Episodios

  • TeamViewer APT29 Attack, Zero-Click Outlook RCE Vulnerability, CISA Takedown of Ivanti Systems

    TeamViewer APT29 Attack, Zero-Click Outlook RCE Vulnerability, CISA Takedown of Ivanti Systems
    Jul 16 2024
    The guys are back for another episode of the Hackle Box—a monthly conversation between information security experts about new and noteworthy exploits.

    This time, they discuss Midnight Blizzard, a zero-click Outlook vulnerability, and CISA's takedown of Ivanti Systems.

    Links:
    Network Segmentation Saved TeamViewer From APT29 Attack https://www.darkreading.com/cyberattacks-data-breaches/teamviewer-network-segmentation-apt29-attack

    Zero-Click Outlook RCE Vulnerability - Project Hyphae
    https://projecthyphae.com/threat/zero-click-outlook-rce-vulnerability/

    CISA Takedown of Ivanti Systems Is a Wake-up Call
    https://www.darkreading.com/vulnerabilities-threats/cisa-takedown-ivanti-systems-is-wake-up-call

    Please like, subscribe, and follow us on social!
    Facebook: https://www.facebook.com/frsecure/
    Twitter: https://twitter.com/frsecure/
    Instagram: https://www.instagram.com/frsecureofficial/
    LinkedIn: https://www.linkedin.com/company/frsecure/

    About FRSecure
    https://frsecure.com/
    FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can’t do it alone. Whether you’re wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.
    Más Menos
    58 m
  • Police Troll LockBit, Microsoft Holds Execs Accountable for Security

    Police Troll LockBit, Microsoft Holds Execs Accountable for Security
    May 13 2024
    The guys are back for another episode of the Hackle Box—a monthly conversation between information security experts about new and noteworthy exploits.

    This time, they discuss critical Citrix flaws, fake journalists stealing data, Microsoft holding execs accountable for security, police trolling a ransomware gang, and more.

    Links:

    Citrix Addresses High-Severity Flaw in NetScaler ADC and Gateway
    https://thehackernews.com/2023/10/critical-citrix-netscaler-flaw.html

    Apt42 Pose As Journalists, Harvest Credentials, Access Cloud Data
    https://attackfeed.com/apt42-hackers-pose-as-journalists-to-harvest-credentials-and-access-cloud-data-infothehackernews-com-the-hacker-news/

    Microsoft Will Hold Execs Accountable for Cybersecurity
    https://www.darkreading.com/cloud-security/feds-microsoft-clean-up-cloud-security-act

    Burnout Is Pushing Workers to Use AI—Even If Their Boss Doesn’t Know
    https://www.wired.com/story/ai-workers-burnout-microsoft-linkedin/

    Police Resurrect LockBit's Site and Troll the Ransomware Gang | TechCrunch
    https://techcrunch.com/2024/05/06/police-resurrect-lockbits-site-and-troll-the-ransomware-gang/

    US Indicts LockBit Ransomware Ringleader, Offers $10 Million Reward
    https://www.theverge.com/2024/5/7/24151493/us-lockbit-ransomware-ringleader-indictment-reward

    Please like, subscribe, and follow us on social!

    Facebook: https://www.facebook.com/frsecure/
    Twitter: https://twitter.com/frsecure/
    Instagram: https://www.instagram.com/frsecureofficial/
    LinkedIn: https://www.linkedin.com/company/frsecure/

    About FRSecure https://frsecure.com/

    FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs.

    These fundamentals are lacking in our industry, and while progress is being made, we can’t do it alone. Whether you’re wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.
    Más Menos
    55 m
  • AI-Written Malware, XZ Utils, Attackers Target Hospital Help Desks

    AI-Written Malware, XZ Utils, Attackers Target Hospital Help Desks
    Apr 16 2024
    The guys are back for another episode of the Hackle Box—a monthly conversation between information security experts about new and noteworthy exploits.

    This time, they discuss AI-written malware, XZ Utils, and attackers targeting hospital IT help desks.

    Links:

    XZ Utils scare
    https://www.darkreading.com/application-security/xz-utils-scare-exposes-hard-truths-in-software-security

    Change Healthcare hit with cyber extortion (again)
    https://www.infosecurity-magazine.com/news/change-healthcare-double-cyber/

    Health Department warns attackers targeting IT help desks https://www.bleepingcomputer.com/news/security/us-health-dept-warns-hospitals-of-hackers-targeting-it-help-desks/

    Malicious PowerShell script appears to be AI-written
    https://www.bleepingcomputer.com/news/security/malicious-powershell-script-pushing-malware-looks-ai-written/

    Please follow us on social!

    Facebook: https://www.facebook.com/frsecure/
    Twitter: https://twitter.com/frsecure/
    Instagram: https://www.instagram.com/frsecureofficial/
    LinkedIn: https://www.linkedin.com/company/frsecure/

    About FRSecure https://frsecure.com/

    FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs.

    These fundamentals are lacking in our industry, and while progress is being made, we can’t do it alone. Whether you’re wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.
    Más Menos
    53 m
  • Gemini AI Vulnerability, ChatGPT Plugins, Typosquatting, Vishing

    Gemini AI Vulnerability, ChatGPT Plugins, Typosquatting, Vishing
    Mar 19 2024
    The guys are back for another episode of the Hackle Box—a monthly conversation between information security experts about new and noteworthy exploits.

    This time, they discuss security risks in ChatGPT plugins, a major flaw in Google's Gemini AI, typosquatting, and a worldwide vishing epidemic.

    Links:

    ChatGPT Plugin Security
    https://www.infosecurity-magazine.com/news/security-risks-chatgpt-plugins/

    Gemini AI Vulnerability
    https://www.darkreading.com/cyber-risk/google-gemini-vulnerable-to-content-manipulation-researchers-say

    Worldwide Vishing Epidemic
    https://www.darkreading.com/endpoint-security/sophisticated-vishing-campaigns-take-world-by-storm

    Typosquatting
    https://www.darkreading.com/threat-intelligence/typosquatting-wave-shows-no-signs-of-abating

    Please like, subscribe, and follow us on social!

    Facebook: https://www.facebook.com/frsecure/
    Twitter: https://twitter.com/frsecure/
    Instagram: https://www.instagram.com/frsecureofficial/
    LinkedIn: https://www.linkedin.com/company/frsecure/

    About FRSecure https://frsecure.com/

    FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs.

    These fundamentals are lacking in our industry, and while progress is being made, we can’t do it alone. Whether you’re wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.
    Más Menos
    55 m
  • AnyDesk, Resumes Stolen From Compromised Job Boards, Industry News

    AnyDesk, Resumes Stolen From Compromised Job Boards, Industry News
    Feb 12 2024
    The guys are back for another episode of the Hackle Box—a monthly conversation between information security experts about new and noteworthy exploits.

    This time, they discuss compromised job boards where millions of resumes were stolen, AnyDesk's actions post-hack, an exploited SSRF flaw in Ivanti, and more.

    Links:
    Millions of resumes stolen via exploited job boards https://thehackernews.com/2024/02/hackers-exploit-job-boards-in-apac.html

    AnyDesk resets passwords/revokes certificates after hack https://techcrunch.com/2024/02/05/remote-access-giant-anydesk-resets-passwords-and-revokes-certificates-after-hack/

    SSRF flaw in Ivanti exploited https://thehackernews.com/2024/02/recently-disclosed-ssrf-flaw-in-ivanti.html

    Fortinet reissues critical FortiSIEM vulnerabilities https://www.theregister.com/2024/02/06/fortinet_fortisiem_vulns/

    Please like, subscribe, and follow us on social!
    Facebook: https://www.facebook.com/frsecure/
    Twitter: https://twitter.com/frsecure/
    Instagram: https://www.instagram.com/frsecureofficial/
    LinkedIn: https://www.linkedin.com/company/frsecure/

    About FRSecure https://frsecure.com/

    FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs.

    These fundamentals are lacking in our industry, and while progress is being made, we can’t do it alone. Whether you’re wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.
    Más Menos
    54 m
  • Cybersecurity Funding Reduced 40% in 2023, Vulnerability/Patch News

    Cybersecurity Funding Reduced 40% in 2023, Vulnerability/Patch News
    Jan 19 2024
    The guys are back for another episode of the Hackle Box—a monthly conversation between information security experts about new and noteworthy exploits.

    This time, they discuss the reduced cybersecurity funding observed in 2023 as well as new vulnerabilities, patches, and more.

    Links:

    Cybersecurity Funding Reduced
    https://www.securityweek.com/cybersecurity-funding-dropped-40-in-2023-analysis/

    Critical Flaws in Windows Kerberos and Hyper-V
    https://securityweek.com/microsoft-ships-urgent-fixes-for-critical-flaws-in-windows-kerberos-hyper-v/

    Pikabot Malware
    https://www.darkreading.com/cyberattacks-data-breaches/pikabot-malware-qakbot-replacement-black-basta-attacks

    Decryptor for Black Basta and Babuk's Tortilla Ransomware https://thehackernews.com/2024/01/free-decryptor-released-for-black-basta.html

    Please like, subscribe, and follow us on social!

    Facebook: https://www.facebook.com/frsecure/
    Twitter: https://twitter.com/frsecure/
    Instagram: https://www.instagram.com/frsecureofficial/
    LinkedIn: https://www.linkedin.com/company/frsecure/

    About FRSecure https://frsecure.com/

    FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs.

    These fundamentals are lacking in our industry, and while progress is being made, we can’t do it alone. Whether you’re wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.
    Más Menos
    53 m
  • Breachmas & Common Social Engineering Attacks

    Breachmas & Common Social Engineering Attacks
    Dec 12 2023
    The guys are back for another episode of the Hackle Box—a monthly conversation between information security experts about new and noteworthy exploits.

    This time, they discuss common social engineering attacks carried out around the holidays when key team members are out of the office or organizations are shut down for seasonal breaks.

    Links
    Social Engineering
    https://thehackernews.com/2023/12/hacking-human-mind-exploiting.html

    Cisco IOS XE Vuln Exploitation
    https://www.securityweek.com/exploitation-of-recent-cisco-ios-xe-vulnerabilities-spikes/

    Sierra:21 Attacks
    https://thehackernews.com/2023/12/sierra21-flaws-in-sierra-wireless.html

    Atlassian
    https://www.darkreading.com/application-security/patch-now-critical-atlassian-bugs-endanger-enterprise-apps

    Please follow us on social!
    Facebook: https://www.facebook.com/frsecure/
    Twitter: https://twitter.com/frsecure/
    Instagram: https://www.instagram.com/frsecureofficial/
    LinkedIn: https://www.linkedin.com/company/frsecure/

    About FRSecure
    https://frsecure.com/

    FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs.

    These fundamentals are lacking in our industry, and while progress is being made, we can’t do it alone. Whether you’re wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.
    Más Menos
    47 m
  • Recent Vulnerabilities in Confluence and Apache ActiveMQ

    Recent Vulnerabilities in Confluence and Apache ActiveMQ
    Nov 15 2023
    The guys are back for another episode of the Hackle Box—a monthly conversation between information security experts about new and noteworthy exploits.

    This time around, they discuss recent vulnerabilities in Confluence and Apache ActiveMQ.

    Follow us on social!

    Facebook: https://www.facebook.com/frsecure/
    Twitter: https://twitter.com/frsecure/
    Instagram: https://www.instagram.com/frsecureofficial/
    LinkedIn: https://www.linkedin.com/company/frsecure/

    About FRSecure - https://frsecure.com/

    FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs.

    These fundamentals are lacking in our industry, and while progress is being made, we can’t do it alone. Whether you’re wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.
    Más Menos
    42 m