Welcome to The Threat Show powered by Fletch. This week’s special guest is Nathan Case, an executive with 10+ years planning and implementing technology programs in healthcare and other industries, currently working as a security advocate for Datadog. He gives critical advice related to security hygiene, SBOMs, and how up and coming security leaders can do things right in an ever changing landscape . The team also discusses four major threats you need to know about.
The 9th Google Chrome Zero-Day Threat this Year – Again Just Before the Weekend (01:28)
Just last week we reported on the 8th Google Chrome zero-day vulnerability of the year; now the 9th is here. Google has been tight lipped when it comes to disclosing details on this threat to avoid being exploited by more groups.
Discovered new BYOF technique to cryptomining with PRoot (07:40)
PRoot is an open source tool that allows you to create a unified set of tools that can operate across a wide variety of architecture. As a result, attackers are now bringing their own file systems to particular compromised endpoints, a method currently gaining popularity for crypto mining operations as it makes the barrier of entry for mining much lower.
Zerobot - New Go-Based Botnet Campaign Targets Multiple Vulnerabilities (11:11)
Fortinet has discovered Zerobot, a botnet campaign targeting IoT devices. This threat stands out because of the pace that developers are adding new vulnerabilities into their toolkit to compromise larger sets of devices. These vulnerabilities don’t just target consumer devices, but devices used by small/medium sized businesses as well.
Ransomware attack forces French hospital to transfer patients (17:09)
Several threat groups have been specifically targeting international healthcare organizations. There are two potential factors driving these attacks: Denying access to data for healthcare organizations could result in a life or death situation for patients, resulting in a higher likelihood that victims will pay the ransom. Conversely, healthcare organizations are simply one of the easiest targets for ransomware.
