InfoSec.Watch
The InfoSec.Watch Podcast delivers the week’s most important cybersecurity news in a fast, clear, and actionable format.
Each episode breaks down major incidents, vulnerabilities, threat-actor activity, and security trends affecting modern organizations — without the noise or hype.
The show translates complex cyber topics into practical insights you can use immediately in your job, whether you work in security engineering, cloud security, threat detection, governance, or IT.
If you want to stay ahead of emerging threats, sharpen your defensive mindset, and get a reliable summary of what actually matters each week, this is your new essential briefing.
Actionable Cybersecurity Insights — Every Week.
InfoSec.Watch
InfoSec.Watch Podcast — Episode 122: Cisco UC zero-days, Oracle patch overload, and the new Tier-Zero reality
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
This week on the InfoSec.Watch Podcast, we break down a wave of high-impact security events underscoring a hard truth for defenders: management planes and dependencies are now primary intrusion paths.
The episode opens with active exploitation of a Cisco Unified Communications zero-day (CVE-2026-20045), an unauthenticated web-management RCE capable of delivering full root-level compromise across multiple UC platforms. With exploitation confirmed and CISA adding the flaw to its Known Exploited Vulnerabilities list, the hosts explain why UC management interfaces must be treated as Tier-Zero assets, and why assumed-breach reviews are mandatory even after patching.
Next, the discussion turns to Oracle’s January Critical Patch Update, delivering more than 300 fixes across its portfolio. Grant and Sloane walk through a practical prioritization strategy—patching by exposure, not product name—and explain how to use Oracle’s own exploitability flags and compensating controls to avoid patch paralysis.
The episode also covers Ingram Micro’s ransomware-related data exposure, highlighting the growing risk of third-party concentration. The hosts outline what every organization should have ready before a supplier breach occurs, from notification SLAs and data minimization to pre-staged third-party incident response playbooks.
In the Vulnerability Spotlight, the focus shifts to two expanding attack surfaces:
- Unauthenticated management UI exploitation as a recurring root-compromise pattern
- Malicious code embedded in developer dependencies, including a widely used package now listed in CISA’s KEV catalog
The Trend to Watch ties these threads together: attackers are moving up the stack, blending classic perimeter weaknesses with modern software supply-chain abuse. Management planes, CI/CD pipelines, and automation platforms are increasingly being scanned, scripted, and poisoned at scale.
The episode closes with a decisive Actionable Defense Move of the Week—formally defining your Tier-Zero systems and enforcing strict controls around access, exposure, monitoring, and containment—followed by a clear final warning: if a management interface is reachable from the internet, attackers will automate it.
For deeper coverage and weekly briefings delivered straight to your inbox, subscribe at infosec.watch and follow InfoSec.Watch on X, Facebook, and LinkedIn.
Thanks for listening to InfoSec.Watch! Subscribe to our newsletter for in-depth analysis: https://infosec.watch Follow us for daily updates: - X (Twitter) - LinkedIn - Facebook - Stay secure out there!