

ISC StormCast for Friday, December 13th, 2024
4 snips Dec 13, 2024
The latest discussions cover critical security updates for Windows 10 and 11, stressing the necessity of TPM 2.0. They reveal vulnerability woes with Microsoft Azure's multi-factor authentication. Additionally, there's an alarming review of a security flaw in Apache's Struts 2 library. The podcast also exposes the tactics of a Russian group, Secret Blizzard, which are using tools from other factions to launch attacks on Ukraine. It's a riveting mix of cybersecurity insights and global threat awareness.
AI Snips
Chapters
Transcript
Episode notes
Windows 11 Upgrade Advice
- Upgrade Windows systems to Windows 11.
- Ensure your system has TPM 2.0 for patch compatibility.
MFA Monitoring Advice
- Monitor failed second-factor authentication attempts.
- This helps detect brute-force attacks targeting multi-factor authentication.
Azure MFA Bypass Insight
- Microsoft Azure MFA had a vulnerability allowing brute-force attacks.
- This was due to a lack of rate limiting and overly permissive time slippage.