Sveriges mest populära poddar

Storm⚡️Watch by GreyNoise Intelligence

Malware Infected Toothbrushes, Spyware Crackdown and, LOLBins

66 min • 13 februari 2024

In this episode of Storm⚡️Watch, we explore the captivating toothbrush scandal that's been stirring discussion within the infosec community. We dissect the narrative surrounding three million malware-infected smart toothbrushes allegedly manipulated into orchestrating a Swiss DDoS attack, an incident that has gained traction on platforms like InfoSec Exchange and Tom's Hardware.

We then delve into the serious implications of Google's latest Spyware Report and the subsequent joint statement from various governments on the efforts to counter the proliferation and misuse of commercial spyware. These documents shed light on the alarming state of surveillance and the actions being taken at the highest levels to address these concerns.

The episode continues with an analysis of the Volt Typhoon and a critical infrastructure blog post by Censys, highlighting the vulnerabilities in critical infrastructure security. This discussion is particularly timely given the recent compromise of U.S. critical infrastructure by state-sponsored actors, as reported by CISA and Lawfare Media.

Canon's recent security update is also on our radar, with the company patching seven critical vulnerabilities in small office printers. This serves as a reminder of the ever-present need for vigilance in the realm of cybersecurity.

We also cover CISA's guidance on 'Living Off The Land' tactics and the innovative 'Living Off The False Positives' project, which offers a fresh perspective on managing false positives in security monitoring.

For those interested in malware tracking, we discuss Censys' Beginner’s Guide to Tracking Malware Infrastructure, a valuable resource for anyone looking to enhance their threat intelligence capabilities.

GreyNoise's contributions to the fight against ransomware are highlighted through their blog post detailing the tagging system used to battle these threats. Additionally, we touch upon the Flipper Zero controversy in Canada and the open-source SDR tech debate, as well as the latest happenings in the GreyNoise Community Forum and the Centripetal webcast.

We wrap up the episode with a look at the recent tags and active campaigns visualized on GreyNoise's platform and a roundup of the Known Exploited Vulnerabilities (KEV) catalog by CISA.

Episode Slides >>

Storm Watch Homepage >>

Learn more about GreyNoise >>

 

Förekommer på
00:00 -00:00