Cyber Security Headlines Legacy Windows protocols expose theft, Fortra admits GoAnywhere defect, Taiwan claims surge in Chinese attacks
Oct 15, 2025
Researchers uncover that legacy Windows protocols, like LLMNR and NetBIOS, are vulnerable to credential theft. Fortra admits a flaw in GoAnywhere was actively exploited, raising concerns about leaked keys. Taiwan reports a significant rise in cyber-attacks from China, especially leading up to elections. Additionally, an Android exploit called Pixnapping steals screen data, even capturing 2FA codes. Major breaches like the Qantas data leak and CLOP's claim of stealing 1.3 terabytes from Harvard are also highlighted.
AI Snips
Chapters
Transcript
Episode notes
Old Name Services Still Leak Credentials
- Legacy Windows protocols like LLMNR and NetBIOS continue to leak credentials on local networks without exploits.
- Captured hashes can be cracked or relayed to escalate access across corporate systems.
Harden Networks Against Local Relay Attacks
- Disable LLMNR and NBT-NS and block UDP port 5355 to reduce on-network credential capture.
- Enforce SMB signing and use Kerberos to prevent relays and reuse of stolen credentials.
GoAnywhere Exploit Suggests Key Exposure
- Fortra's GoAnywhere MFT had a critical defect that was actively exploited in the wild weeks after researchers verified attacks.
- The exploit suggests attackers accessed a private key thought to be secret, raising supply-chain concerns.