Episode #174 - JavaScript NPM Registry Exposed to Manifest Confusion Vulnerability; Sysmon's Latest Features Unveiled; Mockingjay Process Injection; This Day in Tech History
It's 5:05! Daily cybersecurity and open source briefing
Audio is streamed directly from the publisher (dts.podtrac.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Resources for this episode available at 505updates.com.
From Edwin Kwan in Sydney, Australia: The JavaScript NPM registry has a manifest confusion vulnerability which can allow the installation and execution of malicious files without the user's knowledge.
From Ian Garrett in Arlington, Virginia: Microsoft Sysmon just got a beefy upgrade. Sysmon is a free Microsoft Sysinternals tool that can monitor and block malicious or suspicious activity and log events to the Windows event log.
From Katy Craig in San Diego, California: There's a new process injection technique that could give threat actors a way to bypass security solutions and wreak havoc on compromised systems.
From Marcel Brown in St. Lous, Missouri: The iPhone turned out to be the computing device that we all wished we had, yet didn't know what we were missing until we had one. It has literally impacted nearly every aspect of our society, and it is no stretch to say that the iPhone has changed the world.
From Sourced Network Production in New York city. "It's 5:05". I'm Pokie Huang. Today is Thursday, June 29th. Here's the full story behind today's cyber security and open source headlines...