Fake Browser Updates, Atlassian RCE Exploit, glup-debugger-log
In today’s episode, we discuss fake browser updates distributing BitRAT and Lumma Stealer via Discord (https://thehackernews.com/2024/06/beware-fake-browser-updates-deliver.html), a malicious npm package targeting Gulp...
Linux Vulnerability Exploits, Ticketmaster Breach, Snowflake Compromise
In today’s episode, we cover the critical Linux vulnerability CVE-2024-1086 being actively exploited and urge users to patch immediately (https://arstechnica.com/security/2024/05/federal-agency-warns-critical-linux-vulnerability-being-actively-exploited/). We also...
Mystery Malware Destroys 600,000 Routers, and CISOs Under Board Pressure, FlyingYeti Exploits WinRAR Vulnerability
In today’s episode, we explore the FlyingYeti campaign exploited by using a WinRAR vulnerability (CVE-2023-38831) to deliver COOKBOX malware in Ukraine, detailed...
Open Source Tool Defeats Ransomware, StackOverflow users push malicious Python packages, Are you in the 911 S5 botnet?
In today’s episode, we explore how cybercriminals exploited StackOverflow to promote the malicious Python package “pytoileur” aimed at cryptocurrency theft (https://thehackernews.com/2024/05/cybercriminals-abuse-stackoverflow-to.html). We...
Harry Coker Jr. Bolsters Security for Critical Infrastructures in Auburn Keynote
In today’s episode, we discuss the White House’s call for critical cybersecurity assistance for sectors like healthcare and water utilities (https://www.cybersecuritydive.com/news/white-house-seeks-critical-cyber-assistance-for-water-utilities-healthcare/716942/), analyze...
Windows Recall Feature Takes Secret Screenshots, Microsoft President to Testify Before Congress, Disconnect Public Facing ICS Devices
In today’s episode, we discuss Microsoft President Brad Smith’s upcoming testimony before Congress regarding security shortcomings (source: https://www.cybersecuritydive.com/news/microsoft-president-congressional-hearing/716847/), dive into the privacy...
70% of Water Utilities Vulnerable to Cyber Attack, GitHub Enterprise Server, Python, and Firefox Vulnerabilities
In today’s episode, we explore a critical GitHub Enterprise Server vulnerability (CVE-2024-4985) that allows authentication bypass and the necessary updates for protection...
Essential Personal Security Tips: A Practical Guide
Essential Personal Security Tips: A Practical Guide In today’s digital age, personal security is more important than ever. Here are the essential...
Deceptive Deepfake Cyber Scheme: Arup’s Wake-Up Call Against North Korean IT Workers
In today’s episode, a UK engineering firm Arup was scammed of £20m through a deepfake incident where an employee fell victim to...
Invisible Threats: SSID Confusion, Kimsuky, Malware
In today’s episode, researchers unveiled a new security vulnerability dubbed SSID Confusion attack exploiting a flaw in the IEEE 802.11 Wi-Fi standard,...