Welcome to The Threat Show powered by Fletch. This week we sat down with Todd Haverkos, a Manager of Global Vulnerability Management at a financial exchange based in Chicago, with two decades of experience working in security.
Todd gives critical vulnerability management advice and shares tips on how to avoid some of the most common mistakes found in the field. The team also discusses four major threats you need to know about. Enjoy the show!
FIN7 hackers create auto-attack platform to breach Exchange servers (02:25)
The prolific FIN7 threat group has weaponized a number of new Microsoft Exchange and SQL injection vulnerabilities and created an automated attack system targeting these vulnerabilities. If you are breached, attackers can steal data, carry out ransomware attacks, and more.
BlueNoroff introduces new methods bypassing MoTW (08:22)
The BlueNoroff threat group, known by most threat researchers as Lazarus, is able to bypass Mark-of-the-Web quarantining operations that typically happen within Windows environments where Microsoft flags files downloaded from the internet that could be dangerous. By bypassing this, they can execute malicious code without any user interaction.
Malicious PyTorch dependency 'torchtriton' on PyPI: everything you need to know (12:00)
PyTorch is a popular open source Python toolkit that recently suffered a supply chain attack that compromised a dependent library leveraged by PyTorch. When developers go to update the PyTorch library, this malicious package would be downloaded, installed, and executed.
Malvertising campaign MasquerAds abuses Google Ads (17:09)
Google Ads are being used by attackers to deliver tailored malicious advertisements that focus specifically on GPUs and crypto wallets. If you’re in an environment with lots of GPU available, you could be a target for these attacks.
Interview With Todd Haverkos (21:09)
Todd gives critical vulnerability management advice and shares tips on how to avoid some of the most common mistakes found in the field.
