SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Friday, December 13th, 2024

4 snips
Dec 13, 2024
The latest discussions cover critical security updates for Windows 10 and 11, stressing the necessity of TPM 2.0. They reveal vulnerability woes with Microsoft Azure's multi-factor authentication. Additionally, there's an alarming review of a security flaw in Apache's Struts 2 library. The podcast also exposes the tactics of a Russian group, Secret Blizzard, which are using tools from other factions to launch attacks on Ukraine. It's a riveting mix of cybersecurity insights and global threat awareness.
Ask episode
AI Snips
Chapters
Transcript
Episode notes
ADVICE

Windows 11 Upgrade Advice

  • Upgrade Windows systems to Windows 11.
  • Ensure your system has TPM 2.0 for patch compatibility.
ADVICE

MFA Monitoring Advice

  • Monitor failed second-factor authentication attempts.
  • This helps detect brute-force attacks targeting multi-factor authentication.
INSIGHT

Azure MFA Bypass Insight

  • Microsoft Azure MFA had a vulnerability allowing brute-force attacks.
  • This was due to a lack of rate limiting and overly permissive time slippage.
Get the Snipd Podcast app to discover more snips from this episode
Get the app