This episode begans with a brief introduction and some casual banter among the hosts. They discussed their Halloween experiences and a Glenn's obsession with Wordle. They also mentioned a movie called "Clown" that Kimber recommended for those with a fear of clowns.
The hosts then moved on to discuss cybersecurity topics including:
- Interview with Konstantin of CVECrowd.com
- Good News: UK CVD legislation
- Confluence Viz Activity
- ActiveMQ Viz Activity
- F5 Viz Activity
- Okta breach update
- QNAP vulns
- Myth of the long-tail vulnerability
- The release of CVSS4
- Quick FYI for the Microsoft/Foreign Policy "Digital Front Lines" magazine
- Quick FYI on a Wiz blog
- News about the joint Censys/GreyNoise workshop
- Mention of the new GreyNoise Honeypots/honeytokens blog
- Mention of the new GreyNoise Summary Stats Observable notebook
- GreyNoise Tag roundup
- KEV roundup
- Notes that November is Critical Infra Security & Resilience Month
The episode concluded with a discussion on the myth of the long tail vulnerability, a topic covered in a blog post by Ben from Cisco. The hosts agreed that the hype cycle for vulnerabilities is real and predictable, and there is no long tail vulnerability.
