Linux and Sudo Show Links:</p> <ul> <li><a href="https://destinationlinux.network" rel="nofollow noopener">Destination Linux Network</a></li> <li><a href="https://sudo.show" rel="nofollow noopener">Sudo Show Website</a></li> </ul> <p>Support the Show:</p> <ul> <li><a href="https://bitwarden.com/dln" rel="nofollow noopener">Sponsor: Bitwarden</a></li> <li><a href="https://do.co/dln" rel="nofollow noopener">Sponsor: Digital Ocean</a></li> <li><a href="https://sudo.show/swag" rel="nofollow noopener">Sudo Show Swag</a></li> </ul> <p>Contact Us:</p> <ul> <li><a href="https://sudo.show/discuss" rel="nofollow noopener">DLN Discourse</a></li> <li><a href="mailto:contact@sudo.show" rel="nofollow noopener">Email Us!</a></li> <li><a href="https://sudo.show/matrix" rel="nofollow noopener">Sudo Matrix Room</a></li> </ul> <p>Follow our Hosts:</p> <ul> <li><a href="https://open-tech.net" rel="nofollow noopener">Brandon's Website</a></li> <li><a href="https://twitter.com/dbrandonjohnson" rel="nofollow noopener">Brandon's Twitter</a></li> </ul> <h2>Chapters</h2> <p>00:00 Intro<br> 00:42 Welcome<br> 01:12 Digitial Ocean AD<br> 02:15 Bitwarden Ad<br> 03:18 Interview with Philippe Humeau<br> 27:10 Outro</p> <p>Special Guest: Philippe Hueau.</p> it, devops, cloud, enterprise, open source, sudo show, career, technology, open-tech, cloud native, infosec, log4j, crowdsec, security, devsecops, secops Episode 42

Show Notes

Philippe Humeau:

Crowdsec:

Contribute to Crowdsec:

Crowdsec on Social Media

Crowdsec Technical Documentation and Blog Posts

Destination Linux and Sudo Show Links:

Support the Show:

Contact Us:

Follow our Hosts:

Chapters

00:00 Intro
00:42 Welcome
01:12 Digitial Ocean AD
02:15 Bitwarden Ad
03:18 Interview with Philippe Humeau
27:10 Outro

Special Guest: Philippe Hueau.

]]> Episode 42

Show Notes

Philippe Humeau:

Crowdsec:

Contribute to Crowdsec:

Crowdsec on Social Media

Crowdsec Technical Documentation and Blog Posts

Destination Linux and Sudo Show Links:

Support the Show:

Contact Us:

Follow our Hosts:

Chapters

00:00 Intro
00:42 Welcome
01:12 Digitial Ocean AD
02:15 Bitwarden Ad
03:18 Interview with Philippe Humeau
27:10 Outro

Special Guest: Philippe Hueau.

]]> 28: Security Intelligence with Steve Ginty of RiskIQ https://sudo.show/28 f41044aa-50bd-4043-8785-4c84233210b5 Thu, 24 Jun 2021 05:00:00 -0600 Sudo Show full Sudo Show In this episode, Eric and Brandon talk to Steve Ginty, Director of Threat Intelligence at RiskIQ. They discuss how to collect relavant, actionable intelligence to protect our organizations. 43:52 no <p>In this episode, Eric and Brandon talk to Steve Ginty, Director of Threat Intelligence at RiskIQ. They discuss how to collect relavant, actionable intelligence to protect our organizations.</p> <p><a href="https://destinationlinux.network" rel="nofollow noopener">Destination Linux Network</a><br> <a href="https://sudo.show" rel="nofollow noopener">Sudo Show Website</a><br> <a href="https://bitwarden.com/dln" rel="nofollow noopener">Sponsor: Bitwarden</a><br> <a href="https://do.co/dln" rel="nofollow noopener">Sponsor: Digital Ocean</a><br> <a href="https://sudo.show/swag" rel="nofollow noopener">Sudo Show Swag</a></p> <p>Contact Us:<br> <a href="https://sudo.show/discuss" rel="nofollow noopener">DLN Discourse</a><br> <a href="mailto:contact@sudo.show" rel="nofollow noopener">Email Us!</a><br> Matrix: +sudoshow:destinationlinux.network</p> <p><a href="https://twitter.com/seginty" rel="nofollow noopener">Twitter: Steve Ginty</a><br> <a href="https://www.riskiq.com/" rel="nofollow noopener">RiskIQ</a><br> <a href="https://twitter.com/RiskIQ" rel="nofollow noopener">Twitter: RiskIQ</a><br> <a href="https://community.riskiq.com/" rel="nofollow noopener">RiskIQ Community</a></p> <p><a href="https://sudo.show/19" rel="nofollow noopener">Sudo Show 19: Sunburst and Securing Your Supply Chain</a><br> <a href="https://www.msn.com/en-us/money/news/major-us-pipeline-targeted-in-cyber-attack/ar-BB1gvBnV" rel="nofollow noopener">MSN Article: Major US Pipeline Shut By Cyber Attack</a><br> <a href="https://www.bloomberg.com/news/articles/2021-05-31/meat-is-latest-cyber-victim-as-hackers-hit-top-supplier-jbs" rel="nofollow noopener">Bloomberg Article: JBS hit with ransomware</a><br> <a href="https://krebsonsecurity.com/2021/03/at-least-30000-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-software/" rel="nofollow noopener">Krebs On Security: US Organizations new Hacked Via Holes in Microsofts Email Software</a></p> <p><a href="https://www.crowdstrike.com/cybersecurity-101/zero-trust-security/" rel="nofollow noopener">Crowdstrike Blog: Zero Trust Security</a><br> <a href="https://sudo.show/22" rel="nofollow noopener">Sudo Show 22: Meet Tidelift</a> Special Guest: Steve Ginty.</p> it, devops, cloud, enterprise, opensource, open source, it guy, itguyeric, eric the it guy, sudo show, career, technology, red hat, brandon johnson, open-tech, open tech, agile, AWS, Amazon, riskiq, steve ginty, zero trust, solarwinds, crypto, crypto-malware, ransomeware, Colonial Pipeline, Exchange, security, supply chain In this episode, Eric and Brandon talk to Steve Ginty, Director of Threat Intelligence at RiskIQ. They discuss how to collect relavant, actionable intelligence to protect our organizations.

Destination Linux Network
Sudo Show Website
Sponsor: Bitwarden
Sponsor: Digital Ocean
Sudo Show Swag

Contact Us:
DLN Discourse
Email Us!
Matrix: +sudoshow:destinationlinux.network

Twitter: Steve Ginty
RiskIQ
Twitter: RiskIQ
RiskIQ Community

Sudo Show 19: Sunburst and Securing Your Supply Chain
MSN Article: Major US Pipeline Shut By Cyber Attack
Bloomberg Article: JBS hit with ransomware
Krebs On Security: US Organizations new Hacked Via Holes in Microsofts Email Software

Crowdstrike Blog: Zero Trust Security
Sudo Show 22: Meet Tidelift

Special Guest: Steve Ginty.

Sponsored By:

]]> In this episode, Eric and Brandon talk to Steve Ginty, Director of Threat Intelligence at RiskIQ. They discuss how to collect relavant, actionable intelligence to protect our organizations.

Destination Linux Network
Sudo Show Website
Sponsor: Bitwarden
Sponsor: Digital Ocean
Sudo Show Swag

Contact Us:
DLN Discourse
Email Us!
Matrix: +sudoshow:destinationlinux.network

Twitter: Steve Ginty
RiskIQ
Twitter: RiskIQ
RiskIQ Community

Sudo Show 19: Sunburst and Securing Your Supply Chain
MSN Article: Major US Pipeline Shut By Cyber Attack
Bloomberg Article: JBS hit with ransomware
Krebs On Security: US Organizations new Hacked Via Holes in Microsofts Email Software

Crowdstrike Blog: Zero Trust Security
Sudo Show 22: Meet Tidelift

Special Guest: Steve Ginty.

Sponsored By:

]]> 14: Looking at CrowdSec with Philippe Humeau https://sudo.show/14 982b5896-cd8d-4618-86f4-8595fe501c88 Thu, 03 Dec 2020 05:00:00 -0700 Sudo Show full Sudo Show For this episode, we brought in Philippe Humeau, founder of CrowdSec. We discuss community-driven security, reputation-based IP engines, fail2ban, and how together we can achieve digital herd-immunity. 44:24 no <p>For this episode, we brought in Philippe Humeau, founder of CrowdSec. We discuss community-driven security, reputation-based IP engines, fail2ban, and how together we can achieve digital herd-immunity. </p> <p><a href="https://destinationlinux.network" rel="nofollow noopener">Destination Linux Network</a><br> <a href="https://sudo.show" rel="nofollow noopener">Sudo Show Website</a><br> <a href="https://do.co/dln" rel="nofollow noopener">Sponsor: Digital Ocean</a><br> <a href="https://bitwarden.com/dln" rel="nofollow noopener">Sponsor: Bitwarden</a><br> <a href="https://sudo.show/swag" rel="nofollow noopener">Sudo Show Swag</a> UPDATED!</p> <p>Contact Us:</p> <ul> <li><a href="https://sudo.show/discuss" rel="nofollow noopener">DLN Discourse</a></li> <li><a href="mailto:contact@sudo.show" rel="nofollow noopener">Email Us!</a></li> <li>Matrix: +sudoshow:matrix.org</li> </ul> <p>Philippe Humeau:<br> <a href="https://twitter.com/philippe_humeau" rel="nofollow noopener">Twitter</a><br> <a href="https://opensource.com/article/20/10/crowdsec" rel="nofollow noopener">Opensource.com: New Open Source Project Crowdsources Internet Security</a></p> <p>Crowdsec:<br> <a href="https://crowdsec.net/" rel="nofollow noopener">Website</a><br> <a href="https://github.com/crowdsecurity/crowdsec" rel="nofollow noopener">Github: Crowdsec</a></p> <p><a href="https://discourse.crowdsec.net/" rel="nofollow noopener">Discourse</a><br> <a href="https://gitter.im/crowdsec-project/community?utm_source=share-link&amp;utm_medium=link&amp;utm_campaign=share-link" rel="nofollow noopener">Gitter</a><br> <a href="https://twitter.com/Crowd_Security" rel="nofollow noopener">Twitter</a></p> <p>Fail2Ban:<br> <a href="https://www.fail2ban.org/wiki/index.php/Main_Page" rel="nofollow noopener">Fail2Ban</a><br> <a href="https://github.com/fail2ban/fail2ban" rel="nofollow noopener">Github: Fail2Ban</a></p> <p>Extras:<br> <a href="https://www.positronx.io/golang-vs-python-is-golang-better-than-python/" rel="nofollow noopener">Positronx: Golang vs Python - Is Golang Better than Python in 2020</a><br> <a href="https://www.techwalla.com/articles/what-is-an-as400-system" rel="nofollow noopener">Techwalla: What is an AS400 System?</a> Special Guest: Philippe Hueau.</p> it, devops, cloud, enterprise, opensource, open source, it guy, itguyeric, eric the it guy, sudo show, career, technology, red hat, brandon johnson, open-tech, open tech, agile, fail2ban, crowdsec, critical role, digital ocean, bitwarden, goland, IP reputation, security For this episode, we brought in Philippe Humeau, founder of CrowdSec. We discuss community-driven security, reputation-based IP engines, fail2ban, and how together we can achieve digital herd-immunity.

Destination Linux Network
Sudo Show Website
Sponsor: Digital Ocean
Sponsor: Bitwarden
Sudo Show Swag UPDATED!

Contact Us:

Philippe Humeau:
Twitter
Opensource.com: New Open Source Project Crowdsources Internet Security

Crowdsec:
Website
Github: Crowdsec

Discourse
Gitter
Twitter

Fail2Ban:
Fail2Ban
Github: Fail2Ban

Extras:
Positronx: Golang vs Python - Is Golang Better than Python in 2020
Techwalla: What is an AS400 System?

Special Guest: Philippe Hueau.

Sponsored By:

]]> For this episode, we brought in Philippe Humeau, founder of CrowdSec. We discuss community-driven security, reputation-based IP engines, fail2ban, and how together we can achieve digital herd-immunity.

Destination Linux Network
Sudo Show Website
Sponsor: Digital Ocean
Sponsor: Bitwarden
Sudo Show Swag UPDATED!

Contact Us:

Philippe Humeau:
Twitter
Opensource.com: New Open Source Project Crowdsources Internet Security

Crowdsec:
Website
Github: Crowdsec

Discourse
Gitter
Twitter

Fail2Ban:
Fail2Ban
Github: Fail2Ban

Extras:
Positronx: Golang vs Python - Is Golang Better than Python in 2020
Techwalla: What is an AS400 System?

Special Guest: Philippe Hueau.

Sponsored By:

]]>