#12 - Simply Cyber Report for December 28. Plus an interview with Jason Chan, former VP of Security at Netflix.

New vulnerability found in WooCommerece Gift Cards Premium Wordpress plugin with CVSS score of 9.8.

Fin7 has developed an AI-powered automated attacking tool called Checkmarks. Checkmarks is designed to auto-attack ms exchange systems, perform post exploitation actions, and grab enough data to allow FIN7 to understand their victim.

Raspberry Robin has a new feature. This version of Raspberry Robin has two payloads, one designed to be discovered if the malware believes it's being analyzed in a sandbox. This fake payload look legit including looking at the registry on start up to check for infection, pulling down an adware named 'browserassist'. This payload has shellcode and a PE file with the MZ magic bytes removed to hide its not a PE file.

Plus an interview with Jason Chan, former VP of Information Security at Netflix  about how he helped build their security program from the ground up.

The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.