The Cybersecurity Defenders Podcast #156 - Intel Chat: Fortibitch, Hadooken, Void Banshee & CloudImposer
6 snips
Sep 20, 2024 Fortibitch, a cybersecurity participant, discusses the latest threats in the field, including a new Linux malware named Hadooken targeting Oracle WebLogic servers. The malware not only deploys cryptominers but also facilitates DDoS attacks. The Void Banshee threat group is highlighted in relation to a zero-day vulnerability reclassified by Microsoft, raising concerns over security practices. Additionally, CloudImposer addresses the risks of cloud-based data breaches, leaving listeners with important insights on staying ahead of evolving cyber threats.
AI Snips
Chapters
Transcript
Episode notes
Fortinet Data Breach
- Fortinet confirmed a data breach after a threat actor, "Fordabitch", claimed to have stolen 440 GB of data.
- Fortinet clarified that the breach involved unauthorized access to a third-party cloud drive, impacting less than 0.3% of customers.
Hadooken Malware Defense
- Monitor Oracle WebLogic servers for malicious activity, particularly crypto mining and DDoS attacks.
- Implement file-based detections and strong credentials to mitigate risks associated with malware like "Hadooken".
Understanding CVSS Scores
- CVSS scores have two components: a base score and a temporal score.
- The temporal score changes based on factors like exploit availability and patches, impacting risk assessment.