Good morning, security enthusiasts! In the latest episode of the CyberHub podcast, aired on January 16th, 2024, the show delves into a range of pressing cybersecurity topics.
Listener-Driven Content: The show, thriving on audience support, encourages feedback and suggestions for future topics. In addition, the host announces the introduction of a new mini-segment focusing on specific stories, to be available on YouTube and Substack.
Espresso and Ivanti Updates: The episode kicks off with a casual coffee cup cheers, transitioning into a discussion about Ivanti's cybersecurity vulnerabilities. Avanti, a frequently mentioned security vendor on the show, faces new challenges with two vulnerabilities, CVE-2023-46805 and CVE-2024-21887. These vulnerabilities, involving an authentication bypass and a command injection issue, have seen increased exploitation, especially targeting military and government sectors.
Malware Threats: The episode highlights five malware families (Thinspool, Lightwire, Wirefire, Wrap, Warp, and Zipline) related to these vulnerabilities, emphasizing the importance of ongoing vigilance even after patching these issues.
Windows Smart Screen Exploit: Another significant focus is a vulnerability in Windows Smart Screen (CVE-2023-36025) being exploited to spread the Femidrone Stealer malware. This malware, capable of harvesting extensive personal data, underscores the need for heightened security measures.
Cloud Service Exploits: The podcast also discusses the surge in botnet scanning activity, with attackers increasingly using free or cheap cloud services for malicious purposes. A spike in this activity, reaching 1.3 million IPs, has been observed, highlighting the evolving nature of cyber threats.
SonicWall Vulnerabilities: An alarming finding reveals over 178,000 SonicWall firewalls vulnerable to denial of service and potential remote code execution attacks. This situation demands immediate attention and patching from users.
Crypto Mining Malware: The episode touches on a recent arrest in Ukraine related to the infection of US cloud providers with crypto mining malware, demonstrating the global reach of cybercrime.
Senate Investigation on MFA Protection: The podcast concludes with news of the Senate's inquiry into the lack of Multi-Factor Authentication (MFA) in certain regulatory bodies, a critical issue in today's cybersecurity landscape.
Upcoming Substack Exclusive: Finally, listeners are teased with an upcoming story on ransomware corporations, challenging them to think critically about the role of governments and corporations in combating ransomware threats.
Stay Cyber Safe: The episode wraps up with a reminder to stay vigilant and cyber safe, emphasizing the podcast's commitment to keeping its audience informed and prepared in the ever-changing world of cybersecurity.
Show Notes and Story Links:
https://www.securityweek.com/information-stealer-exploits-windows-smartscreen-bypass/
https://www.securityweek.com/cloud-server-abuse-leads-to-huge-spike-in-botnet-scanning/
https://www.securityweek.com/vmware-urges-customers-to-patch-critical-aria-automation-vulnerability/
https://therecord.media/ukraine-arrests-suspect-cryptojacking-cloud-resources
https://www.darkreading.com/cyberattacks-data-breaches/sec-x-account-crypto-hack-draws-senate-ire-
Thank you for watching and Please Don't forget to Like this video and Subscribe to my Channel!
Apply now to be a featured partner on the show: https://www.cyberhubpodcast.com/contact
******
Listen here: https://linktr.ee/cyberhubpodcast
SubStack:
******
Website: https://www.cyberhubpodcast.com
Youtube: https://www.youtube.com/c/TheCyberHubPodcast
Rumble: https://rumble.com/c/c-1353861
Facebook: https://www.facebook.com/CyberHubpodcast/
Linkedin: https://www.linkedin.com/company/cyberhubpodcast/
Twitter: https://twitter.com/cyberhubpodcast
Instagram: https://www.instagram.com/cyberhubpodcast
The Hub of the Infosec Community.
Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.
Share this post