Security Weekly NewsSubscribe
Vulnerability Management, Malware, Ransomware

Secret YouTube Videos, Thunderforge, ByBit, 365, Chrome, VMWARE, Aaran Leyland… – SWN #457

Full Audio

View Show Index

Segments

1. Secret YouTube Videos, Thunderforge, ByBit, 365, Chrome, VMWARE, Aaran Leyland… – SWN #457

Secret YouTube Videos, Thunderforge, ByBit, 365, Chrome, VMWARE, Aaran Leyland, and More, on this edition of the Security Weekly News.

Hosts

Professor at Roger Williams University
  1. 1. Microsoft 365 apps will prompt users to back up files in OneDrive
  2. 2. Malicious Chrome extensions can spoof password managers in new attack
  3. 3. Typosquatting campaign targets financial sector Linux, macOS systems
  4. 4. Healthcare organizations facing more sophisticated attacks
  5. 5. Pentagon to give AI agents a role in planning, operations
  6. 6. Broadcom Patches 3 VMware Zero-Days Exploited in the Wild
  7. 7. How the Biggest Crypto Heist in History Went Down
  8. 8. The hidden world beneath the shadows of YouTube’s algorithm
Cyber security lead EMEA at Defence
  1. 1. Silk Typhoon hackers now target IT supply chains to breach networks

    Microsoft warns that Chinese cyber-espionage threat group 'Silk Typhoon' has shifted its tactics, now targeting remote management tools and cloud services in supply chain attacks that give them access to downstream customers.

    The tech giant has confirmed breaches across multiple industries, including government, IT services, healthcare, defense, education, NGOs, and energy.

    "They [Silk Typhoon] exploit unpatched applications that allow them to elevate their access in targeted organizations and conduct further malicious activities," reads Microsoft's report.

    "After successfully compromising a victim, Silk Typhoon uses the stolen keys and credentials to infiltrate customer networks where they can then abuse a variety of deployed applications, including Microsoft services and others, to achieve their espionage objectives."

    https://cyberinsider.com/microsoft-chinese-hackers-silk-typhoon-now-target-the-it-supply-chain/ : https://markets.businessinsider.com/news/stocks/microsoft-warns-chinese-hackers-now-targeting-it-supply-chain-1034447943 : https://www.csoonline.com/article/3840546/chinese-apt-silk-typhoon-exploits-it-supply-chain-weaknesses-for-initial-access.html

Related

SignalGate and How Not To Protect Secrets – PSW #867

How do we handle scope creep for vulnerabilities?, find the bugs before it hits the real world, risk or hype vulnerabilities, RTL-SDR in a browser, using AI to hack AI and protect AI, 73 vulnerabilities of which 0 patches have been issued, Spinning Cats, bypassing WDAC with Teams and JavaScript, Rust will solve all the security problems, did you he...

You can skip this ad in 5 seconds