Security Weekly Podcast Network (Audio) Keyboards, 3am, TikTok, LummaC2, Cityworks, Honeypots, Fancy Bear, Aaran Leyland... - SWN #479
17 snips
May 23, 2025 This discussion dives deep into the sneaky tactics used by the ransomware group 3am, shedding light on the rising threat of social engineering. It also explores the fascinating role of honeypots in cyber defense, especially against groups like Fancy Bear. A startling vulnerability in GitLab's AI assistant reveals critical security concerns. Plus, the conversation takes a nostalgic turn as the hosts reminisce about the evolution of keyboards, from typewriters to modern mechanical designs, igniting a debate on personal favorites.
AI Snips
Chapters
Transcript
Episode notes
3AM Ransomware Attack Evolution
- The 3AM ransomware campaign uses multi-phasic social engineering with phone calls and email bombing.
- Attackers exploit employee trust by spoofing real IT department phone numbers to gain remote access.
Train and Test For Social Engineering
- Train employees to resist social engineering attacks using secret code words or verification methods.
- Test incident response plans under real conditions and have backup plans ready.
TikTok AI Malicious Scripts Risk
- TikTok is used to spread AI-generated videos providing malicious PowerShell scripts for software activation.
- These scripts run with admin privileges, enabling info stealers like Vidar to operate invisibly.