Full Show Notes
Segment One
Major BGP Leak, Codecov Attack, Lazarus APT, Discord Ransomware, & GEICO Breach – SWN #115
This week, Dr. Doug talks naughty vaccines, Air frying is not frying, BGP is leaking, Codecov, Lazarus, Google Alerts, Nitro Ransomware, & we're joined once more for expert commentary by Jason Wood!
List of Articles
Doug White
- Major BGP leak disrupts thousands of networks globally
- Vulnerability Spotlight: Remote code execution vulnerabilities in Cosori smart air fryer
- Hundreds of networks reportedly hacked in Codecov supply-chain attack
- Google Alerts continues to be a hotbed of scams and malware
- Lazarus APT conceals malicious code within BMP image to drop its RAT – Malwarebytes Labs
- FBI hacks into hundreds of infected US servers (and disinfects them)
- Auto Insurance Giant GEICO Discloses Data Breach
- NitroRansomware Asks for $9.99 Discord Gift Codes, Steals Access Tokens
- TALOS-2020-1217
Jason Wood
- China-linked hackers used Pulse Secure flaw to target U.S. defense industry – researchers"The Integrity Assurance utility can reportedly destroy forensic artifacts, so you should capture memory/disk images before running it to ensure you can conduct an investigation." - https://twitter.com/likethecoins/status/1384519104032354306 - Katie Nickels —— Advisory from Pulse Secure https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44784/ Their XML file disables the following features on the PCS appliance. - Windows File Share Browser - Pulse Secure Collaboration FireEye Blog https://www.fireeye.com/blog/threat-research/2021/04/suspected-apt-actors-leverage-bypass-techniques-pulse-secure-zero-day.html
