Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

Google Exposes Initial Access Broker Ties With Ransomware Actors (bankinfosecurity.com) Okta says hundreds of companies impacted by security breach | TechCrunch Okta: “We made a mistake” delaying the Lapsus$ hack disclosure (bleepingcomputer.com) Microsoft confirms Lapsus$ breach after hackers publish Bing, Cortana source code | TechCrunch DEV-0537 criminal actor targeting organizations for data exfiltration and destruction – Microsoft Security Blog Sabotage: Code added to popular NPM package wiped files in Russia and Belarus | Ars Technica President Biden Signs into Law the Cyber Incident Reporting Act (natlawreview.com) SEC Proposes Rules On Cybersecurity Risk Management, Strategy, Governance, And Incident Disclosure By Public Companies – Technology – United States (mondaq.com)

Adafruit discloses data leak from ex-employee’s GitHub repo (bleepingcomputer.com) Malware now using NVIDIA’s stolen code signing certificates (bleepingcomputer.com) NSA report: This is how you should be securing your network | ZDNet  

https://www.govinfosecurity.com/data-breach-exposes-booking-details-19-million-customers-a-18505 https://www.helpnetsecurity.com/2022/02/11/cloud-security-training/ https://www.bankinfosecurity.com/massive-breach-hits-500-e-commerce-sites-a-18492 https://www.darkreading.com/cloud/linux-malware-on-the-rise-including-illicit-use-of-cobalt-strike https://www.darkreading.com/attacks-breaches/google-cuts-account-compromises-in-half-with-simple-change

https://www.darkreading.com/edge-threat-monitor/most-common-cause-of-data-breach-in-2021-phishing-smishing-bec https://www.bleepingcomputer.com/news/security/fbi-shares-lockbit-ransomware-technical-details-defense-tips/ https://www.csoonline.com/article/3648991/dhs-announces-the-creation-of-the-cyber-safety-review-board.html https://www.darkreading.com/application-security/disclosure-panic-patch-can-we-do-better-

https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/ https://blog.f-secure.com/insight-from-a-large-scale-phishing-study/ https://www.darkreading.com/attacks-breaches/log4j-proved-public-disclosure-still-helps-attackers https://www.csoonline.com/article/3647756/how-to-prioritize-and-remediate-vulnerabilities-in-the-wake-of-log4j-and-microsofts-patch-tuesday-b.html

https://www.csoonline.com/article/3647209/why-you-should-secure-your-embedded-server-management-interfaces.html https://www.csoonline.com/article/3646613/cybercrime-group-elephant-beetle-lurks-inside-networks-for-months.html https://www.zdnet.com/article/when-open-source-developers-go-bad/ https://www.bleepingcomputer.com/news/microsoft/microsoft-resumes-rollout-of-january-windows-server-updates/

https://arstechnica.com/gadgets/2021/07/malicious-pypi-packages-caught-stealing-developer-data-and-injecting-code/ https://arstechnica.com/gadgets/2021/07/feds-list-the-top-30-most-exploited-vulnerabilities-many-are-years-old/ https://www.securityweek.com/hospital-network-reveals-cause-2020-cyberattack https://www.csoonline.com/article/3628331/recent-shadow-it-related-incidents-present-lessons-to-cisos.html https://www.natlawreview.com/article/another-court-orders-production-cybersecurity-firm-s-forensic-report-data-breach https://www.secureworld.io/industry-news/ciso-lawsuit-solarwinds

https://therecord.media/using-vms-to-hide-ransomware-attacks-is-becoming-more-popular/ https://blog.erratasec.com/2021/07/ransomware-quis-custodiet-ipsos-custodes.html?m=1 https://www.databreachtoday.com/how-mespinoza-ransomware-group-hits-targets-a-17086 https://krebsonsecurity.com/2021/07/dont-wanna-pay-ransom-gangs-test-your-backups/ https://arstechnica.com/gadgets/2021/07/kaseya-gets-master-decryptor-to-help-customers-still-suffering-from-revil-attack/

https://www.csoonline.com/article/3623760/printnightmare-vulnerability-explained-exploits-patches-and-workarounds.html#tk.rss_all https://www.securityweek.com/continuous-updates-everything-you-need-know-about-kaseya-ransomware-attack https://www.databreachtoday.com/kaseya-raced-to-patch-before-ransomware-disaster-a-17006