PLAY PODCASTS
3CX supply chain attack, Mark Russinovich and Sysinternals, CISA ransomware notifications, and emotional intelligence

3CX supply chain attack, Mark Russinovich and Sysinternals, CISA ransomware notifications, and emotional intelligence

BrakeSec Education Podcast · Amanda Berlin, Bryan Brake, and Brian Boettcher

April 8, 20231h 24mExplicit

Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.

Original episode page

Show Notes

Show Topic Summary (less than 300 words)

3CX supply chain attack, Mark Russinovich and Sysinternals, ransomware notifications from CISA, and emotional

intelligence

Youtube VOD: https://www.youtube.com/watch?v=afZHiBUr-2g

Questions and potential topics (5 minimum):

  1. https://www.straitstimes.com/tech/downloading-a-cracked-version-of-fifa-23-or-hogwarts-legacy-for-free-it-s-probably-malware

  1. https://leadershipfreak.blog/2023/03/27/the-7-powers-of-questions/

  1. https://securityintelligence.com/articles/is-it-time-to-hide-your-work-emails/

  1. https://www.lollydaskal.com/leadership/what-remote-leaders-do-differently-to-be-successful/

  1. https://www.lollydaskal.com/leadership/the-role-of-emotional-intelligence-in-leadership-why-it-matters/

  1. https://www.cybersecuritydive.com/news/3cx-mandiant-investigate-supply-chain-attack/646543/

  1. https://www.bleepingcomputer.com/news/security/openai-chatgpt-payment-data-leak-caused-by-open-source-bug/

  1. https://www.cybersecuritydive.com/news/cisa-pre-ransomware-notification/646041/

  1. https://www.sentinelone.com/labs/the-life-and-times-of-sysinternals-how-one-developer-changed-the-face-of-malware-analysis/

Additional information / pertinent Links (would you like to know more?):

https://unit42.paloaltonetworks.com/3cxdesktopapp-supply-chain-attack/

https://www.orangecyberdefense.com/global/blog/research/3cx-voip-app-supply-chain-compromise

https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

https://www.linkedin.com/feed/update/urn:li:activity:7047156405715300352/

Sigma Rule - https://github.com/SigmaHQ/sigma/blob/master/rules/windows/process_creation/proc_creation_win_malware_3cx_compromise_susp_children.yml

https://en.wikipedia.org/wiki/Information_Sharing_and_Analysis_Center

https://www.cisa.gov/news-events/news/cisa-establishes-ransomware-vulnerability-warning-pilot-program

https://www.fda.gov/media/166614/download

https://www.amazon.com/Windows-Internals-Part-architecture-management/dp/0735684189

https://medium.com/@martin-thissen/llama-alpaca-chatgpt-on-your-local-computer-tutorial-17adda704c23

Show Points of Contact:

Amanda Berlin: @infosystir @hackershealth

Brian Boettcher: @boettcherpwned

Bryan Brake: @bryanbrake @[email protected]

Website: https://www.brakeingsecurity.com Twitch: https://twitch.tv/brakesec Youtube: https://www.youtube.com/c/BDSPodcast

Email: [email protected]

← All episodes of BrakeSec Education Podcast