In this episode of Storm Watch, the hosts were joined again by Emily Austin, a senior researcher from Censys, and Daniel Grant, a principal data scientist at GreyNoise. They discussed the SIFT tool, a new product from GreyNoise, and its potential applications in the field of cybersecurity.
The hosts began by discussing a recent Microsoft report that suggested basic security hygiene could protect against 99% of attacks. They highlighted the importance of multi-factor authentication, zero trust, and patching as key elements of this basic security. The hosts also noted that 80% of ransomware compromises occur via unmanaged devices, emphasizing the need for organizations to prioritize their security efforts.
Next, they discussed a recent vulnerability in Confluence, a popular team collaboration software. The vulnerability, which was exploited as a zero-day, allowed remote attackers to create new users. The hosts stressed the importance of auditing user accounts, even after patching, to ensure that no unauthorized users were created during the exploit.
The hosts then turned their attention to the impact of a cyber attack on Clorox. The company has predicted a significant drop in sales due to the attack, which the hosts speculated might have been timed to coincide with flu season, a high-demand period for Clorox products.
The episode also covered a new vulnerability in the HTTP/2 protocol, which could potentially be exploited for a denial-of-service (DoS) attack. The hosts noted that currently, the best protection against this type of attack is a DDoS mitigation service.
Finally, the hosts discussed the addition and removal of certain devices from the Known Exploitable Vulnerabilities (KEV) list. They noted that the MeetingOwl, a device they had previously discussed, had been removed from the list. The hosts concluded the episode by emphasizing the importance of basic security measures and the role of cybersecurity professionals in protecting against threats.