This week on the podcast, we review CISA's most recent report on the top routinely exploited vulnerabilities from the last year. Before that, we cover North Korea's latest malware evasion testing followed by a report on a different evasion technique that abuses concatenated ZIP archives. The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.
External risks, such as cyber scams, ransomware, and identity theft, often steal the limelight. Just look at the numbers: our threat lab reports that 105,571 malware attacks have been blocked daily in the last month, translating into one incident every second. However, insider threats, while more difficult to detect, can be just as damaging to organizations.
The cybersecurity landscape has evolved dramatically, placing IT managers under pressure to adapt. A 168% rise in evasive malware detected by WatchGuard in Q2 2024 underscores this shift, with threat actors following behavioral patterns and adopting attack techniques that become popular and dominate in waves.
Watch this week's Defender Fridays with John Tuckner, Founder of Secure Annex, as we explore browser extensions and the risks they pose to your organization. Learn, share, and grow alongside industry experts in information security.
This week on the podcast, Marc Laliberte and Corey Nachreiner dive into a research white paper that explores how attackers could use AI to execute a full-scale money or credential theft scam from start to finish. Before that, they discuss Sophos's five-year battle with Chinese hackers targeting network devices, followed by a conversation about Microsoft’s ongoing fight against password spray attacks through compromised network devices.
Justin Bollinger, Principal Security Consultant at TrustedSec, discussed his research and mitigation guidance on ADCS ESC15 (CVE-2024-49019), also known as EKUwu, a vulnerability in Microsoft's Active Directory Certificate Services.