Three Buddy Problem Inside the PlugX malware removal operation, CISA takes victory lap and another Fortinet 0day
19 snips
Jan 17, 2025 Discover the bold efforts of French intelligence in combating the PlugX malware through sovereign disinfections. CISA highlights progress with a new cybersecurity Executive Order, despite skepticism about real change. The podcast dives into critical vulnerabilities like the Fortinet zero-day, and debates the implications of TikTok bans on data privacy. Plus, hear about the evolving tactics of cybercriminals amid geopolitical tensions and the call for global cybersecurity collaboration to tackle these threats effectively.
AI Snips
Chapters
Books
Transcript
Episode notes
PlugX Removal Operation
- The FBI partnered with French authorities and Sequoia to remove PlugX malware from U.S. computers.
- Sequoia sinkholed a PlugX botnet by renting a VPS with the malware's C2 IP address.
Cybersecurity Legal Overreach
- Juan Andres Guerrero-Saade argues that overly strict legal frameworks hinder cybersecurity efforts.
- He suggests viewing botnets abstractly, based on C2 control, rather than physical device location.
Proactive Malware Removal
- Ryan Naraine questions why US companies or CISA aren't more proactive in malware removal.
- He suggests CISA could partner with researchers and develop the capability to conduct such operations.