Forecast = Stormy skies ahead as ICS vulnerabilities rain down and foreign threat actors flood ISPs, with a high chance of KEV alerts and a 100% probability of cybersecurity drama!
On this episode the crew kicks things off with a "Thorns and Roses" segment, sharing their experiences from the recent Black Hat, DEF CON, and BSides conferences.
Next, they dive into the world of internet-connected industrial control systems, exploring the findings from a recent Censys research report that sheds light on the vulnerabilities and risks associated with these critical systems.
The spotlight then turns to StormBamboo, a sophisticated threat actor that's been making waves in the cybersecurity community. The team breaks down how this group compromised an internet service provider to conduct DNS poisoning attacks and exploit insecure software update mechanisms. They discuss the implications of this attack, including the deployment of malware families like MACMA and POCOSTICK/MGBot, and the use of a malicious Chrome extension called RELOADEXT.
Moving on, the hosts share insights from their recent work, including a look at state of exploitation in the first half of 2024 and fresh perspectives on vulnerability prioritization. They emphasize the importance of keeping vulnerability intelligence up-to-date and introduce GreyNoise's new offerings for vulnerability management teams.
The episode wraps up with a look at the latest tags from GreyNoise's visualization tool and a roundupof the most recent additions to CISA's Known Exploited Vulnerabilities catalog.
Can't Watch? Listen Here
