SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Stormcast, Jan 13, 2025: Defender Updates, Ivanti RCE, Apple USB-C Hack and more
Jan 13, 2025
In the latest discussions, Windows Defender enhances its ability to detect malicious Chrome extensions, bolstering enterprise security. Attackers are using embedded OLE files in Office documents to evade detection, prompting new combat tools. A serious vulnerability in Ivanti's software raises concerns, while researchers reveal a hack of Apple's USB-C controller, exposing hardware security issues. With tax season approaching, there's a push for taxpayers to secure their IP PIN to prevent identity theft.
06:43
AI Summary
AI Chapters
Episode notes
Podcast summary created with Snipd AI
Quick takeaways
- Windows Defender's new feature for tracking Chrome extensions enhances enterprise security by identifying potentially malicious extensions effectively.
- The IRS has implemented a new identity verification method using unique PINs to combat tax-related identity theft during the 2025 tax season.
Deep dives
Detecting Malicious Chrome Extensions
Identifying installed Chrome extensions is vital for maintaining cybersecurity, especially given the rise of malicious extensions. Users can navigate to the vulnerability management section in Windows Defender to see a list of installed extensions along with their IDs, which allows for the identification of potentially harmful ones. This proactive approach is essential as users often prefer to install various extensions, leading to challenges in managing security risks. The availability of tools like Windows Defender significantly aids in addressing these concerns and enhancing overall browser security.
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
