#24 - Intel Chat: MS Outlook exploit. And ShmooCon organizers, Heidi and Bruce Potter.
The Cybersecurity Defenders Podcast · Christopher
Audio is streamed directly from the publisher (podcast.wistia.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
In this episode, we sit down with Matt Bromiley to talk about some of the latest intel coming out of the LimaCharlie community Slack channel:
- CVE-2023-23397: A zero-touch exploit that affects all versions of Windows Outlook. (Sigma rule)
- CVE-2023-24880: An unpatched security bypass in Microsoft’s SmartScreen security feature.
- Mandiant observes China-nexus threat actors targeting technologies that do not normally support endpoint detection and response solutions.
- Kaspersky recently conducted an analysis of 155 dark web forums from January 2020 to June 2022. Threat groups are offering $240k salaries to tech jobseekers.
And an interview with Heidi and Bruce Potter, ShmooCon organizers.
ShmooCon is an annual east coast hacker convention hell-bent on offering three days of an interesting atmosphere for demonstrating technology exploitation, inventive software, and hardware solutions, and open discussions of critical infosec issues.
The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.