Security Weekly Podcast Network (Audio)

Donut Holes, clickfix, rapperbots, bad devs, war, Doug Rants about Backups, and More. - SWN #487

23 snips
Jun 20, 2025
The episode kicks off with a humorous look at donuts and cybersecurity. It dives into the dangers of outdated protocols and the emerging threat of click fix attacks. A serious discussion unfolds about the rise of AI-generated code and the geopolitical tensions affecting cyber warfare. Listeners are cautioned about a critical vulnerability in backup software and the outrageous salaries offered to AI coders. The importance of the 3-2-1 backup strategy is highlighted, reminding everyone to stay vigilant against potential security scams.
Ask episode
AI Snips
Chapters
Transcript
Episode notes
ADVICE

Prepare for Microsoft 365 Auth Changes

  • Microsoft 365 will block legacy auth for SharePoint and OneDrive starting July to August 2025.
  • Test your apps and enforce admin consent to avoid service disruption from legacy access.
INSIGHT

Rise of Click Fix Attacks

  • Click fix social engineering attacks are rising as zero-day exploits become less popular.
  • Social engineering is easier and more effective because humans are the weakest security link.
INSIGHT

Fake Captcha Abuse Growing

  • Users click fake captcha boxes due to frustration and habit, enabling attackers to execute malicious code.
  • The use of Windows MSHTA executable in attacks jumped from 3.1% to 33% of defense evasion attempts this year.
Get the Snipd Podcast app to discover more snips from this episode
Get the app