Welcome to The Threat Show powered by Fletch! This week, the team breaks down the effects that the current economic downturncan have on security teams, and how your team can adapt.
We also discuss four major threats you need to know about.
This flaw in Google Chrome & Chromium-based browsers enabled data theft of information such as cryptocurrency wallets and credentials from over 2.5 billion users (01:56)
A vulnerability within Google Chrome and Chromium browsers is enabling bad actors to steal information from web users, including entire crypto wallets. Given that Chrome is often the de facto browser used by individuals and organizations, these attacks are likely to keep popping up.
Vulnerability With 9.8 Severity In Control Web Panel Under Active Exploit (04:56)
Control Web Panel, a popular web hosting platform, has a vulnerability that’s been around since October but has gone unpatched in many organization’s servers, despite it still being a popular target. If you’re hosting On-Prem or a SaaS platform, you’ll want to pay attention to this threat.
Hundreds Of SugarCRM Servers Infected With Critical In-The-Wild Exploit (07:43)
SugarCRM servers have been infected with a critical exploit code that can allow bad actors to run malicious code remotely. Any small to medium-sized business hosting their own CRM using SugarCRM needs to keep an eye on this threat.
Supply Chain Attack Using Identical PyPI Packages, “colorslib”, “httpslib”, and “libhttps” (10:09)
A new set of malicious packages were recently discovered on the python repository. This malware masquerades itself as the most commonly used python packages to trick devs into downloading and running a malicious binary executable.
Mananging Security In An Economic Downturn (14:00)
Chris Wilder gives advice for managing a security team during an economic downturn.
