The 443 - Security Simplified

This week on the podcast we dig back into our archives for an episode that originally aired back in July 2020 where we discussed one of our analysts first-hand research into facial recognition biases.

This week on the podcast we cover a cryptocurrency heist that abused the backbone of the internet to steal millions of dollars of coins. In related news, we also cover the FBI's new Virtual Asset Exploitation Team and their focus on tracking cryptocurrency-related cybercrime as well as a recent alert on business email compromise from the same agency.

This week on the podcast we cover Russia's latest crackdown on cybercriminals within their borders and try to answer the "why now?" question. We also discuss a multi-billion dollar cryptocurrency recovery by the US Justice Department including the arrest of two New Yorkers allegedly responsible for the 2016 Bitfinex hack.

This week on the podcast, we cover the heist of $322 million in cryptocurrency from the distributed exchange Wormhole, including a long discussion on the why it feels like cryptocurrency is still the wild west of technology. After that, give an update on our brief mention in last week's episode about North Korea's internet seemingly being taken offline by cyber attack. We end this week with a quick update on a sophisticated malware attack targeting macOS devices.

This week on the podcast, we cover Pwnkit, a privilege escalation vulnerability impacting almost every modern Linux release worldwide. We also dive in to the world of macOS malware with DazzleSpy, a remote a remote access trojan targeting Hong Kong pro-democracy advocates. Finally, we end with an update on North Korea's Lazarus APT and their latest attack tactics targeting organizations.

This week on the podcast we discuss the latest Internet Security Report from the WatchGuard Threat Lab. Built with threat intelligence gathered from tens of thousands of Firebox UTM appliances that have opted-in to sharing data, the quarterly report lets us talk about the latest malware and attack trends targeting organizations globally. On this episode, we'll cover some of the key findings and defensive takeaways from the latest report.

This week on the podcast we give a quick update to the Log4Shell saga after the researchers detected the first significant campaign that uses the critical vulnerability. After that, we dive in to the world of carding marketplaces where cybercriminals buy and sell stolen credit card information and discuss possible reasons for why these marketplaces appear to be dying off.

This week on the podcast we give an update on log4j2 and it's most recently-disclosed vulnerabilities before covering a recent report on credential stuffing by the New York Attorney General. Then, we discuss this recent article in DarkReading on whether or not cybersecurity jobs should be considered professional or vocational.

This week we take a deep dive into CVE-2021-44228, better known as Log4Shell, a critical vulnerability in the massively popular log4j2 logging library for Java applications. We discuss how the flaw came about, how it works, and why this specific issue has the potential to cause lasting headaches for the security industry for years to come. We also answer a mailbag full of questions from our listeners and WatchGuard partners about Log4Shell.
NCSC log4js Usage Index - https://github.com/NCSC-NL/log4shell/blob/main/software/README.md
Log4Shell IOCs - https://github.com/WatchGuard-Threat-Lab/log4shell-iocs
Log4Shell Scanning Utility - https://github.com/proferosec/log4jScanner

As we move in to the end of the year it's time for us to discuss WatchGuard Threat Lab's 2022 cybersecurity predictions. While many of our predictions tend to come off as extreme, they're all grounded in the trends that we've been following and what we expect to see continue into the coming year. If you haven't checked out the predictions in full, you can view them on watchguard.com/predictions