Sveriges mest populära poddar
The Cybersecurity Defenders Podcast
NyheterTeknologi

#110 - Intel Chat: Lazarus Group, tunnelling with QEMU, ScreenConnect & CISA breach

35 min15 mars 2024

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.

  • North Korean threat actors known as the Lazarus Group exploited a zero-day in the Windows AppLocker driver to gain kernel-level access and turn off security tools, allowing them to bypass noisy Bring Your Own Vulnerable Driver techniques.
  • Researchers observed threat actors run the Angry IP Scanner, followed by some Mimikatz functions, and then the kicker, the open-source QEMU hardware emulator and virtualizer.
  • Threat actors have been observed installing RMM tools as a means of maintaining persistence within a compromised organization.
  • Hackers breached some of the systems belonging to CISA in February through some known vulnerabilities in Ivanti products.

Fler avsnitt av The Cybersecurity Defenders Podcast

Visa alla avsnitt av The Cybersecurity Defenders Podcast
Anthropic restriction, ServiceNow incident, Fortinet credential harvesting & Ukraine accesses EU cyber reserve / Intel Chat [#333]
35 min
Last call for Defenders - How we're actually using AI in the SOC with Eric Capuano / Defender Fridays [#332]
37 min
FFmpeg's 21 zero-days, Ruby cooldown feature, Microsoft disrupted by Shai-Hulud worm & Meta AI tool compromise / Intel Chat [#331]
29 min
AI-assisted SOC training with Carlo Anez / Defender Fridays [#330]
32 min
Building practical blue team skills using AI-assisted SOC training with Bobby Ford/ Defender Fridays [#329]
31 min
"Megalodon" Malware in GitHub, Malware-Slop steals from Claude AI, 7-Eleven breach & CISA cPanel vulnerability / Intel Chat [#328]
29 min
From PentestGPT to production: The state of AI-assisted offensive security with Charles Grandjean / Defender Fridays [#327]
30 min
GitHub repositories compromised, Webworm targets Europe, fake Outlook & cybercriminal VPN / Intel Chat [#326]
24 min
How analysts use cognitive reasoning in investigations with Chris Sanders / Defender Fridays [#325]
33 min
"Dirty Frag", Canvas ransomware attack, “Mini Shai-Hulud” malware campaign & AI-developed zero-day exploit / Intel Chat [#324]
29 min

The Cybersecurity Defenders Podcast med LimaCharlie finns tillgänglig på flera plattformar. Informationen på denna sida kommer från offentliga podd-flöden.