Forecast: Breach storms surge with Chinese actors, Ivanti spreads wider, and malware disguises itself—stay alert and patched!
This episode of Storm⚡️Watch features exciting developments in security tooling and concerning breaches in critical infrastructure.
We're thrilled to finally talk about Censeye on the pod! It's Censys's powerful new automated hunting platform that's revolutionizing how security teams conduct threat hunting. This innovative tool combines automation with Censys's comprehensive internet scanning capabilities, complete with new gadgets that enhance threat detection and analysis capabilities.
In major security news, a significant breach at the US Treasury's Committee on Foreign Investment (CFIUS) has been attributed to Chinese state-sponsored actors. This concerning development potentially exposed sensitive data about national security reviews of foreign investments in American companies.
The Ivanti vulnerability situation continues to evolve, with UK domain registry giant Nominet now confirming they've been impacted by the recent Ivanti VPN exploits. This development highlights the expanding blast radius of this critical security issue.
2025 has already seen sophisticated threat actors weaponizing exploits, with researchers uncovering an information stealer disguised as a proof-of-concept exploit for the LDAPNightmare vulnerability (CVE-2024-49113).
We'll explore how Censys Search is strengthening phishing prevention through advanced SSL/TLS certificate monitoring, providing organizations with crucial tools to identify and prevent potential phishing campaigns.
The episode concludes with an in-depth look at GreyNoise classifications, particularly focusing on suspicious activity patterns identified in the last 24 hours. We'll break down what these classifications mean for security teams and how to leverage this intelligence effectively.
Can't Watch? Listen Here
