MFA & Cybersecurity: Crypto-Miner Takedown, Ivanti Debacle, and AI-Enhanced Phishing
Storm Watch by GreyNoise Intelligence · GreyNoise Intelligence
Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
In this episode of Storm⚡️Watch, we delve into a variety of cybersecurity topics, with a running theme of the vital need for Multi-Factor Authentication (MFA). We kick off with introductions and a roundtable discussion, followed by an exploration of a mass crypto-miner takedown, with insights drawn from reports by the Ukrainian Cyber Police and Bleeping Computer.
We then discuss the Ivanti debacle, referencing a blog post by Volexity. This is followed up by the note of two X account hacking events (SEC & Mandiant), as reported by The Register and Security Affairs. The NSA's warning about AI-enhanced phishing is also on our agenda, with sources from NBC News and Infosec Exchange.
We tap back to ancient Stuxnet news, the malware that cost a billion dollars, based on an article by Graham Cluley (there are some new twists to this tale). We also delve into the broad implications of the Orrick breach, as reported by Security Week.
In our tool spotlight, we feature Cyberwatch, a GitHub project by Casualtek. We also discuss a blog posts from Censys, about a Juniper vulnerability and encourage folks to attend the "Stop Predicting, Start Protecting" lunch-and-learn.
From GreyNoise, we highlight the second 2024 Tag Webinar and 2023 GreyNoise Internet Exploitation Retrospective Report.
We wrap up with a roundup of known exploited vulnerabilities from CISA.