Podme logo
HjemOppdagKategorierSøkStudent
7MS #459: Cyber News - Microsoft Exchange Makes the World Cry Edition

7MS #459: Cyber News - Microsoft Exchange Makes the World Cry Edition

01:03:192021-03-17

Om episode

Happy mid-March! Our good pal Gh0sthax joins us today for another hot dish of cyber news! Stories include: Microsoft Exchange cyber attack - Hacker News has a nice what we know so far story, but things have evolved really fast, so make sure you check Microsoft's primary advisory, the script to run on local servers and newer updates such as the recent one-click remediation for unsupported Exchange versions SonicWall zero day - yuck, looks like the SonicWall troubles we talked about recently were a true zero day. In contrast to the Exchange story, it looks like SonicWall's official response offers (frighteningly?) little by way of logs and forensics to tell if you were truly popped. Either way, be sure to patch! Hackers attempt to contaminate Florida town's water supply - the story itself is interesting, but the way it got picked up by some outlets seems to send the message of "TeamViewer = bad" but we think the true lessons learned here are: Out of date and/or unsupported OS = bad Weak credentials = bad Connecting this type of equipment directly to the Internet instead of MFA + VPN = bad CISA has a great breakdown of this incident as well. Webshell use has doubled since last year - this article brings back some happy/frustrating OSCP experiences. To better protect your org from being pwned with Web shells, check out NSA's list of vulnerabilities commonly exploited to plant web shells Some great feedback from the last cyber news episode - a podcast listener offered a different take on the "sudo bug that gives root access story" that we discussed last month.

logo

PODME

INFORMASJON

  • Om informasjonskapsler
  • Generelle vilkår
  • Personvernerklæring

LAST NED APPEN

app storegoogle play store

REGION

flag
  • sweden_flag
  • norway_flag
  • finland_flag
redaktorsansvar

Podme arbeider etter Vær Varsom-plakatens regler for god presseskikk. Ansvarlig redaktør og daglig leder er Kristin Ward Heimdal. Redaktør for eksterne innholdssamarbeid er Mathias Thaulow Lisberg.

© Podme AB 2024