Épisodes

  • Tickler, Voldemort, and Roblox Supply Chain Attack
    Sep 2 2024

    Thank you so much for your support and tuning in. Our full show notes can be found here: https://thecybersecuritydigest.tech/p/cybersecurity-digest-podcast-week-review-2630-aug-2024 Please do not forget to share this show out with someone you know as well as leave this show a rating in your platform of choice! Thank you so much for your continued support!

    Voir plus Voir moins
    32 min
  • Locked out of GSuite, ALBeast, Qilin Stealing Chrome Creds, and Velvet Ants!
    Aug 26 2024

    Show notes for this week's show can be found here: https://thecybersecuritydigest.tech/p/the-cybersecurity-digest-podcast-week-in-review-19-23-august-2024 As stated in the show, comments are turned on for the website. I would love to hear from you regarding your feedback! Please also feel free to leave feedback on Spotify or YouTube and I will review those comments ASAP! If you are interested in subscribing to our newsletter you can do so here: https://thecybersecuritydigest.tech/subscribe

    If you would like to see all the platforms our show is available on you can review our podcast here: https://www.thecybersecuritydigest.com/

    Voir plus Voir moins
    30 min
  • Newsletter Announcement
    Aug 18 2024

    This an announcement for the upcoming Cybersercurity Digest Newsletter that is launching on Aug 19 2024. If you are interested in subscribing or viewing the newsletter you can do so here: https://thecybersecuritydigest.tech/

    Voir plus Voir moins
    2 min
  • Vulnerable IP Cameras, BITSLOTH, and a Discord DDoS Campaign
    Aug 6 2024

    Security Digest for 6 August 2024:

    Podcast Requested Feedback: https://forms.gle/w2RB5DRzbbvu3ziS7 Notable News: Over 20,000 Ubiquiti Cameras and Routers are Vulnerable to Amplification Attacks and Privacy Risks - Check Point Blog

    BITS and Bytes: Analyzing BITSLOTH, a newly identified backdoor — Elastic Security Labs

    Panamorfi: A New Discord DDoS Campaign (aquasec.com)

    4.6 Million Voter and Election Documents Exposed Online by Technology Contractor (vpnmentor.com)

    StormBamboo Compromises ISP to Abuse Insecure Software Update Mechanisms | Volexity

    Israeli hacker group takes responsibility for collapse of Wi-Fi in Ira - The Jerusalem Post (jpost.com)

    TgRAT malware returns with a Linux variant (broadcom.com)

    Linux kernel impacted by new SLUBStick cross-cache attack (bleepingcomputer.com)

    Fighting Ursa Luring Targets With Car for Sale (paloaltonetworks.com)

    Keytronic reports losses of over $17 million after ransomware attack (bleepingcomputer.com)

    Justice Department sues TikTok for alleged violations of children’s privacy (therecord.media)

    Prevalent Patches: Critical Bitdefender Patch for GravityZone Update Server: CVE-2024-6980 Could Lead to SSRF Attacks - SOCRadar® Cyber Intelligence Inc. SonicWall Discovers Second Critical Apache OFBiz Zero-Day Vulnerability | SonicWall CISA Corner: CISA Adds One Known Exploited Vulnerability to Catalog | CISA

    NVD - CVE-2018-0824 (nist.gov)

    Voir plus Voir moins
    30 min
  • Revoked Certs, Microsoft Outage, and Sitting Ducks
    Aug 2 2024

    Security Digest for 2 August 2024:

    Podcast Requested Feedback: https://forms.gle/w2RB5DRzbbvu3ziS7 Notable News: Certificate Revocation Incident | DigiCert 1910322 - DigiCert: Random value in CNAME without underscore prefix (mozilla.org) DigiCert Status - DigiCert Revocation Incident (CNAME-Based Domain Validation) Azure status history | Microsoft Azure Unmasking the SMS Stealer: Targeting Several Countries with Deceptive Apps - Zimperium Zscaler ThreatLabz 2024 Ransomware Report I Threat Research Cost of a data breach 2024 | IBM OneDrive Pastejacking (trellix.com) Threat actor impersonates Google via fake ad for Authenticator | Malwarebytes BingoMod: The new android RAT that steals money and wipes data | Cleafy Labs Who Knew? Domain Hijacking is So Easy | Infoblox Ducks Now Sitting (DNS): Internet Infrastructure Insecurity - Eclypsium | Supply Chain Security for the Modern Enterprise

    Threat Actor Abuses Cloudflare Tunnels to Deliver RATs | Proofpoint US

    Ransomware Details | OneBlood Prevalent Patches: Security notices | Ubuntu Red Hat Product Errata - Red Hat Customer Portal CISA Corner:

    CISA Adds One Known Exploited Vulnerability to Catalog | CISA CISA Releases Nine Industrial Control Systems Advisories | CISA CISA Names First Chief Artificial Intelligence Officer | CISA

    Voir plus Voir moins
    29 min
  • Outlook C2 Framework, VMWare ESXi Vuln, and PKFail leads to UEFI Supply Chain Attacks.
    Jul 30 2024

    Security Digest for 30 July 2024:

    Podcast Requested Feedback: https://forms.gle/w2RB5DRzbbvu3ziS7 Notable News: WhatsApp for Windows lets Python, PHP scripts execute with no warning (bleepingcomputer.com)

    PKfail: Untrusted Platform Keys Undermine Secure Boot on UEFI Ecosystem (binarly.io) SupplyChainAttacks/PKfail/ImpactedDevices.md at main · binarly-io/SupplyChainAttacks · GitHub Malicious Python Package Targets macOS Developers (checkmarx.com)

    SeleniumGreed Cryptomining Campaign Exploiting Grid Services | Wiz Blog Scammer Abuses Microsoft 365 Tenants, Relaying Through Proofpoint Servers to Deliver Spam Campaigns | Proofpoint US HealthEquity says data breach impacts 4.3 million people (bleepingcomputer.com) Two-Step Phishing Campaign Exploits Microsoft Office Forms (perception-point.io) Over 1 Million websites are at risk of sensitive information leakage (salt.security) TrustedSec | Specula - Turning Outlook Into a C2 With One Registry… Ransomware operators exploit ESXi hypervisor vulnerability for mass encryption | Microsoft Security Blog Support Content Notification - Support Portal - Broadcom support portal Prevalent Patches: Security Bulletin: NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, Jetson TX1, Jetson TX2 Series (including Jetson TX2 NX), and Jetson Nano (including Jetson Nano 2GB) - July 2024 | NVIDIA (custhelp.com) Apple security releases - Apple Support

    CISA Corner: NVD - CVE-2024-4879 (nist.gov) NVD - CVE-2024-5217 (nist.gov) NVD - CVE-2023-45249 (nist.gov) Siemens SICAM Products | CISA Positron Broadcast Signal Processor | CISA

    Voir plus Voir moins
    24 min
  • Phishing Scams for CrowdStrike Customers Continue, GitHub Vulnerabilities, and North Korea’s Ransomware Shift
    Jul 26 2024

    Cybersecurity Digest for 26 July 2024

    Today we discuss the following items: Notable News Crowdstrike Post Incident Report: Falcon Content Update Remediation and Guidance Hub | CrowdStrike Crowdstrike Phishing Campaigns: Malicious Inauthentic Falcon Crash Reporter Installer Distributed to German Entity (crowdstrike.com) Malware Distributed Using Falcon Sensor Update Phishing Lure | CrowdStrike Threat Actor Distributes Python-Based Info Stealer Using Fake Update (crowdstrike.com) Apparent CrowdStrike Threat Actor List Leak: Hacktivist Entity USDoD Claims to Have Leaked CrowdStrike’s Threat Actor List Meta Ousts 63,000 accounts linked to Sextortion : Combating Financial Sextortion Scams From Nigeria | Meta (fb.com) Darknet Diaries Episode related to the Sextortion Scams: The Pig Butcher – Darknet Diaries Rapid7 Malware Campaign using Fake W2: Malware Campaign Lures Users With Fake W2 Form | Rapid7 Blog GitHub Deleted and Private Repo Access: Anyone can Access Deleted and Private Repository Data on GitHub ◆ Truffle Security Co. GitHub Accounts Distributing Malware: Over 3,000 GitHub accounts used by malware distribution service (bleepingcomputer.com) Windows SmartScreen Flaw: Windows SmartScreen Flaw Enabling Data Theft in Major Stealer Attack (hackread.com)

    Apt45 Shifts from Espionage to Ransomware: APT45: North Korea’s Digital Military Machine | Google Cloud Blog Related CISA Advisory: North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs | CISA

    Prevalent Patches Google Chrome Fixes Vulnerabilities: Chrome Releases: Stable Channel Update for Desktop (googleblog.com) Docker Fixes Authentication Bypass: Docker Security Advisory: AuthZ Plugin Bypass Regression in Docker Engine | Docker Siemens Fixes Closes Backdoors: SSA-071402 (siemens.com) Progress Telerik Vulnerability: Insecure Deserialization Vulnerability - Telerik Report Server

    CISA Alert: BIND 9: ISC Releases Security Advisories for BIND 9 | CISA Related news: BIND DNS Server Vulnerability Lets Attackers Flood Server (cybersecuritynews.com)

    Voir plus Voir moins
    25 min
  • Telegram EvilVideo, PlayRansomWare targets ESXi, and a North Korean Infiltration Attempt
    Jul 24 2024

    Cybersecurity Digest for 24 July 2024 Today we discuss the following items: Crowdstrike Stealer: Threat Actor Uses Fake Recovery Manual to Deliver Unidentified Stealer (crowdstrike.com) ESET’s EvilVideo Discovery Cursed tapes: Exploiting the EvilVideo vulnerability on Telegram for Android (welivesecurity.com) TrendMicro’s Playransomware Targeting ESXi: New Play Ransomware Linux Variant Targets ESXi Shows Ties With Prolific Puma | Trend Micro (US) Magneto Credit Card Theft Malware: Attackers Abuse Swap File to Steal Credit Cards (sucuri.net) Vulnerable Ad Injecting Driver: HotPage: Story of a signed, vulnerable, ad-injecting driver (welivesecurity.com) BreachForums DataLeak Exposes Members: BreachForums v1 hacking forum data leak exposes members’ info (bleepingcomputer.com) KnowBe4 North Korean Insider: How a North Korean Fake IT Worker Tried to Infiltrate Us (knowbe4.com) Vishing Attacks: Whose Voice Is It Anyway? AI-Powered Voice Spoofing for Next-Gen Vishing Attacks | Google Cloud Blog Huntress AsyncRAT Blog: Fake Browser Updates Lead to BOINC Volunteer Computing Software | Huntress CISA KEV Additions: NVD - CVE-2024-39891 (nist.gov) NVD - CVE-2012-4792 (nist.gov) Music in order that it appears licensed via Artlist.io : Lizard by Captain Qubz Feel The Air by Ikoliks

    Voir plus Voir moins
    19 min