Sveriges mest populära poddar

Storm⚡️Watch by GreyNoise Intelligence

ALPHV/BlackCat: BUSTED!?, Lazarus' Log4j Larks, Stopping Cloud Attackers Cold With The "AWS Kill Switch"

69 min • 12 december 2023

In this episode of Storm⚡️Watch by GreyNoise Intelligence, we discuss the rumored takedown of the ALPHV/BlackCat ransomware site, which has been offline for days, fueling speculation that law enforcement may have finally caught up with the prolific ransomware group.  ​ We then delve into the North Korea-linked Lazarus Group's exploitation of the Log4j vulnerability in a global campaign targeting companies in the manufacturing, agriculture, and physical security sectors. This deep-dive Breaking News segment will shed some light on why attackers are still going after this two-year old weakness, and also discuss how attackers are using modern programming languages to gain efficiencies and thwart detections. ​ In our Tool Time segment, we explore the AWS Kill Switch, an open-source incident response tool for quickly locking down AWS accounts and IAM roles during a security incident.  ​ Our Shameless Self-Promotion segment drops details on upcoming GreyNoise webinars, Censys' new service tier, and a GreyNoise Labs blog on use of GreyNoise EAP sensors for novel exploitation discovery for CVE-2023-47246.  ​ Along with our CISA KEV roundup we provide a short readout on their Fourth Quarter Cybersecurity Advisory Committee Meeting and new CISA, jointly published guide on "The Case for Memory Safe Roadmaps". ​

Episode Slides >>

Join our Community Slack >>

Learn more about GreyNoise >>

 

Förekommer på
00:00 -00:00