The 443 - Security Simplified

https://youtu.be/GzZkXckK3Nk This week on the podcast, we give an update on last week's discussion around a China-based APT targeting government organizations. After that, we cover the latest uses of generative AI like ChatGPT by malicious hackers. Finally, we end with a report from Google on their efforts around Red Teaming Artificial Intelligence systems.

https://youtu.be/I-RjOTEJwZ0 This week on the podcast we cover two stories that came out of Microsoft's July Patch Tuesday. The first involves an incident within Microsoft that lead to foreign cybercriminals compromising the email accounts of multiple government agencies. The second story involves an actively exploited 0-day vulnerability in Office that at the time of recording, remains unpatched.

https://youtu.be/wXqymd_pLOU This week on the podcast, we cover WatchGuard Threat Lab's Internet Security Report for Q1 2023. Throughout the episode, we'll discuss the key trends for cyber threats impacting small and midsize organizations globally including the top malware and network attach detections as well as a look specifically at the endpoint. We round out the episode with key defensive takeaways you can take back to your organization to defend against these threats.

https://youtu.be/DYam7E96dgc On this week's podcast we discuss a recent analysis on the risks of GitHub RepoJacking. After that, we dive in to the Barracuda 0-day that China-based threat actors are actively exploiting as well as a novel command and control distribution method for a separate China-based APT.

https://youtu.be/KOBaZcDg0tY This week on the podcast we cover a supply chain attack of sorts against Minecraft gamers. After that, we cover a vulnerability in MOVEit Transfer that threat actors are exploiting in the wild to steal data and deploy ransomware. Finally, we wne with our review of the latest Verizon Data Breach Investigations Report (DBIR).

https://youtu.be/PZWaRaguDTI This week on the podcast, we give a quick update on the latest Volt Typhoon activity before covering a newly for sale EDR bypass tool. After that, we discuss Gigabyte's decision to rootkit their own motherboards before ending with a new macOS vulnerability.

https://youtu.be/loUDfzGTaiE This week on the podcast, we cover Microsoft's latest refresh of naming conventions for advanced persistent threat (APT) actors worldwide, as well as an update on two specific threat actors and their latest tactics. We also cover a ransomware event targeting a biotechnology company with an interesting twist.

https://youtu.be/W57_CpRSFEA This week on the podcast, we cover the recent TikTok ban coming from the state of Montana and discuss whether it was justified and what the potential security impact is. Before that, we give an update on two US Supreme Court cases that were poised to potentially strip away Section 230 protections. We also highlight a new phishing-as-a-service (PaaS) platform that has yet again lowered the barrier for executing sophisticated attacks.

https://youtu.be/-asU7Sd24gg This week on the podcast, Marc kick's Corey off the podcast and interview's ChatGPT to learn its thoughts on AI applications in cybersecurity, both on offense and defense.

https://youtu.be/PoEXinvhMVQ This week on the podcast, we cover two new malware research pieces, including the latest evolution of a delivery vehicle as old as time. After that, we cover recent regulations in the healthcare industry that have a chance to push the industry to a more secure future.

This week on the podcast, we cover a recently discovered macOS malware attack that uses a multi-stage delivery mechanism. Before that, we discuss an actively-exploited vulnerability in the print management software PaperCut, as well as an update on the 3CX supply chain attack.

This week's podcast comes from the WatchGuard Apogee partner conference for the Americas where we bring on special guests Kevin Willette of Verus Corporation and Neil Holme of Impact Business Technology to discuss the challenges and opportunities MSPs and MSSPs will face in the coming years. This is the first of a multipart series where we explore similar questions around the world.

https://youtu.be/vzTpECddZRg This week on the podcast, we cover two new publications out of CISA. First, we dive into CISA's guidance to manufacturers and customers on products that are secure-by-design and secure-by-default. Next, we discuss CISA's latest Zero Trust Maturity Model which any organization can use to gauge how far along they are on the ZTA path and where the should focus their efforts next. Finally, we end wit some research from Blaze Information Security on a series of vulnerabilities in a play-to-earn blockchain game. You can view more information on the CISA guidance as well as Blaze Lab's full blog post at the links below: - https://www.cisa.gov/sites/default/files/2023-04/zero_trust_maturity_model_v2_508.pdf - https://www.blazeinfosec.com/post/hacking-play-2-earn-blockchain-games-manarium

This week on the podcast, we discuss another cybercrime marketplace takedown dubbed Operation Cookie Monster. After that, we discuss Microsoft's attempts to limit the distribution of a popular hacking toolkit. Finally, we discuss a recent analysis by Dr. Ken Tindell of Canis Automotive Labs around how criminals were able to steal his friend's Toyota Rav4. You can view Dr. Ken Tindell's full blog post here: https://kentindell.github.io/2023/04/03/can-injection/

This week on The 443, we discuss the latest software supply chain attack with a potential blast radius of thousands of organizations. Then we cover a new protocol vulnerability in the Wi-Fi wireless standard before ending with some research into insecure Microsoft Azure applications.