Negligence as a Service | Chaos Lever
Negligence as a Service | Chaos LeverDescription
Welcome back, fellow humans (and bots in disguise)! This week on Chaos Lever, Chris and Ned dive into the dusty archives and slap us with a two-by-four of cybersecurity déjà vu. We’re talking legendary hacks that should have taught us better—and yet, here we are. From Emacs-enabled espionage in 1986 to Equifax’s honor-system security policies, it's a masterclass in how not to protect your data.
🧠 Lessons? Sure. But mostly it's about how we never learn them. We dissect what really caused these breaches—not slick zero-days, but plain old negligence and a fondness for not patching things. Also featured: expired SSL certs, trust as a security model, and how managing your asset inventory is more crucial than ever.
💥 Oh, and Ned tried to do a handstand for a cloud video and bled. Not relevant to cybersecurity, but 100% relevant to the Chaos Lever experience. Stick around for reenactments, rants, and ruminations on how saying “I accept the risk” is not a security policy.
🔗 LINKS
Apache Struts bug: https://blog.talosintelligence.com/apache-0-day-exploited/
Nova episode about the 1986 hack: https://archive.org/details/The_KGB_The_Computer_and_Me_1990
Senate investigation into Equifax: https://www.hsgac.senate.gov/wp-content/uploads/imo/media/doc/FINAL%20Equifax%20Report.pdf
CVE system creation by MITRE: https://www.cve.org/Resources/General/Towards-a-Common-Enumeration-of-Vulnerabilities.pdf
![Spinning Rust [Still] Ain’t Dead Yet (Redux) | Chaos Lever](https://s3.castbox.fm/a2/ff/bc/b9fec19aed46bdd0f926685a1967a4b2b4_scaled_v1_400.jpg "Spinning Rust [Still] Ain’t Dead Yet (Redux) | Chaos Lever")
United States
