This week on the podcast we take a deep dive into the Exchange Server vulnerabilities that Microsoft issued an emergency patch for after discovering foreign adversaries were actively exploiting the flaws in the wild. We'll go over the vulnerabilities, how they work, and give some tips for defending against similar attacks in the future. … [Read more...]
Hacked by Cosmic Rays
This week on the podcast we cover Gootkitand Gootloader, two oddly-named pieces of an evasive trojan that researchers have been watching evolve into a fileless threat. We also discuss the security benefits and drawbacks of Apple's closed-door approach to security. Finally, we end with some research on what happens when a cosmic ray causes your computer to load up the wrong … [Read more...]
Microsoft Says “Regulate Us”
This week on the podcast we cover an upcoming Chrome browser update with important behind-the-scenes changes, a 9.8/10 severity vulnerability in VMWare vCenter, and a plea from Microsoft for more breach disclosure regulation in the wake of the SolarWinds breaches. … [Read more...]
RIPE for the Taking
This week on the podcast, we chat about an authentication attack against one of the world’s internet address registrars, another Russian threat actor targeting a popular IT software company, and research on a credential theft trojan and its delivery methods. … [Read more...]
So Confused
This week on The 443, we cover a cyber-attack against the water supply of a small Florida town and research into a new class of vulnerabilities in software libraries called Dependency Confusion. … [Read more...]