12: Gimme F5

In this week’s episode, we take a look at the recent critical vulnerabilities in F5, which scored a perfect 10 CVSS score, and Kev sheds some light on what made it such a perfect storm. We also have a little think about why companies with the most security tools and platforms in place feel the least secure. Does more always mean better?Next, we debate the fact that there’s surely no debate around changing names like ‘blacklist’ and ‘whitelist’ for far more logical and inclusive terminology. Approve and deny lists, anyone? And what do £54m in cash, a lot of drugs, a torture chamber, and an encrypted phone system have in common? Let us – or the NCA – tell you. And no, it’s not a really great party. F5 vulnerability:https://www.helpnetsecurity.com/2020/07/06/exploit-cve-2020-5902/IBM security technology report:https://www.zdnet.com/article/the-more-cybersecurity-tools-an-enterprise-deploys-the-less-effective-their-defense-is/NCA cracks EncroChat:https://www.independent.co.uk/news/uk/crime/encrochat-phone-network-encryption-organised-crime-uk-arrests-police-a9597501.html