Sveriges mest populära poddar

Storm⚡️Watch by GreyNoise Intelligence

Storm⚡️Watch - 10/24/23

71 min • 24 oktober 2023

This episode of Storm Watch begins with introductions of the hosts - Bob, Emily (Censys), Glenn, Remy, and guest Jake Baines (VulnCheck). 

The hosts discuss two ransomware groups being taken down - the Ukrainian Cyber Alliance taking down Trigona, and RagnarLocker ceasing operations. However, they note ransomware attacks often continue in new forms. The increase in Bitcoin value is also concerning, as it tends to correlate with more ransomware attacks.

A significant portion of the podcast focuses on the vulnerabilities in Cisco routers and Citrix systems. The hosts explain the vulnerabilities, provide background, and detail the work done by their teams to analyze the issues. They are critical of Cisco's disclosure and patching process. 

The hosts discuss the recent Okta breach, criticizing their response time and communication process. They explain how the breach occurred via access to support systems, and compromised session tokens and HAR files. The hosts emphasize the sensitivity of HAR files.

Other topics covered include:

  • Recent Citrix vulnerability
  • Attackers targeting exposed Jupyter notebooks
  • MGM Resorts data breach notification letters finally reaching Maine residents
  • New open source tool Precursor for payload analysis

The hosts close out with recommendations for tabletop incident response exercises, favorite Halloween candies, and a plea for better security awareness and coordination across the industry.

This Episode's Slides >>

Join our Community Slack >>

Learn more about GreyNoise >>

 

 

Förekommer på
00:00 -00:00