VulnCheck - Podcast Details

Shows

セキュリティのアレ第289回初のオンライン公開収録やで！スペシャル！Tweet・【ネットろんだん】「プリキュア３７人言える？」オタク母の機転で詐欺撃退 – 産経ニュース・LINEグループ作成を要求されるCEO詐欺メールについてまとめてみた – piyolog ・UNO reverse card: stealing cookies from cookie stealers ・VulnCheck State of Exploitation 2026 | Blog | VulnCheck ・清水ミチコのシミチコチャンネル – YouTube アレ勢メモ：アクティブすぎるアグレッシブや。参考になるが、万人には成果を誇れない。法執行機関に頑張って貰うのが正しい経路か？騙されやすい人を狙っている。。検索上位に上がってきて入れちゃう企業の人もいる。そのタイトルは開きやすい。ドメインに偏りあり。リストを持っている？朝４時サイトはアクティブじゃない。７時頃からOpen。フィルタリング回避か？パッケージを使ったサイトでロゴだけ違うサイトもあるから作りが楽。ボイスフィッシングは顕在化し辛い。マネロン部門だけでは無理CISRT部門と一緒に取り組む。日によって移動する。金融機関同士で連携。AitM多いか？と思ったらかなり少ない。リアルタイムフィッシングの方が多い。他行宛て振込送金を止めるルールはあるのか？事前にルール決めておくのがいいね。2024年に比べてスピードアップ。OS関係の脆弱性は1日未満で悪用が50%。日本で使ってないが、海外支社で使っている場合もあるので注意。対応会社側が厳しい状況は続いている。自社で収集しないといけないし、見直しもしないといけない。EPSSに頼りたくなる。観測網が充実していれば良いが、後手に回る。AIや情報共有のスピードUPが求められる。パッチの当てにくさも対応遅れる一因ではないか？パッチ自体の品質UPが求められる。パッチ適用時の試験だけをやってくれるところがあるといいな。辻さんって今何してるんやろ？って言われないようにしないとな。【チャプター】 | いつもの雑談から | 00:00 | | お便りのコーナー | 02:50 | | (P) Infostealer の管理パネルから情報を得た話 | 13:51 | | (T) 金融機関を騙るフィッシングの状況 | 27:11 | | (N) VulnCheck KEV 2025年まとめ | 46:37 | | オススメのアレ | 63:19 | The post 第289回初のオンライン公開収録やで！スペシャル！ first appeared on podcast - #セキュリティのアレ.

2026-01-261h 08

THREATCON1 Episode 9: Teen Hackers, Billion-Dollar Damage — Zafran’s Yonatan Keller & Nate Rollings on AI Threats RisingIn this episode of ThreatCon1, hosts Tom Bain and Patrick Garrity sit down with Nathan Rollings, Field CISO at Zafran, and Yonatan Keller, Analyst Team Lead at Zafran, for a deep, practitioner-focused conversation on the realities of modern vulnerability management.Together, they explore why patching alone can’t keep up with today’s threat landscape — and how security teams can dramatically reduce risk by prioritizing what actually matters.🔍 Key Topics CoveredWhy patching is too slowThe average enterprise takes ~49 days to patch — while attackers weaponize vulnerabilities in days (or mi...

2026-01-1348 min

RadioCSIRT - Edition Française RadioCSIRT Édition Française – Votre actualité Cybersécurité du mercredi 7 janvier 2026 (Ép. 539)Nous ouvrons cet épisode avec les prévisions de vulnérabilités publiées par FIRST pour 2026. L'organisation anticipe le franchissement du seuil des 50 000 CVE avec une estimation médiane à 59 000 vulnérabilités pour l'année. L'intervalle de confiance à 90% s'établit entre 30 000 et 118 000 CVE, les scénarios les plus probables évoquant une fourchette de 70 000 à 100 000 vulnérabilités. FIRST a revu sa méthodologie en adoptant un nouveau modèle qui intègre le changement structurel observé en 2017 dans les tendances de publication de CVE.BleepingComputer rapporte la publication de correctifs par Veeam pour trois vulnérabilités dans Backup & Replicati...

2026-01-0708 min

THREATCON1 Episode 8: When Offense Meets Defense — How Cybersecurity Teams Reduce Risk Faster | Tyler ShieldsIn this episode of the Threatcon1 Podcast, Tom and Patrick sit down with Tyler Shields, Cybersecurity Strategy Analyst at Omdia, for a wide-ranging conversation on where cybersecurity is heading — and what actually matters to practitioners right now.Tyler brings a rare perspective shaped by years spent across research, offensive security, vendor strategy, and analyst work. Together, they unpack how AI is reshaping cybersecurity workflows, why threat and exposure management is emerging as a critical discipline, and how offensive and defensive security must converge to drive real risk reduction.The discussion dives deep into the realities be...

2025-12-2341 min

Resilient Cyber Resilient Cyber w/ Patrick Garrity - 2025 VulnMgt Research RoundupIn this episode I sit down with my friend and Vulnerability Researcher Patrick Garrity 👾🛹💙 of VulnCheck to do a roundup of the latest trends, analysis and insights into the vulnerability and exploitation ecosystem throughout the past year.We covered a lot of great topics, including:- The most notable vulnerability trends over 2025, including what has changed, or stayed the same in the past year.- Continued challenges around the NIST NVD and CVE, the sprawl of competing vulnerability databases and vulnerability identification schemes, challenges with funding, centralized vs. decentralized approache...

2025-12-1238 min

THREATCON1 Episode 7: The Biggest Cyber Threats Today - Nabil Hannan on Insecure Software, CVEs & AIIn this episode of THREATCON1, Tom and Patrick sit down with Nabil Hannan, Field CISO at NetSPI, AI-focused startup advisor, and host of the Agent of Influence podcast. Nabil shares his unique perspective on today’s most pressing cybersecurity challenges, including:Insecure software and why vulnerabilities are becoming increasingly dangerous in our hyper-connected world.The human factor in cybersecurity: why people often pose a bigger risk than technology itself.Secure by design principles and the hurdles organizations face when trying to implement them at scale.CVE program insights: understanding the gap between published vulnerabilities and real-world threats.Software Bi...

2025-12-0950 min

THREATCON1 Episode 6: From North Korea to LinkedIn: The New Era of Social-Engineered Intrusion with Christine FignarTom and Patrick sit down with Christine Fignar, Cybersecurity Analyst at the Federal Reserve Bank of Minneapolis, to unpack one of the most misunderstood areas of security: insider threats and human-driven risk. Christine’s background spanning aviation, HR, communications, and counterterrorism gives her a rare perspective on stress, behavior patterns, and the subtle signals that often precede incidents.We get into her “Cone of Uncertainty” framework for visualizing how threats form and evolve, discuss hiring fraud, offboarding gaps, nation-state recruitment, and why organizations routinely miss early warning signs. A conversation for anyone looking to better understand, track, and co...

2025-12-0344 min

THREATCON1 Episode 5: Building a Proactive Cyber Strategy with Focus and Cross-team CollaborationTom and Patrick welcomed Simon Goldsmith, CISO, Ovo Energy to the show, to chat about the emerging threat landscape across different industries he’s served in - from the CISO’s perspective. We dig into some of his cyber experiences throughout his career, talk rugby, debate Oasis vs Blur and even drill down into how to counter coordinated nation-state attacks!

2025-11-2442 min

THREATCON1 Episode 4: Cyber Ops Experience Meets Following Industry Money with Mike PrivetteTom and Patrick host Mike Privette, Founder, Return on Security, to get a sense of Mike's perspectives on how he's used his operational background in cyber as a former multi-time CISO to pivot into something entirely different in the cyber market today! Mike brings insights on how he tracks and slices data on all cyber funding and M&A activity with his broad-ranging dataset and his leading newsletter. They cover ground on emerging threats, AI investment in cyber and what pushed him to pursue a unique pivot in his cybersecurity journey!

2025-11-1744 min

THREATCON1 Episode 3: CVE's Emerging Threats and Horror Movies — with Tod Beardsley (RunZero)Tom and Patrick sit down with VP of Security Research, Tod Beardsley. We talk to Tod about his current role leading cyber research at RunZero, his time at CISA, emerging cyber threats he's currently engaged in researching, his perspective on the CVE program and its future - and finally, horror movies, of which Tod is an aficionado and active podcast host himself of Podsothoth: A Lovecraft Book Club. This session isn't THAT scary really...

2025-11-1248 min

THREATCON1 Episode 2: The Ins and Outs of Offensive Cyber with Andrew Boyd In this episode, Tom and Patrick chat with former Director of the CIA’s Center for Cyber Intelligence, Andrew Boyd, about the root of today’s emerging cyber threats to both business and to citizens. They dive into his experience in offensive cybersecurity across multiple former government roles, how he grew his skillset into cyber and experiences in serving the U.S. in many innovation-led cyber capacities, and his current cyber-inspired initiatives.

2025-09-1733 min

THREATCON1 Episode 1: Cyber Summer Break with Jen Easterly In this episode, Tom and Patrick chat with Jen Easterly, former Director of CISA, for the U.S. government. Topics covered range from public-private collaboration efforts to better protect our national security, to her perspectives on defending against threat actors targeting U.S. interests as well as the impact AI is having on cyber today, with a sneak peak into a few of her upcoming key initiatives. And we go to learn how Jen Easterly spent her summer!

2025-09-1730 min

セキュリティのアレ第270回なんでもいろいろほどほどに！スペシャル！Tweet・Best Password Manager for Business, Enterprise & Personal | Bitwarden ・State of Exploitation – A look Into The 1H-2025 Vulnerability Exploitation & Threat Activity | Blog | VulnCheck ・Current Common Vulnerabilities and Exposures ・他社メールソフト等を利用した海外からのアクセスが制限されます | Yahoo!メール新着情報・（7/4追記）【重要】より安全なログイン方法によるアクセスが必須となります | Yahoo!メール新着情報・Cisco Event Response: Vishing Attack Impacting Third-Party CRM System ・The Cost of a Call: From Voice Phishing to Data Extortion | Google Cloud Blog ・Google suffers data breach in ongoing Salesforce data theft attacks ・Protect Your Salesforce Environment from Social Engineering Threats ・麻辣青豆 (マーラー青豆) (1kg) 中国産辻伸弘メモ：蝉の鳴き声って聞きました？ボクに惹かれたのかも。はじめは東名。アドベって読んでた。難儀は難儀やけど関係性構築もいるんちゃうかな。ケブ。昨年比較1割程度の増加。VulnCheckとKEVは通知機能使うといいと思います！CMSは相変らずプラグインなんですね。水曜日のパッチチューズデー。脅威アクター四天王。脆弱性の対処という意味では誰が悪用してくるかってあまり考えなくてもいい場合が多いと思う。積み上げ問題相変らず。言われてみたらそこまで影響があるとも思っていない。悪用の行き渡りも知りたい。脆弱性数よりも悪用の多さで知りたい。CL0Pが利用する脆弱性は一気に沢山行き渡る系。海外からのメールクライアントを制限していく。デフォルトで。より安全。パスワードレスを必須にしていく。不正ログイン後に何をされるんやろか。ビッシングからのCRMからの情報窃取。シスコの割にあっさりしてた。似たような事件の報告が続いていた。色違いのポケモンを狙って捕まえる人のことをシャイニーハンターと言います。6月に注意喚起からの8月に自分たちもと。言葉巧みな攻撃の手口の共有もあまり見ない。これは騙されるわが欲しい。オススメしてよかったんか。【チャプター】 | いつもの雑談から | 00:00 | | お便りのコーナー | 04:50 | | (P) VulnCheck による 2025年上半期の脆弱性悪用レポート | 11:19 | | (N) Yahoo!メールのセキュリティ強化の取り組み | 31:45 | | (T) Vishing による攻撃キャンペーン | 42:27 | | オススメのアレ | 54:32 | The post 第270回なんでもいろいろほどほどに！スペシャル！ first appeared on podcast - #セキュリティのアレ.

2025-08-1159 min

@BEERISAC: OT/ICS Security Podcast Playlist Vulnerability Overload: Making Prioritization Work in the Real World Podcast: Critical Assets PodcastEpisode: Vulnerability Overload: Making Prioritization Work in the Real WorldPub date: 2025-07-20Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, Patrick Miller speaks with Kylie McClanahan, CTO at Bastazo, about the practical (and often messy) realities of patch and vulnerability management in operational technology (OT) environments. Kylie shares grounded insights into patching challenges, the gaps between IT and OT remediation cycles, and the real-world implications of relying too heavily on scoring systems like CVSS.The conversation co...

2025-07-2135 min

Critical Assets Podcast Vulnerability Overload: Making Prioritization Work in the Real WorldIn this episode, Patrick Miller speaks with Kylie McClanahan, CTO at Bastazo, about the practical (and often messy) realities of patch and vulnerability management in operational technology (OT) environments. Kylie shares grounded insights into patching challenges, the gaps between IT and OT remediation cycles, and the real-world implications of relying too heavily on scoring systems like CVSS.The conversation covers CISA’s Known Exploited Vulnerabilities (KEV) catalog, exploring how it’s being used (and possibly misused) in prioritization workflows, and where the disconnects lie between policy directives and operational feasibility. Kylie also critiques the current state of vend...

2025-07-2035 min

Storm Watch by GreyNoise Intelligence 2025 Cybersecurity Report Breakdown: FBI, Mandiant, GreyNoise, VulnCheck Forecast = Scattered phishing attempts with a 90% chance of encrypted clouds. ‍ In this episode of Storm⚡️Watch, the crew dissects the evolving vulnerability tracking landscape and the challenges facing defenders as they move beyond the aging CVE system. The show also highlights the rise of sophisticated bot traffic, the expansion of GreyNoise's Global Observation Grid, and fresh tools from VulnCheck and Censys that are helping security teams stay ahead of real-time threats. In our listener poll this week, we ask: what would you do if you found a USB stick? It's a classic scenario that a...

2025-04-291h 01

SANS Stormcast: Daily Cyber Security News SANS Stormcast Friday, April 25th: SMS Gateway Scans; Comvault Exploit; Patch Window Shrinkage; More inetpub issues; Attacks against Teltonika Networks SMS Gateways Attackers are actively scanning for SMS Gateways. These attacks take advantage of default passwords and other commonly used passwords. https://isc.sans.edu/diary/Attacks%20against%20Teltonika%20Networks%20SMS%20Gateways/31888 Commvault Vulnerability CVE-2205-34028 Commvault, about a week ago, published an advisory and a fix for a vulnerability in its backup software. watchTowr now released a detailed writeup and exploit for the vulnerabilityhttps://labs.watchtowr.com/fire-in-the-hole-were-breaching-the-vault-commvault-remote-code-execution-cve-2025-34028/ Exploitation Trends Q1 2025 Vulncheck published a summary of exploitation trends, pointing out that about a quarter of...

2025-04-2506 min

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)SANS Stormcast Friday, April 25th: SMS Gateway Scans; Comvault Exploit; Patch Window Shrinkage; More inetpub issues; Attacks against Teltonika Networks SMS Gateways Attackers are actively scanning for SMS Gateways. These attacks take advantage of default passwords and other commonly used passwords. https://isc.sans.edu/diary/Attacks%20against%20Teltonika%20Networks%20SMS%20Gateways/31888 Commvault Vulnerability CVE-2205-34028 Commvault, about a week ago, published an advisory and a fix for a vulnerability in its backup software. watchTowr now released a detailed writeup and exploit for the vulnerability https://labs.watchtowr.com/fire-in-the-hole-were-breaching-the-vault-commvault-remote-code-execution-cve-2025-34028/ Exploitation Trends Q1 2025 Vulncheck published a summary of exploitation trends, pointing out that about a quarter of...

2025-04-2506 min $SANS Internet Storm Center\'s Daily Network Security News Podcast$

SANS Internet Storm Center's Daily Network Security News Podcast SANS Stormcast Friday, April 25th: SMS Gateway Scans; Comvault Exploit; Patch Window Shrinkage; More inetpub issues; (#)SANS Stormcast Friday, April 25th: SMS Gateway Scans; Comvault Exploit; Patch Window Shrinkage; More inetpub issues; Attacks against Teltonika Networks SMS Gateways Attackers are actively scanning for SMS Gateways. These attacks take advantage of default passwords and other commonly used passwords. https://isc.sans.edu/diary/Attacks%20against%20Teltonika%20Networks%20SMS%20Gateways/31888 Commvault Vulnerability CVE-2205-34028 Commvault, about a week ago, published an advisory and a fix for a vulnerability in its backup software. watchTowr now released a detailed writeup and exploit for the vulnerability https://labs.watchtowr.com/fire-in-the-hole-were-breaching-the-vault-commvault-remote-code-execution-cve-2025-34028/ Exploitation Trends Q1 2025 Vulncheck published a summary of exploitation...

2025-04-2406 min

Storm Watch by GreyNoise Intelligence 2025 Cyber Breakdown: CrushFTP Chaos, NVD Crisis & North Korean Threats Forecast: Patchy with a 32% backlog surge, CVE squalls causing auth bypass showers, and Lazarus fronts looming—keep your threat umbrellas handy!" 🌩️☔ We're kicking things off with a deep dive into the chaotic world of CVEs. The CrushFTP vulnerability saga is a case study in how bureaucracy can collide with real-world threats. When a critical auth bypass flaw emerged in March 2025, patches rolled out quickly, but the CVE process stumbled—two different identifiers (CVE-2025-2825 and CVE-2025-31161) were assigned by competing firms, VulnCheck and Outpost24. The resulting confusion left organizations scrambling as exploit activity spiked, with Shadowserver tracking ove...

2025-04-081h 02

Cyber Briefing March 19, 2025 - Cyber Briefing👉 What's trending in cybersecurity today?🚨 #CyberAlertsMassive Ad Fraud Campaign Targets Millions with Malicious Apps on Google Play.Source: Alecsandru Cătălin Daj, Adina Mateescu, Albert Endre-Laszlo, Alex Baciu, and Elena Flondor via BitdefenderAI Code Editors Exploited in New Supply Chain Attack Using Rules File BackdoorSource: Ziv Karliner via Pillar SecurityHackers Use New DLL Side-Loading Attack to Distribute Malicious Python CodeSource: Xavier Mertens via Internet Storm Center at SANS Technology InstituteMirrorFace APT Group Expands Targeting to Europe with Sop...

2025-03-1908 min

Storm Watch by GreyNoise Intelligence Hackers Get Glazed: Krispy Kreme's Security Hole & Holiday Cyber Threats Forecast: Glazed skies with Krispy breaches ahead! Holiday phishing flurries, fatigue fog, and scattered Clop showers roll in, with vulnerability storms on the horizon. ‍ On this week's episode of Storm⚡️Watch, we dive into our latest cybersecurity poll results, which revealed fascinating insights about holiday season security concerns. End-of-year tech fatigue emerged as the primary worry among respondents at 38%, while increased phishing scams followed at 34%. Holiday staffing gaps garnered 24% of responses, and supply chain threats rounded out the concerns at 14%. The cybersecurity world got a sweet taste of chaos this week with Krispy Kreme...

2024-12-1754 min

Storm Watch by GreyNoise Intelligence Cyber Festivus 2024: Airing Security Grievances, Driving Action In Your Org, & OPSEC 101 Forecast: Visibility is low with a 43% chance of extended response times. Heavy downpours of healthcare vulnerabilities dominate, with brief breaks of exploit intelligence. ‍ In this week's episode of GreyNoise Storm⚡️Watch, we kick things off with our regular roundtable introductions before diving into some intriguing poll results about cybersecurity metrics. The community weighed in heavily on what drives action in their organizations, with Mean Time to Respond leading the pack at 43% of votes, followed by Mean Time to Detect at 28%. Notably, system patching status came in third at 26%, while the tongue-in-cheek option about whiskey levels in the...

2024-12-101h 03

セキュリティのアレ第244回同音異義と昨年比較！スペシャル！Tweet･サイバーセキュリティ対策かるた一覧 | サイバーセキュリティお助け隊サービス | IPA ･iCloud.comの「メール」で「メールを非公開」を使用する – Apple サポート (日本) ･Firefox Relay ･DuckDuckGo Email Protection | DuckDuckGo Help Pages ･Proton Pass: Free password manager with identity protection | Proton ･Top CVE Trends & Expert Vulnerability Insights | Intel ･Vulnerability feed ･CVE security vulnerability database. Security vulnerabilities, exploits, references and more ･GitHub – TURROKS/CVE_Prioritizer: Streamline vulnerability patching with CVSS, EPSS, and CISA’s Known Exploited Vulnerabilities. Prioritize actions based on real-time threat information, gain a competitive advantage, and stay informed about the latest trends. ･VulnCheck – Outpace Adversaries ･International operation takes down another encrypted messaging service used by criminals | Europol ･Opnieuw versleutelde communicatiedienst criminelen ontmanteld | politie.nl ･辻氏、piyokango氏、根岸氏はセキュリティレポートをどの“断面”で切り取るのか：ITmedia Securi...

2024-12-091h 00

Storm Watch by GreyNoise Intelligence Kansas City Hacking Indictment, ProjectSend Zero-Day & The Greyt Migreytion Forecast: Strong vulnerability management systems roll in, with scattered threat hunting ahead. Brace for ProjectSend exploits and turbulence near Kansas City. ‍ In this episode of Storm⚡️Watch, we explore crucial cybersecurity trends and breaking developments across the industry. Our recent community poll revealed fascinating insights into resource allocation priorities, with Vulnerability Management and Patching emerging as the clear frontrunner, chosen by half of respondents. Threat Intelligence and Hunting secured the second spot with 27.3% of votes, while Security Awareness and Incident Response capabilities tied for third place. Breaking news from Kansas City highlights a signif...

2024-12-031h 02

Secure Ventures with Kyle McNulty Mantis Analytics | CEO Maksym Tereshchenko on Physical and Information SecurityMaksym is CEO and founder of Mantis Analytics, providing holistic security awareness to organizations through a social media monitoring platform. The tool combs media channels to identify risks to a customer's business and escalates alerts accordingly. I thought this would be an interesting opportunity to look at the broader security world to understand some parallels with pure cybersecurity. Maksym worked in business intelligence and product management for two decades before the Ukraine war inspired him to start something that would make a difference. In the episode we talk about the war events leading to the creation of Mantis, the...

2024-12-0342 min

Storm Watch by GreyNoise Intelligence JA4+ Creator Reveals All: Water Systems at Risk & Why NIST is Playing Catch-up Forecast: High pressure systems of infrastructure attacks continues to build over U.S. utilities with scattered exploitation attempts, while the vulnerability forecast shows increasing cloudiness around CPE data availability. ‍ In today's episode, we're diving into network fingerprinting and vulnerability management with some fascinating developments in the cybersecurity landscape. Our featured guest is John Althouse, the creator of JA4+, who has developed an innovative suite of network fingerprinting methods that's making waves in threat detection. JA4+ builds on previous fingerprinting techniques but takes things further with human-readable formats and enhanced detection capabilities. John's work co...

2024-11-191h 01

Storm Watch by GreyNoise Intelligence Disney Menus Hacked, Pacific Rim APT Campaign Exposed, and Zero-Days Found Using AI Forecast: CYBER WEATHER ALERT | Volt Typhoon bringing sustained APT activity across the Pacific Rim. Expect persistent perimeter probing with a 100% chance of state-sponsored shenanigans. Pack your EDR umbrella! ‍ This week's episode tackles a disturbing story from Disney World where a terminated employee allegedly hacked into their menu system to alter critical peanut allergy information. We dig into the attack details then don our tin-foil hats to explore the potential real-world consequences of malicious insider threats. We're excited to share Sophos' latest research on Pacific Rim, an extensive investigation into nation-state adversaries targeting edge de...

2024-11-0556 min

Secure Ventures with Kyle McNulty watchTowr | CEO Ben Harris on Automated Red TeamingBen is founder and CEO of watchTowr, building an external attack surface management tool (EASM) that performs automated penetration testing and red teaming activities. Before founding watchTowr in 2021, Ben worked as a security consultant for a decade focused largely on penetration testing. And as Ben describes in the episode, what started as a combination of cobbled together scripts from his previous experience has since grown into a comprehensive automation platform. Website: https://watchtowr.com/ Sponsor: VulnCheck

2024-11-0534 min

Cyber Morning Call 659 - 1ª vuln encontrada por IA é documentada[Referências do Episódio] [TREND MICRO NO FORRESTER] - https://www.trendmicro.com/explore/forrester-wave-xdr/01054-v1-en-www From Naptime to Big Sleep: Using Large Language Models To Catch Vulnerabilities In Real-World Code - https://googleprojectzero.blogspot.com/2024/10/from-naptime-to-big-sleep.html G700 : The Next Generation of Craxs RAT - https://www.cyfirma.com/research/g700-the-next-generation-of-craxs-rat/ The curious case of the 7777-Botnet - https://gi7w0rm.medium.com/the-curious-case-of-the-7777-botnet-86e3464c3ffd 7777-Botnet Infection Vectors - https://vulncheck.com/blog/ip-intel-7777-botnet Solving the 7777 Botnet enigma: A cyber...

2024-11-0405 min

Secure Ventures with Kyle McNulty Refine Intelligence | CEO Uri Rivner on the Evolution of Fraud Prevention ContinuedUri is co-founder and CEO of Refine Intelligence, which is focused on anti money laundering and check fraud. Uri previously came on the podcast in 2022 and talked about the evolution of fraud prevention over the last 20 years. I re-released that episode back in August because I loved the story so much. At that time, we talked mostly about his previous company, BioCatch, which sold a majority stake to Permira earlier this year at a 1.3 billion dollar valuation. In this episode, we pick up the story with the evolution of fraud over the last few years, including why money laundering...

2024-10-2255 min

Storm Watch by GreyNoise Intelligence Healthcare Data at Risk & Chinese Hackers Exploit 30-Year-Old Law Forecast = Healthcare and telecom under stormy skies—watch for cyber squalls and gusts of disinformation In this episode of Storm⚡️Watch, we dive into the world of cybersecurity with a focus on healthcare and telecommunications. We kick things off with a look at the current state of Internet of Healthcare Things (IoHT) exposures on public-facing networks. A recent study by Censys revealed some alarming findings about the security of DICOM servers, which are used for storing and transmitting medical images. With over 3,800 publicly exposed servers and data from 59 million patients at risk, it's clear that the healthcare indust...

2024-10-151h 00

Cyber Morning Call 643 - Microsoft solta Patch Tuesday de Outubro, corrigindo 117 falhas[Referências do Episódio] October 2024 Security Updates - https://msrc.microsoft.com/update-guide/releaseNote/2024-Oct Following the trail of Flax Typhoon to uncover newly discovered vulnerabilities in Linear Emerge Access Control Devices - https://vulncheck.com/blog/flax-typhoon-linear-merge October Security Update - https://www.ivanti.com/blog/october-2024-security-update Not All Fun and Games: Lua Malware Targets Educational Sector and Student Gaming Engines - https://blog.morphisec.com/threat-analysis-lua-malware Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo N...

2024-10-0903 min

Storm Watch by GreyNoise Intelligence Cyber Chaos Unleashed: Kaspersky's Vanishing Act & CUPS Vulnerability Mayhem Forecast = 50% chance of unexpected software installations followed by scattered UDP packet sprays. ‍ In this episode of Storm⚡️Watch, we follow up on the intriguing 'Noise Storms' that had the cybersecurity community buzzing. Security researcher David Schuetz has made some fascinating discoveries about these mysterious ping packets flooding the internet. His investigation, detailed at darthnull.org/noisestorms/, takes us on a journey through packet analysis, timestamp decoding, and network protocol deep-dives, offering new perspectives on the potential origins of those enigmatic 'LOVE' packets. Our Cyberside Chat segment dives into the recent CUPS daemon vulnerability, explor...

2024-10-011h 01

Storm Watch by GreyNoise Intelligence Bluetooth Mayhem: Firewalls Fail & Insulin Pumps Panic Forecast = Expect heavy BTLE storms with a high chance of UUID leaks. Pack your Faraday umbrellas and watch out for rogue packets raining from the cloud. ‍ On this episode of Storm⚡️Watch, we're diving into some major cybersecurity developments that have been making waves. We'll start by unpacking the ongoing saga of the Columbus, Ohio cyberattack, which has turned into a complex web of legal battles, data leaks, and questions about municipal cybersecurity preparedness. We'll explore how this incident is affecting the city's tech aspirations and what it means for residents' data security. Next...

2024-09-241h 14

Secure Ventures with Kyle McNulty Akeyless | CEO Oded Hareven on Vaultless Secrets ManagementOded is co-founder and CEO of Akeyless, which provides a vaultless secrets management platform for companies to manage their non-human identities. We will talk more about the vault vs. vaultless approach in the episode, but essentially the Akeyless design allows for a SaaS model which dramatically reduces time to value compared to often cumbersome vault implementation. Akeyless last raised a whopping $65 million dollar Series B in late 2022. Before Akeyless, Oded navigated a winding career parth from a Captain in the IDF working on identity management, to professional services, to product management at a B2C transportation technology company, and...

2024-09-2452 min

Secure Ventures with Kyle McNulty Opsin | CEO Oz Wasserman on Access Control for LLMsOz is co-founder and CEO of Opsin, which provides access control capabilities to LLM outputs ensuring users only get appropriate outputs based on their access level. The company was founded earlier this year, but they have already seen strong customer and investor interest given they are aimed at a key roadblock in making gen AI more available within the enterprise. Before Opsin, Oz worked in product management at high profile technology and security companies for most of the last decade, including Fireeye and Abnormal (where he met his co-founder James). In the episode we discuss everything from the origin...

2024-09-1044 min

IT in the D AI's Impact on Security with Patrick Garrity of VulnCheckPatrick Garrity, a security researcher and evangelist at VulnCheck, is back! We discuss his career evolution, vulnerability management, AI’s impact on security, and the recurring nature of security incidences. He also provides insights into the Black Hat conference.

2024-08-2933 min

Secure Ventures with Kyle McNulty Leen | CEO Kabir Mathur on Security Tool Integration HellKabir is co-founder and CEO of Leen, which is creating a unified security API to enable simpler integrations of security tooling. As Kabir will immediately tell you, he has no background in cybersecurity. However, he does have extensive experience with growing partnerships and sales numbers in industries where he has no background. He worked in business development for the last 15 years across a variety of tech companies including NativeX, Kiip, and Typeform. As he tells in the episode, he very carefully and patiently assembled the founding team, and the problem Leen is addressing then emerged as the imperative from...

2024-08-2744 min

Mac Admins Podcast Episode 378: Henry, Allister, & Graham join us on the Mac Admins SOFADeath, taxes and software updates… We deal with a constant stream of updates: Minor, major, N, N-1, N-2. Why do we even have updates? Because software inherently sucks and bad people find ways to exploit the vulnerabilities that they find, or is it that good people find them and disclose them before the bad people get a chance to use them... If simply applying these software updates wasn't hard enough, we also need to understand what devices are eligible for which updates, and may have auditing responsibilities to make decisions as to why and how quickly we need to ap...

2024-08-271h 15

Secure Ventures with Kyle McNulty A Brief History of Cyber Fraud Prevention with Uri Rivner, Co-founder of BioCatch (2022 Rerun)This episode is a re-release of a conversation I had with Uri back in the beginning of 2022. It is truly one of my all-time favorites because of how well he illustrates the evolution of fraud prevention in financial services over time. Rest assured, he will be back on the show soon to talk about his new company which was in stealth at the time of this recording. His new company's website Our sponsor, VulnCheck!

2024-08-1453 min

セキュリティのアレ第231回もう1つのKEVと情報窃取たち～無限電池編～！スペシャル！Tweet・State of Exploitation – A Peek into 1H-2024 Vulnerability Exploitation ・State of Exploitation – A Peek into the Last Decade of Vulnerability Exploitation ・Exfiltration Tools – ReliaQuest ・攻撃者によって窃取されたデータのアンダーグラウンドマーケットでの行き着く先｜トレンドマイクロ | トレンドマイクロ (JP) ・果肉をそのまま食べているようなアイスまるでシリーズ | セブンプレミアム公式辻伸弘メモ：無限なんちゃうかと思う。電池のように私はなりたい。どっちかというと太くて短いタイプ？！国際電話結構きてるのかも。邪魔になることもある。オリジンを知る方法。構成情報管理に脆弱性スキャナを使う是非。VulnCheckの上半期まとめ。CISAのほうは厳密だから少なくなる傾向はあるでしょうね。タイトル見やすくしてほしい。掲載されている脆弱性が自分のところにくるのか問題。超絶限定的なものもありますからね。複雑にならない対応のほうがいいように思ってます。攻撃コード→悪用の流れ。やはり大きな指標なんだ。情報窃取に利用されるソフトたち。コマンドラインは攻撃者の特徴、癖が引数から分かることありますね。Firefox.exe。カナリアの有効性。攻撃者が使ってるのしか見たことない。情報窃取マルウェアの調査。盗まれた情報はすぐに使われるとは限らない。盗む情報と言及回数でスコアリングしてた。VPNの情報ってどれくらいのマルウェアが対応していると思いますか？ヴィーザルだった。いつも読み方迷う。入れ替わり結構ある。上位国の並びに違和感の理由。【チャプター】 | いつもの雑談から | 00:00 | | お便りのコーナー | 05:10 | | (N) VulnCheck レポートから見る 2024年上半期の脆弱性悪用状況 | 15:13 | | (P) データの持ち出しによく使われるツール | 29:32 | | (T) 攻撃者に窃取されたデータの行き着く先 | 45:41 | | オススメのアレ | 60:35 | 収録日: 2024年08月10日The post 第231回もう1つのKEVと情報窃取たち～無限電池編～！スペシャル！ first appeared on podcast - #セキュリティのアレ.

2024-08-121h 05

Secure Ventures with Kyle McNulty BreachRx | CEO Andy Lunsford on Data Privacy and Managing Legal Risk of IncidentsAndy is CEO and co-founder of BreachRx, which provides incident response management tooling to help organizations respond effectively, consistently, and in accordance with legal requirements. Andy has a JD, an MBA, and a philosophy degree, which combine for a unique skillset. He worked in data breach litigation early in his career, and before starting BreachRx he was a Director for a government consulting group specializing in technology litigation. BreachRx ties together his experience across his career, as he is uniquely knowledgable about the legal complications that arise when managing cyber incidents. In the episode, we jump from the evolution...

2024-07-3048 min

Federal Tech Podcast: for innovators, entrepreneurs, and CEOs who want to increase reach and improve brand awareness Ep. 160 What are Known Exploited Vulnerabilities Want to make the most out of your next podcast appearance? https://content.leadquizzes.com/lp/fk1JL_FgeQ Connect to John Gilroy on LinkedIn \https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Donald Rumsfeld is famous for talking about the "unknown unknowns." Well, today we will be a little more specific and focus on some "knowns." Most listeners know that cyber threat companies regularly list vulnerabilities. Jay Wallace estimates VulnCheck alone has a list of 300,000 known threats. The...

2024-07-1829 min

Secure Ventures with Kyle McNulty Bleach Cyber | CEO Craig Goodwin on Cybersecurity for SMBsCraig is co-founder and CEO of Bleach Cyber, which is building a product for small businesses to manage their holistic cybersecurity posture in a streamlined fashion. Before Bleach, Craig was COO and co-founder of Cyvatar which is a cybersecurity as a service offering for SMBs. Craig has 15 years of experience as a CISO or equivalent, including at companies such as Monster.com and Fujitsu. In the episode we touch on his journey from CISO to founder, the comparison of cybersecurity for extremely small businesses to B2C, and the strategy behind their go to market approach currently in-play.

2024-07-1640 min

Secure Ventures with Kyle McNulty SquareX | CEO Vivek Ramachandran on a New Approach to Browser SecurityVivek is the CEO and co-founder of SquareX, which is building a Chrome extension to help users secure their web browser activities. Before SquareX, Vivek founded and led Pentester Academy, one of the leaders in online cybersecurity training. Pentester Academy was acquired by INE, which then led to the birth of SquareX. In the episode we discuss his story of learning penetration testing skills and building educational resources along with the pros and cons of offering an extension-based product compared to a complete browser as seen by others in the space. Website

2024-07-0244 min

Secure Ventures with Kyle McNulty Bfore.ai | CEO Luigi Lenguito on Pre-crime Threat Intelligence Luigi is CEO and co-founder of Bfore.ai, which detects malicious infrastructure before it is used in an attack. The company has two products today under its broader pre-crime technology umbrella, and we talk about those in more detail during the episode. Prior to Bfore.ai, Luigi was a diehard Dell employee. He started in tech support and worked his way to become a VP for solution sales for the EMEA market. He then led EMEA sales for Quest software, which was a spinout from Dell. He left in 2017 after over two decades under the Dell family and thought...

2024-06-1841 min

Secure Ventures with Kyle McNulty Team8's Liran Grinberg on Assessing Cybersecurity VerticalsLiran is one of the founding partners at Team8, one of the most preeminent investors in Israel with over one billion dollars under management. Team8 started in 2014 with a focus on cybersecurity and enterprise technology, and it has since evolved to include investments in fintech and healthcare as well. Before starting Team8, Liran was in Unit 8200 and then worked in product-focused roles at two high-growth tech companies. In the episode we discuss his story of starting such a successful fund at a young age, the opportunity they saw in a foundry model in Israel, and the areas of cybersecurity...

2024-06-0449 min

Cyber Briefing May 24, 2024 - Cyber Briefing👉 What are the latest cybersecurity alerts, incidents, and news? 🚨 #CyberAlerts Microsoft Releases Emergency Update Fix for Windows Server 2019 Bug Source: Microsoft BLOODALCHEMY Malware Update Targets ASEAN Governments Source: ITOCHU Cyber & Intelligence RustDoor Malware Disguised in Courtroom Software in Supply Chain Attack Source: Rapid7 GitLab XSS Vulnerability Swiftly Addressed with Patch Source: Greg Alfaro via GitLab Google Fixes Another Exploited Chrome Zero-Day Source: Google 💥 #CyberIncidents

2024-05-2407 min

CyberBytes: The Podcast CyberBytes: RSA 2024 Edition: VulnCheck with Tom BainToday’s guest is Thomas Bain, CMO @ VulnCheck an Expliot Intelligence Company.Tom was appointed CMO at VulnCheck last year. VulnCheck was recognised as a Top 10 Innovation Sandbox Finalist at RSA 24.In this episode, Tom and I cover: The problem VulnCheck solvesHow VulnCheck is differentiating from its competition and innovating in the VM spaceInsight into what being a Top 10 Sandbox Finalist involvesLearnings from presenting at Innovation SandboxWhat the future holds for VulnCheckTips for future Sandbox Finalists#cyberbytes #VulnCheck #VulnerabilityManagementTom’s LinkedIn: https://www.linkedin.com/in/thomasbain/ VulnCh...

2024-05-2318 min

Secure Ventures with Kyle McNulty Orca Security | CEO and Co-founder Gil GeronGil is co-founder and CEO of Orca Security, one of the leading cloud security platforms on the market today. The company was last valued at 1.8 billion dollars in late 2021. Orca has 8 co-founders, and Gil started as Chief Product Officer before taking the CEO reins last year. We talk more about this dynamic in the episode. Before Orca, Gil worked at Check Point for a decade where he gained experience across a variety of different cutting-edge domains including mobile security, advanced threat protection, and cloud gateway. In the episode, we discuss the commoditization of the...

2024-05-2140 min

Secure Ventures with Kyle McNulty Veracode: Chris Wysopal on the Evolution of AppSecChris is co-founder and CTO of Veracode, an application security powerhouse which was last valued at 2.5 billion in march 2022. The company was founded in 2005 as a code review automation platform, and it has since evolved to be one of the gold standard application security tools. Before founding Veracode, Chris worked as a security researcher and engineer for a decade where he grew frustrated with the manual source code review process. In the episode, we discuss how long it took Chris to believe he had really created something special, the important technical decisions the team made both early on and...

2024-05-0741 min

GRC Academy Why Threat Intel is Essential for Vulnerability Management with Patrick GarrityIn this episode, Jacob speaks with cybersecurity researcher Patrick Garrity!Patrick Garrity is a seasoned security researcher at VulnCheck where he focuses on vulnerabilities, vulnerability exploitation and threat actors.In this episode they discuss the importance of integrating threat intelligence into vulnerability management using the Exploit Prediction Scoring System (EPSS), CISA Known Exploited Vulnerabilities Catalog, and the changes in CVSS 4.0!Here are some highlights from the episode:How Exploit Prediction Scoring System (EPSS) can predict exploitationHow vulnerability scanners integrate EPSSCISA's Known Exploited Vulnerabilities (KEV) CatalogThe national security implications of vulnerability management...

2024-04-3027 min

The Cyber Go-To-Market Talk podcast for cybersecurity sales and marketing teams.RSAC Innovation Sandbox Finalist: VulnCheck with Jay Wallace, VP of Global SalesSend me a text (I will personally respond)In this conversation, we discuss:👉 The unique approach VulnCheck takes to solve cybersecurity issues using less manpower.👉 The role of machine consumable data in accelerating threat response times.👉 How VulnCheck’s innovation has made them a finalist at the RSA conference Innovation Sandbox.About our guest:Jay Wallace, the VP of Global Sales at Vulncheck, brings a rich history of experience in cybersecurity. Jay's expertise is in leading teams that innovate at the forefront of the cybersecurity industry.Connect with our guest:...

2024-04-2916 min

Secure Ventures with Kyle McNulty Uno.ai | Shashank Tiwari on Pivoting a Cybersecurity StartupShashank is CEO and co-founder of Uno.ai, which is building an AI platform for managing GRC activities such as knowledge base usage and audits. I interviewed Shashank on the podcast back in November 2022, and at the time Uno was focused on using AI to automate activities in the SOC. The AI world has changed a lot since November 2022. The company has since pivoted, and in this episode we focus on what triggered the change in vision, what was wrong with the previous solution, and what is attractive about this new GRC use case. ...

2024-04-2347 min

TestGuild News Show Copilot for Testers, GPT-4 Security Testing and More TGNS117Have you seen the new tool being called the coPilot for Testers? How do you run parallel tests on virtualized services What are some of thing's testers can do with GPT-4 to identify and exploit real-world software vulnerabilities. Find out in this episode of the Test Guild New Shows for the week of April 21. So, grab your favorite cup of coffee or tea, and let's do this. Time News Title Rocket Link 0:00 Register for LinkedIn NewsLetter https://links.testguild.com/wwA8x 0:24 Join TestGuild Community https://testguild.me/2qz1x8 1:20 release of Al...

2024-04-2209 min

Secure Ventures with Kyle McNulty Evo Security: Mike Roth on why Target MSP CustomersMike is the CEO and founder of Evo Security, which is building an Identity and Access Management (IAM) solution specifically designed for Managed Service Providers (MSPs). He started the company back in 2018 after leaving behind a private equity fund focused on oil and gas. In the episode, we discuss his transition into cyber from the energy world and what makes Evo uniquely positioned to serve the needs of MSPs given the variety of IAM solutions available on the market today. Evo Security Website: https://www.evosecurity.com/ Sponsor: https...

2024-04-0938 min

Storm Watch by GreyNoise Intelligence Supply Chain Storms Firmware Flurries and Big Tech Trouble In Little China Forecast = Expect a whirlwind of patches with a strong chance of phishing fronts moving in. In this episode of Storm⚡️Watch, we're exploring a plethora of cybersecurity topics that are as turbulent as the weather itself. First is a lively discussion with Nate Warfield from Eclypsium, where we dive into the intricacies of supply chain and firmware safety. Eclypsium's research is pivotal in highlighting critical areas listeners should be aware of, especially concerning supply chain vulnerabilities and firmware-level threats. We're also taking a deep dive into their approach to analyzing CISA's KEV data to understand the...

2024-03-2658 min

Secure Ventures with Kyle McNulty ProtectAI: CISO Diana Kelley on the Dimensions of AI SecurityDiana Kelley is the Chief Information Security Officer (CISO) for ProtectAI. She also serves on the boards of Women in Cybersecurity, The Executive Women’s Forum, InfoSec World, CyberFuture Foundation, TechTarget Security Editorial, and DevNet AI/ML. Diana was Cybersecurity Field CTO for Microsoft, Global Executive Security Advisor at IBM Security, GM at Symantec, VP at Burton Group (now Gartner), a Manager at KPMG, CTO and co-founder of SecurityCurve, and Chief vCISO at SaltCybersecurity.In the episode, we talk about her involvement with all of these different groups and how that has changed over time, plus how and wh...

2024-03-2641 min

The One Network Working With Startups - Lessons From A Career In The Startup WorldJay Wallace, VP of Global Sales at VulnCheck, shares his career journey in the technology and cybersecurity industry. He discusses his experience working at various startups, including Duo Security, LightStep, and Screen. Jay emphasizes the importance of solving old problems and building strong relationships with customers. He also provides insights into hiring and firing in sales organizations and the value of networking. Jay offers mentoring and coaching to individuals entering the SaaS sales market or looking to advance their careers. Takeaways Transitioning from a different industry to tech and startups requires a willingness to learn and...

2024-02-2935 min

SANS Stormcast: Daily Cyber Security News ISC StormCast for Monday, February 12th, 2024MSIX With Heaviliy Obfuscated PowerShell Scripthttps://isc.sans.edu/diary/MSIX%20With%20Heavily%20Obfuscated%20PowerShell%20Script/30636 Too Many Honeypotshttps://vulncheck.com/blog/too-many-honeypots ClamAV Command Injection Vulnerability CVE-2024-20328https://amitschendel.github.io/vulnerabilites/CVE-2024-20328/ ExpressVPN DNS Leakshttps://www.expressvpn.com/blog/windows-app-dns-requests/

2024-02-1205 min

Cyber Morning Call Cyber Morning Call - #467 - 19/01/2024[Referências do Episódio] Russian threat group COLDRIVER expands its targeting of Western officials to include the use of malware - https://blog.google/threat-analysis-group/google-tag-coldriver-russian-phishing-malware/ 7777-Botnet Infection Vectors - https://vulncheck.com/blog/ip-intel-7777-botnet Ivanti Connect Secure VPN Exploitation: New Observations - https://www.volexity.com/blog/2024/01/18/ivanti-connect-secure-vpn-exploitation-new-observations/ Ivanti Connect Secure VPN Exploitation: New Observations - https://www.volexity.com/blog/2024/01/18/ivanti-connect-secure-vpn-exploitation-new-observations/ KB CVE-2023-46805 (Authentication Bypass) & CVE-2024-21887 (Command Injection) for Ivanti Connect Secure and Ivanti Policy Secure Gateways - https://forums.ivanti.com/s/articl...

2024-01-1905 min

Cyber Morning Call Cyber Morning Call - #462 - 12/01/2024[Referências do Episódio] KB CVE-2023-46805 (Authentication Bypass) & CVE-2024-21887 (Command Injection) for Ivanti Connect Secure and Ivanti Policy Secure Gateways - https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US Active Exploitation of Two Zero-Day Vulnerabilities in Ivanti Connect Secure VPN - https://www.volexity.com/blog/2024/01/10/active-exploitation-of-two-zero-day-vulnerabilities-in-ivanti-connect-secure-vpn/ 2024-01 Security Bulletin: Junos OS and Junos OS Evolved: In a jflow scenario continuous route churn will cause a memory leak and eventually an rpd crash (CVE-2024-21611) - https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-a-jflow-scenario-continuous-route-churn-will-cause-a-memory-leak-and-eventually-an-rpd-crash-CVE-2024-21...

2024-01-1206 min

Cyber Briefing December 20, 2023 - Cyber Briefing 👉 What's trending in cybersecurity today? 🚨 #CyberAlerts JaskaGO Malware Targets Windows and macOS Systems Source: AT&T Global Malspam Targets Hotels by Spreading Redline and Vidar Stealers Source: Sophos GitHub Exploited for Malicious Operations by Threat Actors Source: ReversingLabs CISA and the FBI issue Alert on ALPHV Blackcat Affiliates Source: Cybersecurity Infrastructure Security Agency United Arab Emirates Residents Targeted in Identity Theft Smishing Source: Resecurity 💥 #CyberIncidents Kitco.com Temporarily Offline After Cyber Attack In...

2023-12-2009 min

CyberWire Daily 14 million customers and stolen data.A US mortgage company reveals major data breach. Updates from CISA. NSA provides guidance on SBOMs. MongoDB warns customers of a breach. BlackCat/ALPHV is still a market leader, but feeling competitive pressure. Reassessing the effects of Log4shell. The International Committee of the Red Cross calls for restraint in cyber warfare. Ransomware hits a cancer center. Ann Johnson, host of Microsoft Security’s Afternoon Cyber Tea podcast goes beyond basics with her guest Tanya Janca, founder of WeHackPurple. And what can I do to make you take home this chatbot today?Remember to leave us a 5-s...

2023-12-1829 min

セキュリティのアレ第204回ギリギリの紹介ラインがあるんだぜ！スペシャル！Tweet・How Insiders Use Vulnerabilities Against Organizations | CrowdStrike ・NVD – CVE-2022-28958 ・Mirai Variant MooBot Targeting D-Link Devices ・Moobot Uses a Fake Vulnerability – Blog – VulnCheck ・CISA Removes One Known Exploited Vulnerability From Catalog | CISA ・GhostSec offers Ransomware-as-a-Service Possibly Used to Target Israel ・オットーという男 | ソニー・ピクチャーズ公式辻伸弘メモ：アレ何で聴いてる？寝てた？キーホルダーいいなぁ。ボイスクローン使用感。訓練と分かるときの挙動。通知ウザウザ詐欺と言っていただいてありがとうございます。相手にコストをかけさせる。ハードルを増やすことに意味はあると思う。年内！年内だけ！組織内での悪意のない権限昇格。使われた脆弱性は幅広。全部KEVに掲載。ユーザの振る舞いをある程度検知することは必要。「できる」と「する」は違いますね。セキュリティきちんとすることは結果的に組織だけではなく個人を守ることでもあると思ってます。かつて脆弱性と呼ばれたもの。調べてみたら機能しないものだった。削除までえらく時間がかかってる。動作しないって結構あるそうです。コストのかかるアクションを引き起こすこともできちゃう。あります。なのか。ありまぁす。なのか。2015年から活動していた。お金の匂いが強めとなったハクティビストがRaaSを始めた。The Five Familiesってマフィアの名前から取ったのかな。主義主張と関係ないターゲットも許容するのは違和感を覚える。筋金入りのガチギャングではなくてもできつつある？曲がったことが大嫌い♪ 【チャプター】 | 1 | いつもの雑談から | 00:00 | | 2 | お便りのコーナー | 08:18 | | 3 | (N) 内部からの脅威によるインシデント事例 | 20:29 | | 4 | (P) かつて脆弱性だったもの | 36:31 | | 5 | (T) GhostSec の最近の活動状況 | 52:39 | | 6 | オススメのアレ | 65:56 | 収録日: 2023年12月11日The post 第204回ギリギリの紹介ラインがあるんだぜ！スペシャル！ first appeared on podcast - #セキュリティのアレ.

2023-12-121h 11

Cyber Briefing December 5, 2023 - Cyber Briefing 👉 What's the latest in the cyber world today? 🚨 #CyberAlerts Microsoft Alerts to CACTUS Ransomware Surge Using DanaBot Lures Source:Microsoft New Threat Actor AeroBlade Targets U.S. Aerospace Source: BlackBerry New P2PInfect Botnet Variant Targets Routers and IoT Devices Source: Cado Security Russian Military Hackers Exploit Microsoft Outlook Flaw in Poland Source: Microsoft 5,000 Go Repositories Vulnerable to Repojacking Threat on GitHub Source: VulnCheck 💥 #CyberIncidents Florida Water Agency Faces Cyber Atta...

2023-12-0512 min

CyberWire Daily Iran behind attacks on PLCs.The US and Israel attribute attacks on PLCs to Iran. Agent Raccoon backdoors organizations on three continents. XDSpy is reported to be phishing the Russian defense sector. Trends in digital banking fraud. Repojacking Go module repositories. Ann Johnson from Afternoon Cyber Tea speaks with Lynn Dohm, executive director of WiCyS, about the power of diverse perspectives. And when it comes to security, don't look to the stars.CyberWire GuestGuest is Ann Johnson from Afternoon Cyber Tea talking with Lynn Dohm, executive director of WiCyS, about the power of diverse perspectives. Tune...

2023-12-0419 min

Cyber Briefing November 16, 2023 - Cyber Briefing 👉 What's going on in the cyber world today? 🚨 #CyberAlerts FBI and CISA Issue Warning on Rising Rhysida Ransomware Threat Source: Cybersecurity Infrastructure Security Agency UK Regulator Issues Black Friday Warning on Smart Device Security Source: The UK's Information Commissioner's Office (ICO) Critical Vulnerability Patched in SAP Business One Source: SAP VulnCheck Unleashes Advanced Exploits for ActiveMQ Security Alert Source: VulnCheck Microsoft's November Patch Includes Fixes for Zero-Day Vulnerabilities Source: Microsoft 💥 #CyberIncidents Samsung UK...

2023-11-1611 min

Storm Watch by GreyNoise Intelligence Storm⚡️Watch - 10/24/23This episode of Storm Watch begins with introductions of the hosts - Bob, Emily (Censys), Glenn, Remy, and guest Jake Baines (VulnCheck). The hosts discuss two ransomware groups being taken down - the Ukrainian Cyber Alliance taking down Trigona, and RagnarLocker ceasing operations. However, they note ransomware attacks often continue in new forms. The increase in Bitcoin value is also concerning, as it tends to correlate with more ransomware attacks. A significant portion of the podcast focuses on the vulnerabilities in Cisco routers and Citrix systems. The hosts explain the vulnerabilities, provide background, and detail t...

2023-10-241h 11

CyberWire Daily Notes from the cyber phases of two hybrid wars. Alerts on Cisco, Atlassian vulnerability exploitation. Updated guidance on security by design.A bogus RedAlert app delivered spyware as well as panic. BloodAlchemy backdoors ASEAN southeast asian targets. A serious Cisco zero-day is being exploited. Valve implements additional security measures for Steam. A warning on Atlassian vulnerability exploitation. Allies update their security-by-design guide. Ukrainian telecommunications providers hit by cyberattack. Ben Yelin explains attempts to tamp down pornographic deepfakes. Our guest is Ashley Rose from Living Security with a look at measuring human risk. And, as always, criminals see misery as opportunity.For links to all of today's stories check out our CyberWire daily news briefing:

2023-10-1730 min

Storm Watch by GreyNoise Intelligence Storm⚡️Watch - 10/17/23On this episode of Storm Watch the hosts discuss a recent vulnerability in the Cisco IOS software, which they describe as a "legit terrible vulnerability". This vulnerability can be triggered to place an implant on a Cisco device, granting the attacker full access to the device. They emphasize that this is a serious issue and encourage listeners to look into it further. They also discuss a vulnerability in WordPad, which they find surprising given that WordPad is often forgotten about. They note that Microsoft has claimed to have updated WordPad to address this vulnerability and also that Microsoft is...

2023-10-171h 17

Secure Ventures with Kyle McNulty VulnCheck: Anthony Bettini on Converting Vulnerabilities to Exploit IntelligenceAnthony: CEO and founder of VulnCheck, going beyond just vulnerabilities to share exploit intelligence Previously founded FlawCheck, one of the original container security companies, which he sold to Tenable Previously founded Appthority, an early mobile app security company, which was acquired by Symantec Check out the episode for our conversation on his lessons and themes after founding three companies and why he completely ignores the competitive landscape.https://vulncheck.com/

2023-09-1949 min

Cyber Briefing September 19, 2023 - Cyber Briefing 👉 What's the latest in the cyber world today? 🚨 #CyberAlerts AMBERSQUID Cryptojacking Operation Targets Uncommon AWS Services Source: Sysdig Chinese Hacker 'Earth Lusca' Deploys SprySOCKS Linux Backdoor in Espionage Attacks Source: Trend Micro APT36 Hacking Group Deploys Spyware Disguised as YouTube Apps Source: SentinelLabs Advanced Bumblebee Malware Returns with Evolved Tactics Source: Intel471 12,000 Juniper Firewalls Exposed to Critical Remote Code Execution Vulnerability Source: VulnCheck Germany Raises Concerns Over Cybersecurity Risks at Natural Gas Terminals ...

2023-09-1906 min

Cyber Morning Call Cyber Morning Call - #396 - 19/09/2023[Referências do Episódio] - Fileless Remote Code Execution on Juniper Firewalls - https://vulncheck.com/blog/juniper-cve-2023-36845 - 38TB of data accidentally exposed by Microsoft AI researchers - https://www.wiz.io/blog/38-terabytes-of-private-data-accidentally-exposed-by-microsoft-ai-researchers - Microsoft mitigated exposure of internal information in a storage account due to overly-permissive SAS token - https://msrc.microsoft.com/blog/2023/09/microsoft-mitigated-exposure-of-internal-information-in-a-storage-account-due-to-overly-permissive-sas-token/ - Bumblebee Loader Resurfaces in New Campaign - https://intel471.com/blog/bumblebee-loader-resurfaces-in-new-campaign - URL files and WebDAV used for IcedID (Bokbot) infection - https://isc.sans.edu/diary/URL+...

2023-09-1905 min

SANS Stormcast: Daily Cyber Security News ISC StormCast for Tuesday, September 19th, 2023Internet Wide Multi VPN Search from Single /24 Networkhttps://isc.sans.edu/diary/Internet%20Wide%20Multi%20VPN%20Search%20From%20Single%20%2024%20Network/30226 iOS/iPadOS/tvOS/WatchOS Updateshttps://support.apple.com/en-us/HT201222 Juniper Vuln Details/Exploit CVE-2023-36845https://vulncheck.com/blog/juniper-cve-2023-36845

2023-09-1905 min

Cyber Briefing Cyber Briefing - 2023.08.24👉 What's going on in the cyber world today? 🚨 #CyberAlerts Over 3,000 Unpatched Openfire Servers Vulnerable to New Exploit Source: VulnCheck FBI Urges Immediate Action as Barracuda Email Security Appliances Prove Ineffective Source: FBI Roblox Developers Targeted by Malicious npm Packages Featuring Luna Token Grabber Source: ReversingLabs Exposing Profile Stealer Campaign Exploiting LLM-themed Facebook Ads Source: Trend Micro Resurgence of Phishing Attacks Exploiting Open Redirect Flaws Source: Kroll 💥 #CyberIncidents DuoLingo Investigates 2.6M Accounts Sale from Hacking Forum Source: The Observatorial NoName Hackers Unleash Chaos on Norway...

2023-08-2408 min

Cyber Morning Call Cyber Morning Call - #380 - 24/08/2023[Referências do Episódio] - Traders' Dollars in Danger: CVE-2023-38831 zero-Day vulnerability in WinRAR exploited by cybercriminals to target traders - https://www.group-ib.com/blog/cve-2023-38831-winrar-zero-day/ - Time keeps on slippin’ slippin’ slippin’: The 2023 Active Adversary Report for Tech Leaders - https://news.sophos.com/en-us/2023/08/23/active-adversary-for-tech-leaders/ - Exploitation of Openfire CVE-2023-32315 - https://vulncheck.com/blog/openfire-cve-2023-32315 - Lapsus$ teen hackers convicted of high-profile cyberattacks - https://www.bleepingcomputer.com/news/security/lapsus-teen-hackers-convicted-of-high-profile-cyberattacks/ - DoJ charged Tornado Cash founders with laundering more tha...

2023-08-2405 min

SANS Stormcast: Daily Cyber Security News ISC StormCast for Wednesday, August 23rd, 2023Fernet Encryption in Malwarehttps://isc.sans.edu/forums/diary/Have%20You%20Ever%20Heard%20of%20the%20Fernet%20Encryption%20Algorithm%3F/30146/ Malware Triage With Inotify Toolshttps://isc.sans.edu/diary/Quick+Malware+Triage+With+Inotify+Tools/30142/ Adobe Coldfusion Exploitedhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog Openfire Admin Console Vulnerability Exploitedhttps://vulncheck.com/blog/openfire-cve-2023-32315 XLoader Mac Malware Updateshttps://www.sentinelone.com/blog/xloaders-latest-trick-new-macos-variant-disguised-as-signed-officenote-app/

2023-08-2306 min

Cyber Morning Call Cyber Morning Call - #362 - 27/07/2023[Referências do Episódio] - Into the tank with Nitrogen - https://news.sophos.com/en-us/2023/07/26/into-the-tank-with-nitrogen/ - Fake Blockchain Games Deliver RedLine Stealer & Realst Stealer - A New macOS Infostealer Malware - https://iamdeadlyz.gitbook.io/malware-research/july-2023/fake-blockchain-games-deliver-redline-stealer-and-realst-stealer-a-new-macos-infostealer-malware - Apple Crimeware | Massive Rust Infostealer Campaign Aiming for macOS Sonoma Ahead of Public Release - https://www.sentinelone.com/blog/apple-crimeware-massive-rust-infostealer-campaign-aiming-for-macos-sonoma-ahead-of-public-release/ - Exploiting MikroTik RouterOS Hardware with CVE-2023-30799 - https://vulncheck.com/blog/mikrotik-foisted-revisited - Security Bulletin - July 18 2023 - https://confluence.atlassian.com/security/security-bulletin-july-18-2...

2023-07-2705 min

Cyber Briefing Cyber Briefing - 2023.07.26 👉 What's trending in cybersecurity today? ******************************************************************** 🚨 #CyberAlerts ******************************************************************** Zenbleed: Critical AMD Zen 2 Processors Vulnerability Exposes Sensitive Data Source: AMD Sophisticated Mac Malware Targets Apple Computers in Massive Campaign Source: iamdeadlyz Sophisticated DNS-Based Toolkit Decoy Dog in Cyber Operations Source: Infoblox Critical Vulnerabilities in Widely Used Radio Communication Standard TETRA Source: TETRA Casbaneiro Banking Malware Evolves with UAC Bypass Technique Source: Sygnia Critical Vulnerability Exposes up to 900K MikroTik Routers Source...

2023-07-2608 min

Control Loop: The OT Cybersecurity Podcast The IT/OT cultural divide in the federal space.Japan’s largest port disrupted by ransomware. Cl0p breaches Schneider Electric and Siemens Energy. Solar panel vulnerabilities. Threats and risks to electric vehicle charging stations. RedEnergy ransomware and information stealer targets industrial sectors. CISA advisories.Our guest is Christopher Ebley from Blackwood returns to discuss the IT/OT cultural divide in the federal space and IT threats that are impacting OT systems.The Learning Lab continues with part 2 of the 3-part discussion between Dragos’ Mark Urban and Vulnerability Analyst Logan Carpenter talking about vulnerabilities in the OT world.Control Loop...

2023-07-1240 min

Cyber Briefing Cyber Briefing - 2023.07.06 Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday. 👉 What's going on in the cyber world today? ******************************************************************** 🚨 #CyberAlerts ******************************************************************** TeamsPhisher Tool Exploits Microsoft Teams' Unresolved Security Issue Source: InTheCyber Posts LinkedIn-Based Stealer-as-a-Ransomware Threat Targets Energy and Telecom Sectors Source: Zscaler SolarView Monitoring Product Vulnerability Exploited Source: VulnCheck Silentbob Unleashed: Massive Cloud-Native Attack Campaign Threatens Cybersecurity Source: Aqua Critical Linux Kernel Vulnerability: StackRo...

2023-07-0607 min

The Cybersecurity Defenders Podcast #44 - Intel Chat: Fake GitHub repos, NPM poison, Vidar, Mac malware, Tsunami DDOS, Cl0p reward, and the EDR killer: SpyboyIn this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.VulnCheck comes across a malicious GitHub repository that is claimed to be a Signal 0-day.CheckMarx are reporting that Without altering a single line of code, attackers poisoned the NPM package “bignum” by hijacking a S3 bucket.Team CYMRU has released a detailed publication on Vidar infrastructure which encompasses both the primary administrative aspects and the underlying backend. Bit Defender Mac researchers stumbled upon a small set of files with backdoor capabilities that seem to form part of a mor...

2023-06-2443 min

Cyber Morning Call Cyber Morning Call - #335 - 15/06/2023[Referências do Episódio] - Cadet Blizzard emerges as a novel and distinct Russian threat actor - https://www.microsoft.com/en-us/security/blog/2023/06/14/cadet-blizzard-emerges-as-a-novel-and-distinct-russian-threat-actor/ - Understanding Ransomware Threat Actors: LockBit - https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-165a - Fake Security Researcher GitHub Repositories Deliver Malicious Implant - https://vulncheck.com/blog/fake-repos-deliver-malicious-implant [Ficha técnica] Apresentação: Carlos Cabral Roteiro: Carlos Cabral e Daniel Venzi Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garci...

2023-06-1504 min

SANS Stormcast: Daily Cyber Security News ISC StormCast for Thursday, June 15th, 2023Deobfuscating a VBS Script With Custom Encodinghttps://isc.sans.edu/diary/Deobfuscating%20a%20VBS%20Script%20With%20Custom%20Encoding/29940 Every Signature is Broken: On the Insecurity of Microsoft Office s OOXML Signatureshttps://www.usenix.org/conference/usenixsecurity23/presentation/rohlmann How to Manage the Vulnerailbity Associated with CVE-2023-32019https://support.microsoft.com/en-gb/topic/kb5028407-how-to-manage-the-vulnerability-associated-with-cve-2023-32019-bd6ed35f-48b1-41f6-bd19-d2d97270f080 Fake Security Research GitHub Reposhttps://vulncheck.com/blog/fake-repos-deliver-malicious-implant Fortigate Vuln Detailshttps://blog.lexfo.fr/xortigate-cve-2023-27997.html Zoom Updates

2023-06-1505 min

Cyber Briefing Cyber Briefing: 2023.06.14 Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday. 👉 What's trending in cybersecurity today? ******************************************************************** 🚨 #CyberAlerts ******************************************************************** Microsoft's Patch Tuesday: Critical Vulnerabilities Addressed, including Windows PGM Bugs and Exchange Server Exploit. Source: Microsoft Massive Brand Impersonation Campaign Targets Popular Apparel and Footwear Brands. Source: Bolster Adobe Addresses Critical Flaws in Patch Tuesday Updates. Source: Adobe Chinese Hackers Exploit VMware Zero-Day: Backdooring Virtual Machines. Source: Mandiant Fake Researchers' Cybersecurity Charade Exposes...

2023-06-1410 min

Cyber Morning Call Cyber Morning Call - #308 - 05/05/2023[Referências do Episódio] - PaperCut Exploitation - A Different Path to Code Execution - https://vulncheck.com/blog/papercut-rce - Cisco SPA112 2-Port Phone Adapters Remote Command Execution Vulnerability - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-spa-unauth-upgrade-UqhyTWW - CVE-2023-26876: Vulnerabilidade de injeção de SQL encontrada no software de gerenciamento de imagens Piwigo - https://sidechannel.blog/cve-2023-26876-vulnerabilidade-de-injecao-de-sql-encontrada-no-software-de-gerenciamento-de-imagens-piwigo/ - When Good APIs Go Bad: Uncovering 3 Azure API Management Vulnerabilities - https://ermetic.com/blog/azure/when-good-apis-go-bad-uncovering-3-azure-api-management-vulnerabilities/ [Ficha técn...

2023-05-0504 min

SANS Stormcast: Daily Cyber Security News ISC StormCast for Friday, May 5th, 2023Infostealer Embedded in a Word Documenthttps://isc.sans.edu/diary/Infostealer%20Embedded%20in%20a%20Word%20Document/29810 Cisco SPA-112 Vulnerabilityhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-spa-unauth-upgrade-UqhyTWW Fortinet May Updateshttps://www.fortiguard.com/psirt?date=05-2023 PaperCut exploitation - A Different Path to Code Executionhttps://vulncheck.com/blog/papercut-rce

2023-05-0506 min

The Gate 15 Podcast Channel The Risk Roundtable EP: 40. Jen returns! Plus cybersecurity news, Nashville, staying on top of vulnerabilities and more!In the latest episode of the Risk Roundtable, the prodigal cybersecurity expert returns full of wisdom and words Dave admires but can't understand. Jen brings her expertise to the table and talks about 3CX, and staying vigilant. Dave builds upon vigilance talking about Nashville and about the value of taking stock of lessons learned from the latest school shooting. In the quick hits, Jen and Dave talk about protests, severe weather, and more cybersecurity updates. Not to be outdone, Andy pulls it all together and adds in his usual common sense approach and holding the security profession accountable. Then Andy...

2023-04-0552 min

セキュリティのアレ第171回でかエモとカバー範囲のアレタイムズ！スペシャルTweet【関連記事】・小島プレス、サイバー被害から1年苦難乗り越え深めた絆・サプライヤーのシステム障害によるトヨタ自動車の国内全工場停止についてまとめてみた – piyolog ・The VulnCheck 2022 Exploited Vulnerability Report – A Year Long Review of the CISA KEV Catalog – Blog – VulnCheck ・The VulnCheck 2022 Exploited Vulnerability Report – Missing CISA KEV Catalog Entries – Blog – VulnCheck ・マルウェアEmotetの感染再拡大に関する注意喚起・LIL UZI VERT – YouTube 辻伸弘メモ：悩ましい暖かさ。まだ油断できない。見切り発車した花見の思い出。猫と会える喜び。今週長かった。ステッカーは全5種あるんです。カットされた版もあります。新たなステッカーの制作がはじまってます。ウチは大丈夫かの亜種。Soul Scream。何でも無いようなことが。トヨタイムスって言っちゃってますがトヨタイムズですね。丁度一年前に。レンサバでWEBサイト立ち上げ直してた。ホワイトボードは味わい深い。悲劇を学習する。自動化された中身を知る大切さ。明日カレー食べよ。事件で伝わってたことが身に染みた。いざというときの偉い人の立ち居振る舞いって割とキーなんですよね。みんな大好きKEV。カバー範囲の話。初期侵入のために比較的悪用が簡単と思われるがカタログにないもの。しかし、入っていない理由が外からは見えにくい。掲載されているものは危ないが掲載されていないから危なくないとは言い切れない問題。活用する場合はきちんとメリデメはっきりさせておかないといけないですね。セキュリティ利点欠点。活動再開。えもやんは忘れた頃にやってくる。Emotet担当。対策としてはこれまでと大きく変わらない基本的な部分ですね。まじでzoneid変えないアーカイバ使ってください。飽きてきたところがスタートライン。根岸さんに聴いていただきたい。あっさりおすすめ。収録日: 2023年03月12日The post 第171回でかエモとカバー範囲のアレタイムズ！スペシャル first appeared on podcast - #セキュリティのアレ.

2023-03-141h 00

The Gate 15 Podcast Channel Weekly Security Sprint EP 10. Happy Birthday to DHS, protests, cyber threats, and more.In this week's Security Sprint, Dave and Andy talked about the following topics: National Cybersecurity Strategy: White House: FACT SHEET: Biden-⁠Harris Administration Announces National Cybersecurity Strategy, 02 Mar Gizmodo: I Read the Biden Administration’s New Cyber Policy So You Don’t Have To, 04 Mar US House Committee on Homeland Security: Green, Garbarino Statement on the Release of the National Cybersecurity Strategy, 02 Mar Risky Biz News: White House unveils National Cybersecurity Strategy, 02 Mar CISA Readout: Director Easterly Visits Carnegie Mellon University, Calls for “Radical Change” for Technology Product Safety in Major Address, 27 Feb Industrial Cyber: National Cybersecurity S...

2023-03-0726 min

Enterprise Security Weekly (Video)Deepwatch Series C, SPAC Fads, LastPass, & Tyler Trades Adrian's Info for Chocolate - ESW #307This week in the Enterprise News: Deepwatch Announces $180 Million in Investments, VulnCheck Raises $3.2 Million to Solve Prioritization Challenge for Enterprise, Government and Cybersecurity Solution Providers, Zscaler to Acquire Israeli Startup Canonic Security, Palo Alto Q2 Fiscal Year 2023 Earnings Call, Tech’s hottest new job: AI whisperer. No coding required, How data breaches affect stock market share prices, & Kenyan Innovator Creates Smart Gloves That Translate Sign Language Into Audible Speech! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw307

2023-03-031h 06

Enterprise Security Weekly (Audio)ESW #307 - Raffael Marty, Jim RouthThe MSP space has undergone a lot of changes in the past few decades, with the emphasis on security increasing dramatically in the last 5-10 years. We discuss how ConnectWise, which builds and sells solutions to MSPs, has tackled this challenge. We'll be asking questions both from Raffael's point-of-view, selling to MSPs, but also from the customer point-of-view - small to medium businesses with a need to outsource IT and security functions. Today, we talk to Jim Routh - a retired CISO who survived the job for over 20 years! He'll be sharing some wisdom with u...

2023-03-032h 29

セキュリティのアレ第167回 LINEスタンプ3回のリジェクト乗り越え販売開始だ！スペシャルTweet【関連記事】・セキュリティのアレ 001 – LINE スタンプ | LINE STORE ・Analysis Report on Malware Distributed via Microsoft OneNote – ASEC BLOG ・Rapid7 observes use of Microsoft OneNote to spread Redline Infostealer | Rapid7 Blog ・OneNote Documents Increasingly Used to Deliver Malware | Proofpoint US ・Detecting OneNote Abuse | WithSecure Labs ・Who to Trust? National Vulnerability Database CVSS Accuracy Issues – Blog – VulnCheck ・脆弱性対応に見る現在の課題と対策〜情報セキュリティワークショップin越後湯沢2022 ナイトセッション参加レポート part.2〜 | SBテクノロジー (SBT) ・Improve identity strategy with Microsoft – Microsoft Security Blog ・Microsoft Investigation – Threat actor consent phishing campaign abusing the verified publisher process – Microsoft Security Response Center ・甘平 – Wikipedia 辻伸弘メモ：丁度武器になりそうな最強の靴べら。透明性の高い靴べらもいただきました！基本は忘れがちだけどいつまでも大事。お二人が使っている広告ブロッカー。スパイススワイプ。LINEスタンプの件。OneNoteの悪用。これまでの手法の脅威レベルが下がっている中。実行してしまったときの動きに注目しよう。謎仕様。初めてちゃんと使った。しっかり守れていたとしても人を介するものなので知ってもらうことは大事。CVSSはどれだけ正確なのだろうか。テレショッピング記事。実質基本値だけどそこもちょっと。「自分が」判断するための材料。IDを狙う攻撃の4分類。秒間go。通知うざうざ詐欺覚えてね！コンセントフィッシング。SNSのアプリ連携みたいな。エンプラとコンシューマアカウントどっちがハッキング率が高いでしょうか？長年故の注意喚起の難しさ。対策してもらうという姿勢で。ふるさと納税での発見。収録日: 2023年02月05日The post 第167回 LINEスタンプ3回のリジェクト乗り越え販売開始だ！スペシャ

2023-02-0759 min