Coffee Talk with SURGe: 2022-APR-19 MS-RPC Vulnerability, Lazarus, Pipedream
This week Audra Streetman, Ryan Kovar, and Mick Baccio from Splunk discussed the latest security news, including the MS-RPC vulnerability CVE 2022 26809, a CISA alert about the North Korean state-sponsored Lazarus Group, and Sunday's 60 Minutes episode on the threat of Russian cyberattacks targeting U.S. critical infrastructure. Mick and Ryan also competed in a 60 second charity challenge to explain why Americans should be concerned about the potential for a Russian cyberattack targeting U.S. critical infrastructure. To learn more about Splunk SURGe, visit https://www.splunk.com/en_us/surge.html.
Links mentioned in the show:
SANS Webinar on MS-RPC Vulnerability: https://www.sans.org/webcasts/cve-2022-26809-ms-rpc-vulnerability-analysis/
This week's charity: https://www.yearup.org/
Microsoft RPC vulnerability: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26809
CISA Alert about Lazarus: https://www.cisa.gov/uscert/ncas/alerts/aa22-108a
State Dept. $5M Reward: https://rewardsforjustice.net/index/
CISA Alert about ICS/OT malware tools: https://www.cisa.gov/uscert/ncas/alerts/aa22-103a
SURGe/Splunk Security Presentations at.conf22: https://twitter.com/drewchurch/status/1516483303137681416
Splunk OT Security Add-On: https://splunkbase.splunk.com/app/5151/