Podcasts about ntlm

V této epizodě se podíváme na kyberútok na Správu služeb hlavního města Prahy, při kterém hackeři zveřejnili SPZky a osobní údaje majitelů odtažených vozidel. Rozebíráme také nově zveřejněné detaily ze soudního sporu mezi Metou a NSO Group ohledně sledování přes WhatsApp, únik dat moderátorů fóra 4chan, a aktivně zneužívanou zranitelnost ve Windows, která umožňuje únik NTLM hashů. Nechybí ani drama kolem financování CVE programu a jeho budoucnosti.Kapitoly:00:00 SPZky a osobní údaje z Prahy zveřejněny hackery04:26 CVE program málem skončil: Co se stalo a co to znamená08:07 Pegasus a WhatsApp: Nové detaily ze soudního sporu09:26 Hack 4chanu10:24 Zranitelnost ve Windows: NTLM hash uniká jediným klikem11:34 Meme of the WeekOdkazy a zdroje:https://www.irozhlas.cz/zpravy-domov/kyberzlocinci-utocili-na-prazskou-spravu-sluzeb-hrozi-zverejnenim-citlivych_2504180500_pikhttps://www.group-ib.com/blog/cicada3301/https://www.bleepingcomputer.com/news/security/cisa-extends-funding-to-ensure-no-lapse-in-critical-cve-services/https://thehackernews.com/2025/04/cve-2025-24054-under-active.htmlhttps://techcrunch.com/2025/04/15/notorious-image-board-4chan-hacked-and-internal-data-leaked/https://www.calcalistech.com/ctechnews/article/i7i81952t#ITBezpecnost #IT #Novinky #bezpecnost #Česko

David Strom is an award-winning public speaker and cybersecurity journalist. David's writing spans more than 35 years, first as an editorial manager, where he ran publications such as Network Computing, Tom's Hardware, PC Week, ReadWrite and Inside Security. It also includes work as a full-time freelance writer for dozens of computer publications, including CSOonline and numerous TechTarget/Informa websites. In this episode, he joins host Charlie Osborne to discuss ridding networks of NTLM, including the path to eradicating this ancient protocol, why it's time, and more. • For more on cybersecurity, visit us at https://cybersecurityventures.com

HR Chatbots, MITRE, 4chan, Oracle, Identity, Port 53, NTLM, Zambia, Josh Marpet, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-469

HR Chatbots, MITRE, 4chan, Oracle, Identity, Port 53, NTLM, Zambia, Josh Marpet, and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-469

HR Chatbots, MITRE, 4chan, Oracle, Identity, Port 53, NTLM, Zambia, Josh Marpet, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-469

HR Chatbots, MITRE, 4chan, Oracle, Identity, Port 53, NTLM, Zambia, Josh Marpet, and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-469

Referências do EpisódioCVE-2025-24054, NTLM exploit in the wildAbout Apple Security UpdatesCISA adds One Known Exploited Vulnerability to CatalogRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia

The breaches will continue until appsec improves. Janet Worthington and Sandy Carielli share their latest research on breaches from 2024, WAFs in 2025, and where secure by design fits into all this. WAFs are delivering value in a way that orgs are relying on them more for bot management and fraud detection. But adopting phishing-resistant authentication solutions like passkeys and deploying WAFs still seem peripheral to secure by design principles. We discuss what's necessary for establishing a secure environment and why so many orgs still look to tools. And with LLMs writing so much code, we continue to look for ways LLMs can help appsec in addition to all the ways LLMs keep recreating appsec problems. Resources https://www.forrester.com/blogs/breaches-and-lawsuits-and-fines-oh-my-what-we-learned-the-hard-way-from-2024/ https://www.forrester.com/blogs/wafs-are-now-the-center-of-application-protection-suites/ https://www.forrester.com/blogs/are-you-making-these-devsecops-mistakes-the-four-phases-you-need-to-know-before-your-code-becomes-your-vulnerability/ In the news, crates.io logging mistake shows the errors of missing redactions, LLMs give us slopsquatting as a variation on typosquatting, CaMeL kicks sand on prompt injection attacks, using NTLM flaws as lessons for authentication designs, tradeoffs between containers and WebAssembly, research gaps in the world of Programmable Logic Controllers, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-326

The breaches will continue until appsec improves. Janet Worthington and Sandy Carielli share their latest research on breaches from 2024, WAFs in 2025, and where secure by design fits into all this. WAFs are delivering value in a way that orgs are relying on them more for bot management and fraud detection. But adopting phishing-resistant authentication solutions like passkeys and deploying WAFs still seem peripheral to secure by design principles. We discuss what's necessary for establishing a secure environment and why so many orgs still look to tools. And with LLMs writing so much code, we continue to look for ways LLMs can help appsec in addition to all the ways LLMs keep recreating appsec problems. Resources https://www.forrester.com/blogs/breaches-and-lawsuits-and-fines-oh-my-what-we-learned-the-hard-way-from-2024/ https://www.forrester.com/blogs/wafs-are-now-the-center-of-application-protection-suites/ https://www.forrester.com/blogs/are-you-making-these-devsecops-mistakes-the-four-phases-you-need-to-know-before-your-code-becomes-your-vulnerability/ In the news, crates.io logging mistake shows the errors of missing redactions, LLMs give us slopsquatting as a variation on typosquatting, CaMeL kicks sand on prompt injection attacks, using NTLM flaws as lessons for authentication designs, tradeoffs between containers and WebAssembly, research gaps in the world of Programmable Logic Controllers, and more! Show Notes: https://securityweekly.com/asw-326

The breaches will continue until appsec improves. Janet Worthington and Sandy Carielli share their latest research on breaches from 2024, WAFs in 2025, and where secure by design fits into all this. WAFs are delivering value in a way that orgs are relying on them more for bot management and fraud detection. But adopting phishing-resistant authentication solutions like passkeys and deploying WAFs still seem peripheral to secure by design principles. We discuss what's necessary for establishing a secure environment and why so many orgs still look to tools. And with LLMs writing so much code, we continue to look for ways LLMs can help appsec in addition to all the ways LLMs keep recreating appsec problems. Resources https://www.forrester.com/blogs/breaches-and-lawsuits-and-fines-oh-my-what-we-learned-the-hard-way-from-2024/ https://www.forrester.com/blogs/wafs-are-now-the-center-of-application-protection-suites/ https://www.forrester.com/blogs/are-you-making-these-devsecops-mistakes-the-four-phases-you-need-to-know-before-your-code-becomes-your-vulnerability/ In the news, crates.io logging mistake shows the errors of missing redactions, LLMs give us slopsquatting as a variation on typosquatting, CaMeL kicks sand on prompt injection attacks, using NTLM flaws as lessons for authentication designs, tradeoffs between containers and WebAssembly, research gaps in the world of Programmable Logic Controllers, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-326

The breaches will continue until appsec improves. Janet Worthington and Sandy Carielli share their latest research on breaches from 2024, WAFs in 2025, and where secure by design fits into all this. WAFs are delivering value in a way that orgs are relying on them more for bot management and fraud detection. But adopting phishing-resistant authentication solutions like passkeys and deploying WAFs still seem peripheral to secure by design principles. We discuss what's necessary for establishing a secure environment and why so many orgs still look to tools. And with LLMs writing so much code, we continue to look for ways LLMs can help appsec in addition to all the ways LLMs keep recreating appsec problems. Resources https://www.forrester.com/blogs/breaches-and-lawsuits-and-fines-oh-my-what-we-learned-the-hard-way-from-2024/ https://www.forrester.com/blogs/wafs-are-now-the-center-of-application-protection-suites/ https://www.forrester.com/blogs/are-you-making-these-devsecops-mistakes-the-four-phases-you-need-to-know-before-your-code-becomes-your-vulnerability/ In the news, crates.io logging mistake shows the errors of missing redactions, LLMs give us slopsquatting as a variation on typosquatting, CaMeL kicks sand on prompt injection attacks, using NTLM flaws as lessons for authentication designs, tradeoffs between containers and WebAssembly, research gaps in the world of Programmable Logic Controllers, and more! Show Notes: https://securityweekly.com/asw-326

On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news with special guest Rob Joyce, a Former Special Assistant to the US President and Director of Cybersecurity for NSA. They talk through: A realistic bluetooth-proximity phishing attack against Passkeys A very patient ransomware actor encrypts an entire enterprise with a puny linux webcam processor The ESP32 backdoor that is neither a door nor at the back The X DDoS that Elon said was Ukraine is claimed by pro-Palestinian hacktivists Years later, LastPass hackers are still emptying crypto-wallets …and it turns out North Korea nailed {Safe}Wallet with a malicious docker image. Nice! Rob Joyce recently testified to the US House Select Committee on the Chinese Communist Party, and he explains why DOGE kicking probationary employees to the curb is “devastating” for the national security staff pipeline. This week's episode is sponsored by SpecterOps, makers of the Bloodhound identity attack path mapping tool. Chief Product Officer Justin Kohler and Principal Security Researcher Lee Chagolla-Christensen discuss their pragmatic approach to disabling NTLM authentication in Active Directory using Bloodhound's insight. This episode is also available on Youtube. Show notes CVE-2024-9956 - PassKey Account Takeover in All Mobile Browsers | Tobia Righi - Security Researcher Feds Link $150M Cyberheist to 2022 LastPass Hacks – Krebs on Security Camera off: Akira deploys ransomware via webcam Tarlogic detects a hidden feature in the mass-market ESP32 chip that could infect millions of IoT devices Alleged Co-Founder of Garantex Arrested in India – Krebs on Security 37K+ VMware ESXi instances vulnerable to critical zero-day | Cybersecurity Dive Apple patches 0-day exploited in “extremely sophisticated attack” - Ars Technica What Really Happened With the DDoS Attacks That Took Down X | WIRED Eleven11bot estimates revised downward as researchers point to Mirai variant | Cybersecurity Dive Previously unidentified botnet infects unpatched TP-Link Archer home routers | The Record from Recorded Future News Safe.eth on X: "Investigation Updates and Community Call to Action" / X How to verify Safe{Wallet} transactions on a hardware wallet | Safe{Wallet} Help Center and Support. US charges Chinese nationals in cyberattacks on Treasury, dissidents and more | The Record from Recorded Future News Former top NSA cyber official: Probationary firings ‘devastating' to cyber, national security | CyberScoop U.S. pauses intelligence sharing with Ukraine used to target Russian forces - The Washington Post

In this episode of The BlueHat Podcast, hosts Nic Fillingham and Wendy Zenone welcome back George Hughey and Rohit Mothe from the Microsoft Security Response Center (MSRC) to discuss their latest blog post on mitigating NTLM relay attacks by default. George and Rohit explain their roles in vulnerability hunting and delve into NTLM, a 40-year-old authentication protocol, outlining its vulnerabilities and the risks of relay attacks, which function as a type of man-in-the-middle exploit. They highlight Microsoft's move to a "secure by default" approach, ensuring mitigations like channel binding are enabled automatically, providing stronger protections across services like Exchange, Active Directory Certificate Services (ADCS), and LDAP.     In This Episode You Will Learn:     Steps users can take to enhance security in their environments  Why legacy protocols remain a challenge and what the future might hold  The challenges and successes of improving authentication security      Some Questions We Ask:  What is an NTLM relay attack, and how does it work?  Can you explain channel binding and its role in preventing NTLM relay attacks?  What challenges arise from modernizing authentication in complex environments?         Resources:       View George Hughey on LinkedIn   View Rohit Mothe on LinkedIn   View Wendy Zenone on LinkedIn    View Nic Fillingham on LinkedIn      Related Microsoft Podcasts:       Microsoft Threat Intelligence Podcast    Afternoon Cyber Tea with Ann Johnson    Uncovering Hidden Risks          Discover and follow other Microsoft podcasts at microsoft.com/podcasts     

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.Datadog Security Labs has introduced the Supply-Chain Firewall, a new open-source tool designed to protect developers from malicious and vulnerable packages sourced from PyPI and npm repositories.U.S. authorities have arrested 19-year-old Remington Goy Ogletree, known online as "remi," for allegedly breaching a U.S. financial institution and two unnamed telecommunications firms. A recent study titled "A Study of Malware Prevention in Linux Distributions" examines the challenges of preventing and detecting malware within Linux distribution package repositories. A recently identified zero-day vulnerability affects all modern versions of Windows Workstation and Server operating systems, from Windows 7 and Server 2008 R2 up to the latest Windows 11 v24H2 and Server 2022. And you can subscribe to Detection Engineering Weekly here.

[Referências do Episódio] Compromised ultralytics PyPI package delivers crypto coinminer - https://www.reversinglabs.com/blog/compromised-ultralytics-pypi-package-delivers-crypto-coinminer  Compromising OpenWrt Supply Chain via Truncated SHA-256 Collision and Command Injection - https://flatt.tech/research/posts/compromising-openwrt-supply-chain-sha256-collision/  URL File NTLM Hash Disclosure Vulnerability (0day) - and Free Micropatches for it - https://blog.0patch.com/2024/12/url-file-ntlm-hash-disclosure.html  New Windows zero-day exposes NTLM credentials, gets unofficial patch - https://www.bleepingcomputer.com/news/security/new-windows-zero-day-exposes-ntlm-credentials-gets-unofficial-patch/  Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Ismét elhalasztották a holdra szállást Rakéta     2024-12-07 08:33:06     Tudomány Világűr NASA Eddig úgy tűnt, hogy 2026 szeptemberében fognak ismét emberek lépni a Holdra, ám a NASA csütörtöki bejelentése szerint erre 2027 közepe előtt már biztosan nem kerül sor. Parádés égi látványosság lesz éjszaka Mínuszos     2024-12-07 04:33:11     Tudomány Este kerül oppozícióba, vagyis a Földdel való szembenállásba a Jupiter. A gázóriás fényessége és látszó átmérője is ekkor lesz a legnagyobb, így a jelenség több szempontból is különleges lesz. A Svábhegyi Csillagvizsgáló közleménye szerint az oppozíciónak nevezett jelenség a földpályán kívül keringő bolygóknak egy kitüntetett helyzete. Ekkor a Föld A mesterséges intelligencia öt év alatt 10 milliárd euró bevételkiesést okozhat a zenei alkotóknak Digital Hungary     2024-12-07 11:13:00     Infotech Mesterséges intelligencia Elkészült az első tanulmány, amely globális szinten méri fel, hogy mik lehetnek a generatív MI gazdasági hatásai a zenei és az audiovizuális területen. Ha a jelenlegi jogi szabályozás megmarad, akkor az alkotók nem fognak profitálni a generatív MI forradalmából. Greenpeace: Trükköznek a komáromi akkumulátorgyárhoz köthető emissziós határértékekkel Telex     2024-12-07 12:58:19     Tudomány Komárom Greenpeace A zöldszervezet szerint a határérték egyébként is alacsony, de mivel három létesítmény működik egymás mellett, ezeknek együtt kellene számítani a kibocsátását. Hárommillió brit kapott mobilos viharjelzést 24.hu     2024-12-07 07:00:42     Tudomány London Sport- és kulturális rendezvényeket töröltek, bezár a legnagyobb karácsonyi látványosság is Londonban. Világszenzáció az első négylábú robot, ami teljesítette a maratont newtechnology.hu     2024-12-07 06:33:43     Tudomány Robot Dél-Korea Maraton Egy dél-koreai fejlesztésű négylábú robot, a Raibo2 történelmet írt azzal, hogy a világon első ilyen eszközként teljesítette a teljes maratoni távot. A Kaist (Koreai Fejlett Tudományos és Technológiai Intézet) kutatói 600 millió kibertámadás naponta ITBusiness     2024-12-07 12:12:06     Infotech Microsoft Hacker Kiberbiztonság Kibertámadás Egy év alatt közel háromszorosára emelkedett a zsarolóvírusos támadások száma – derül ki a Microsoft legújabb Digital Defence Report-jából. A vállalat adatai szerint a Microsoft-felhasználók naponta 600 millió támadás célpontjai, legyen szó magánszemélyekről vagy állami támogatással működő elkövetőkről. Bár a technológiai szektor hatékonyan észleli Nincs javítás a minden Windows-t érintő új, súlyos sebezhetőségre PC Fórum     2024-12-07 07:00:00     Infotech Windows Egy biztonsági cég a hét végén arról számolt be, hogy sikerült egy rendkívül súlyos, már kihasználás alatt álló sebezhetőséget azonosítania a Windows-okban. Újabb nulladik napi sérülékenység révén támadók megszerezhetik a felhasználók ún. NTLM hitelesítő adatait - méghozzá úgy, hogy mindössze egy, általuk manipulált állományt tartalmazó mappa a Win 5 remek tv 200 000 forint alatt! Tévé vásárlási tanácsok TechWorld     2024-12-07 06:32:04     Infotech Olcsó Dokumentumfilm Mutatunk 5 olyan tévét, ami jó választás lehet a 100 000 és 200 000 forint közötti kategóribában. Olcsóbb, drágább, nagyobb, fényesebb és dizájnosabb is van a válogatásunkban. Sokan vannak, akik csak maximum 200 000 forintot szánnának egy televízióra. Nekik készítettünk egy kiváló, tényfeltáró dokumentumfilmet, amiben olyan modelleket gyűjtöttünk ö Két Edge 50 telepítheti az Android 15-öt Mobilarena     2024-12-07 12:30:00     Mobiltech Android Motorola Egyre nagyobb lelkesedéssel frissítés a Motorola készülékeit, tucatnyi vár még az Android 15-re. Ortopéd robotsebészeti centrum az Emineo magánkórházban TőzsdeFórum     2024-12-07 12:09:57     Gazdaság Robot Ortopéd robotsebészeti centrumot fejleszt az EMINEO magánkórház, a központ működésének első három hónapjában 11 ortopéd sebész szerzett jogosultságot a gyártótól a robot használatára – közölte az intézmény A tájékoztatás szerint az elmúlt csaknem három hónapban 50 térdprotézisműtétet végeztek el. A műtétre jelentkező betegek száma megduplázódott az Mesterséges intelligencia tervezte a világ első városi szélturbináját newtechnology.hu     2024-12-07 07:21:15     Cégvilág Mesterséges intelligencia Szélerőmű A Birmingham Blade névre keresztelt új szélturbinát mesterséges intelligencia tervezte, és kifejezetten városi környezetre, alacsony szélsebesség mellett történő működésre optimalizálták. Az EvoPhase AI-tervező cég és a KwikFab precíziós fémgyártó közös Yettel-vezér: Valami hasonlót akarok létrehozni itt, amit a fintech piacon már láttunk Forbes     2024-12-07 06:42:10     Gazdaság Telefon Mesterséges intelligencia Yettel Fintech A Yettel túl van egy nagy tranzakción, az új vezérigazgatónak pedig komoly tervei vannak a mesterséges intelligenciával. A fintech forradalom a telefonunkon zajlik, a telekommunikáció mégis mintha kicsit le lenne maradva. A további adásainkat keresd a podcast.hirstart.hu oldalunkon.

Ismét elhalasztották a holdra szállást Rakéta     2024-12-07 08:33:06     Tudomány Világűr NASA Eddig úgy tűnt, hogy 2026 szeptemberében fognak ismét emberek lépni a Holdra, ám a NASA csütörtöki bejelentése szerint erre 2027 közepe előtt már biztosan nem kerül sor. Parádés égi látványosság lesz éjszaka Mínuszos     2024-12-07 04:33:11     Tudomány Este kerül oppozícióba, vagyis a Földdel való szembenállásba a Jupiter. A gázóriás fényessége és látszó átmérője is ekkor lesz a legnagyobb, így a jelenség több szempontból is különleges lesz. A Svábhegyi Csillagvizsgáló közleménye szerint az oppozíciónak nevezett jelenség a földpályán kívül keringő bolygóknak egy kitüntetett helyzete. Ekkor a Föld A mesterséges intelligencia öt év alatt 10 milliárd euró bevételkiesést okozhat a zenei alkotóknak Digital Hungary     2024-12-07 11:13:00     Infotech Mesterséges intelligencia Elkészült az első tanulmány, amely globális szinten méri fel, hogy mik lehetnek a generatív MI gazdasági hatásai a zenei és az audiovizuális területen. Ha a jelenlegi jogi szabályozás megmarad, akkor az alkotók nem fognak profitálni a generatív MI forradalmából. Greenpeace: Trükköznek a komáromi akkumulátorgyárhoz köthető emissziós határértékekkel Telex     2024-12-07 12:58:19     Tudomány Komárom Greenpeace A zöldszervezet szerint a határérték egyébként is alacsony, de mivel három létesítmény működik egymás mellett, ezeknek együtt kellene számítani a kibocsátását. Hárommillió brit kapott mobilos viharjelzést 24.hu     2024-12-07 07:00:42     Tudomány London Sport- és kulturális rendezvényeket töröltek, bezár a legnagyobb karácsonyi látványosság is Londonban. Világszenzáció az első négylábú robot, ami teljesítette a maratont newtechnology.hu     2024-12-07 06:33:43     Tudomány Robot Dél-Korea Maraton Egy dél-koreai fejlesztésű négylábú robot, a Raibo2 történelmet írt azzal, hogy a világon első ilyen eszközként teljesítette a teljes maratoni távot. A Kaist (Koreai Fejlett Tudományos és Technológiai Intézet) kutatói 600 millió kibertámadás naponta ITBusiness     2024-12-07 12:12:06     Infotech Microsoft Hacker Kiberbiztonság Kibertámadás Egy év alatt közel háromszorosára emelkedett a zsarolóvírusos támadások száma – derül ki a Microsoft legújabb Digital Defence Report-jából. A vállalat adatai szerint a Microsoft-felhasználók naponta 600 millió támadás célpontjai, legyen szó magánszemélyekről vagy állami támogatással működő elkövetőkről. Bár a technológiai szektor hatékonyan észleli Nincs javítás a minden Windows-t érintő új, súlyos sebezhetőségre PC Fórum     2024-12-07 07:00:00     Infotech Windows Egy biztonsági cég a hét végén arról számolt be, hogy sikerült egy rendkívül súlyos, már kihasználás alatt álló sebezhetőséget azonosítania a Windows-okban. Újabb nulladik napi sérülékenység révén támadók megszerezhetik a felhasználók ún. NTLM hitelesítő adatait - méghozzá úgy, hogy mindössze egy, általuk manipulált állományt tartalmazó mappa a Win 5 remek tv 200 000 forint alatt! Tévé vásárlási tanácsok TechWorld     2024-12-07 06:32:04     Infotech Olcsó Dokumentumfilm Mutatunk 5 olyan tévét, ami jó választás lehet a 100 000 és 200 000 forint közötti kategóribában. Olcsóbb, drágább, nagyobb, fényesebb és dizájnosabb is van a válogatásunkban. Sokan vannak, akik csak maximum 200 000 forintot szánnának egy televízióra. Nekik készítettünk egy kiváló, tényfeltáró dokumentumfilmet, amiben olyan modelleket gyűjtöttünk ö Két Edge 50 telepítheti az Android 15-öt Mobilarena     2024-12-07 12:30:00     Mobiltech Android Motorola Egyre nagyobb lelkesedéssel frissítés a Motorola készülékeit, tucatnyi vár még az Android 15-re. Ortopéd robotsebészeti centrum az Emineo magánkórházban TőzsdeFórum     2024-12-07 12:09:57     Gazdaság Robot Ortopéd robotsebészeti centrumot fejleszt az EMINEO magánkórház, a központ működésének első három hónapjában 11 ortopéd sebész szerzett jogosultságot a gyártótól a robot használatára – közölte az intézmény A tájékoztatás szerint az elmúlt csaknem három hónapban 50 térdprotézisműtétet végeztek el. A műtétre jelentkező betegek száma megduplázódott az Mesterséges intelligencia tervezte a világ első városi szélturbináját newtechnology.hu     2024-12-07 07:21:15     Cégvilág Mesterséges intelligencia Szélerőmű A Birmingham Blade névre keresztelt új szélturbinát mesterséges intelligencia tervezte, és kifejezetten városi környezetre, alacsony szélsebesség mellett történő működésre optimalizálták. Az EvoPhase AI-tervező cég és a KwikFab precíziós fémgyártó közös Yettel-vezér: Valami hasonlót akarok létrehozni itt, amit a fintech piacon már láttunk Forbes     2024-12-07 06:42:10     Gazdaság Telefon Mesterséges intelligencia Yettel Fintech A Yettel túl van egy nagy tranzakción, az új vezérigazgatónak pedig komoly tervei vannak a mesterséges intelligenciával. A fintech forradalom a telefonunkon zajlik, a telekommunikáció mégis mintha kicsit le lenne maradva. A további adásainkat keresd a podcast.hirstart.hu oldalunkon.

Researchers uncover a critical Windows zero-day.  An alleged Ukrainian cyberattack targets one of Russia's largest banks. Russian group BlueAlpha exploits CloudFlare services. Microsoft flags Chinese hacking group Storm-0227 for targeting critical infrastructure and U.S. government agencies. SonicWall patches high-severity vulnerabilities in its secure access gateway. Atrium Health reports a data breach affecting over half a million individuals. Rockwell Automation discloses four critical vulnerabilities in its Arena software. U.S. authorities arrest an alleged member of the Scattered Spider gang. Our guest is Hugh Thompson, RSAC program committee chair, discussing the 2025 Innovation Sandbox Contest and its new investment component. C3PO gets caught in the crypto mines.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Joining Dave today is Hugh Thompson, RSAC program committee chair, discussing the 2025 Innovation Sandbox Contest and its new investment component. Read more details in the press release.  Selected Reading New Windows 7 To 11 Warning As Zero-Day With No Official Fix Confirmed (Forbes) Russian users report Gazprombank outages amid alleged Ukrainian cyberattack (The Record) BlueAlpha Russian hackers caught abusing CloudFlare services (SC Media) U.S. org suffered four month intrusion by Chinese hackers (Bleeping Computer) Microsoft: Another Chinese cyberspy crew targeting US critical orgs 'as of yesterday' (The Register) SonicWall Patches 6 Vulnerabilities in Secure Access Gateway (SecurityWeek) Mitel MiCollab zero-day and PoC exploit unveiled (Help Net Security) Atrium Health Data Breach Impacts 585,000 People (SecurityWeek) Rockwell Automation Vulnerabilities Let Attackers Execute Remote Code (Cyber Security News) US arrests Scattered Spider suspect linked to telecom hacks  (Bleeping Computer) Nebraska Man pleads guilty to $3.5 million cryptojacking scheme (Bleeping Computer) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Automox cybersecurity experts discuss the latest security updates from November's Patch Tuesday, focusing on several critical vulnerabilities, including NTLM Hash Disclosure, Microsoft Defender's RCE vulnerability, and the Windows Task Scheduler Elevation of Privilege Vulnerability. They emphasize the importance of patching and user awareness in combating phishing attacks and other security threats. The conversation highlights the complexities of vulnerabilities in Windows 10 and 11, and the need for proactive measures to protect systems.

What does Windows Server 2025 bring to Active Directory? Richard chats with Orin Thomas about the new version of Windows Server coming and what to expect around Active Directory. Orin talks about how mature the Windows Server space is, so only incremental improvements are warranted, but they are important ones - like retiring NTLM once and for all. And when it comes to Active Directory, there are new secure features you're going to want, but you do need to up your functional level to get them, and that means getting to at least Server 2016 functional level first... then moving everything else. When was the last time you transferred a FSMO role? Orin also digs into the new certification practice options available, where instead of answering questions, you do the work and get evaluated - cool!LinksWhat's New in Server 2025SandwormActive Directory FSMO Roles in WindowsWindows Server Hybrid Administrator AssociateWindows LAPSRecorded August 6, 2024

On the show this week, Steve Goodman and Rich Dean are joined by speaker guest, TEC speaker & 20-time Microsoft MVP, Derek Melber. On the show, Derek gives invaluable tips on how to ensure your AD remains secure in a world of cloud and on-premises threats, and we discuss an important but often ignore topic - removing NTLM passwords from use in your organization. And we delve into the aftermath of Crowdstrike, digging a little deeper on the analysis of how some organizations weren't prepared.Want to stay up to date on all things Practical 365? Follow us on Twitter, Facebook, and Linkedin to stay up to date on all things Microsoft!

Forecast = Expect a scorcher

In this episode, I cover a recent acquisition by Google, Windows 10 end of support chatter, Infosec news roundup and much more! Reference Links: https://www.rorymon.com/blog/ntlm-deprecated-google-acquisition-windows-10-end-of-support-chatter/

In this podcast episode, Andy and Paul discuss the upcoming release of Windows Server 2025 and the myriad security enhancements it will bring. They delve into various topics such as improvements to Active Directory, delegated managed service accounts, Kerberos protocol enhancements, SMB enhancements, hot patching, REFS file system for confidential computing, and extended security updates.   Key takeaways:  Windows Server 2025 brings a host of security enhancements.  The release date of Windows Server 2025 is speculated to be in September 2024, coinciding with the release of System Center 2025.  Timestamps:  (07:05) - Enhancements in Active Directory Security and Numa Support: A Deep Dive (13:19) - Revolutionizing Service Accounts: Delegated Managed Service Accounts Explained  (20:28) - Revamping Windows Server Security: Say Goodbye to NTLM and Hello to Kerberos  (28:15) - Revolutionizing SMB with Quick Protocol and Hot Patching in Windows Server 2025  (32:34) - Revolutionizing Patching with Hot Patching in Windows Server and Azure  (36:02) - Revolutionizing Data Protection with Resilient File System and Confidential Computing  (39:34) - Exploring Confidential Compute, Server Upgrades, and Extended Security Updates in Windows Server Environment  (42:37) - Windows Server 2025 Release Date Speculations and Future Episode Teasers  Episode Resources:  What's new in Windows Server 2025 from MS Learn

In this episode of the Blue Security Podcast, Andy and Adam discuss the security and privacy announcements from Microsoft Build. They cover topics such as AI content safety, Copilot capabilities, security enhancements in Microsoft Edge, and new Windows security features. They also touch on the deprecation of NTLM and the introduction of Copilot Plus PCs with Qualcomm's new dev kit for Windows. Overall, the episode highlights the advancements in security and innovation in the Windows ecosystem. Takeaways -Microsoft announced new security and privacy features at Microsoft Build -AI content safety enhancements were introduced to protect AI applications -Copilot capabilities were expanded to provide information and context from knowledge in documents and files -Microsoft Edge for Business received improvements in defense against data leaks and vulnerabilities -New Windows security features were announced, including virtualization-based security, personal data encryption, and attestation -NTLM deprecation is planned for the second half of 2024 -Copilot Plus PCs with Qualcomm's new dev kit offer enhanced performance and battery life -The Windows ecosystem is experiencing a paradigm shift with innovation and competition ---------------------------------------------------- YouTube Video Link:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ https://youtu.be/zhn_t9X3ATQ⁠⁠⁠⁠⁠⁠⁠⁠ ----------------------------------------------------------- Documentation: https://news.microsoft.com/build-2024-book-of-news/ https://blogs.windows.com/windowsdeveloper/2024/05/21/unlock-a-new-era-of-innovation-with-windows-copilot-runtime-and-copilot-pcs/ https://www.microsoft.com/en-us/security/blog/2024/05/20/new-windows-11-features-strengthen-security-to-address-evolving-cyberthreat-landscape/ ----------------------------------------------------------- Contact Us: Website: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://bluesecuritypod.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/bluesecuritypod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Linkedin: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/company/bluesecpod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Youtube: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.youtube.com/c/BlueSecurityPodcast⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ----------------------------------------------------------- Andy Jaw Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajawzero⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/andyjaw/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠andy@bluesecuritypod.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ----------------------------------------------------------- Adam Brewer Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajbrewer⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/adamjbrewer/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠adam@bluesecuritypod.com --- Send in a voice message: https://podcasters.spotify.com/pod/show/blue-security-podcast/message

In today's podcast we cover four crucial cyber and technology topics, including: Finland discloses ongoing Android malware campaign Czechia, Germany say Russia abused Microsoft flaw to spy Wichita officials say public services limited following ransomware Illinois to review language of law protecting biometric data I'd love feedback, feel free to send your comments and feedback to  | cyberandtechwithmike@gmail.com

Microsoft's April 2024 security updates have caused significant disruptions, including VPN connection failures and NTLM authentication issues, across various Windows versions such as Windows 11, Windows 10, and Windows Server 2008 and later. Users have reported experiencing connectivity issues and potential security vulnerabilities due to these problems. Marriott's admission of using outdated SHA-1 hashing instead of encryption during a 2018 data breach reveals a significant oversight in their forensic investigations. This revelation came to light during a court case where Marriott falsely claimed to have used encryption to secure their data, raising questions about their security measures and forensic processes. Pax8 recently announced a leadership transition with Scott Chazen appointed as the new CEO, taking over from John Street who stepped down. Four things to know today00:00 Microsoft's April 2024 Security Updates Disrupt VPN Services and NTLM Across Windows Platforms03:30 Forensic Flaw: Marriott Admits to Using Outdated SHA-1 Hashing Instead of Encryption05:25 Ukrainian Hacker Ordered to Pay $16 Million After Pleading Guilty in Kaseya Cyberattack07:20 Pax8 Announces Leadership Transition: Scott Chasin to Take Over as CEO, John Street Steps Down Supported by:  https://skykick.com/mspradio/https://coreview.com/mspradio/  All our Sponsors:   https://businessof.tech/sponsors/    Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/ Support the show on Patreon: https://patreon.com/mspradio/ Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessoftech.bsky.social

Dustin Heywood, Hacker, Researcher, and Senior Leader at IBM, joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Dustin provided a live demonstration of cracking NTLM version 1 during his BlueHat presentation, showcasing the process of responding to challenges, using coercion techniques, and ultimately extracting and cracking the NTLM hash. Dustin, Nic, and Wendy discuss checking group policies, auditing every object, ensuring relevant systems, and managing IT assets effectively. They emphasize the importance of IT asset management and recommend quarantining legacy systems with restricted access. In This Episode You Will Learn: Why security professionals need business skills for effective communication Advice for auditing legacy systems with vulnerable protocols Extracting DPAPI keys and decrypting browser session history Some Questions We Ask: How do you manage risk for legacy systems deemed necessary for business? Can you discuss some of the outdated protocols in current IT environments? What guidance would you offer to IT professionals looking to audit their systems? Resources: View Dustin Heywood on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Is the ALPHV gang pulling up a twenty two million dollar rug? Meta platforms are experiencing outages.  Ukraine claims a cyberattack on the Russian Ministry of Defense. Malicious phishers hope to hook hashes. TeamCity users are warned of critical vulnerabilities. The Discord leaker pleads guilty. AmEx suffers a third-party data breach. Amazon is flooded with fake copycat publications. Our guest is Deputy Assistant Director Cynthia Kaiser from the FBI Cyber Division to discuss Volt Typhoon. And, Dude, she is just not that into you. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Deputy Assistant Director Cynthia Kaiser from the FBI Cyber Division joins us to discuss Volt Typhoon. Selected Reading Hackers Behind the Change Healthcare Ransomware Attack Just Received a $22 Million Payment  (WIRED) Ukraine claims it hacked Russian Ministry of Defense servers (Bleeping Computer) Hundreds of orgs targeted with emails aimed at stealing NTLM authentication hashes (Help Net Security) TeamCity Users Urged to Patch Critical Vulnerabilities (Infosecurity Magazine) Pentagon leak defendant Jack Teixeira pleads guilty, faces years in prison (Reuters) American Express credit cards exposed in third-party data breach (Bleeping Computer) Tech writer Kara Swisher has a new book. Enter the AI-generated scams. (Bleeping Computer) Retired Army officer charged with sharing classified information about Ukraine on foreign dating site (CBS News)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

Episode 60: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel review the Portswigger Research list of top 10 web hacking techniques of 2023.Follow us on twitter at: @ctbbpodcastSend us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:------ Ways to Support CTBBPodcast ------Hop on the CTBB DiscordWe also do Discord subs at $25, $10, $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. Sign up for Caido using the referral code CTBBPODCAST for a 10% discount. Resources:Top 10 web hacking techniques of 20231: Smashing the state machine8: From Akamai to F5 to NTLM3: SMTP Smuggling4: PHP filter chains(Bonus Read)5: HTTP Parsers Inconsistencies6: HTTP Request Splitting7: How I Hacked Microsoft Teams9: Cookie Crumbles(Bonus Read)10: Hacking root EPP servers to take control of zonesTimestamps:(00:00:00) Introduction(00:04:26) 1: Smashing the state machine(00:11:56) 8: From Akamai to F5 to NTLM... with love(00:17:11) 3: SMTP Smuggling(00:26:27) 4: PHP filter chains(00:36:40) 5: HTTP Parsers Inconsistencies(00:44:56) 6: HTTP Request Splitting(00:53:43) 7: How I Hacked Microsoft Teams(01:02:25) 9: Cookie Crumbles(01:11:36) 10: EPP Server Takeover

Unlock the mysteries of Active Directory with our guest James Potter, an AD virtuoso, as we traverse the complex labyrinth of group nesting and consider the impending expertise exodus. Tune in for an eye-opening discussion on the surprisingly robust security benefits of antiquated systems like Novel Network and the sticky challenges organizations like Blue Lemon face when trying to pivot away from deeply rooted AD setups. Our episode peels back the layers of legacy architecture, revealing how it intertwines with modern business operations and the tricky integration into present-day security frameworks.Ever wondered about the Herculean task of managing cloud security for a behemoth infrastructure? James Potter and I share war stories from the trenches, including my hands-on experience refining a company's attack surface across a staggering 400,000 Azure accounts. We highlight the pitfalls developers may unknowingly create and dissect the enduring reliance on outdated NTLM authentication. Also, reminisce with me about the days at Microsoft when Active Directory was the unsung hero of businesses, and explore how cloud service lockdowns and the quest to avoid vendor lock-in are shaping today's tech strategies.Concluding the episode, we navigate the emotional rollercoaster of imposter syndrome when shifting from a corporate behemoth to the entrepreneurial hustle of consulting. I divulge my personal battle with self-doubt and chart out the tactics that fortified my resolve and credibility. Wrapping up, we warmly extend an invitation to reach out to James Potter and the DSE Team for a helping hand or further dialogue, ensuring you leave not only equipped with newfound insights but also with the connections to help you thrive in the IT realm.Support the showAffiliate Links:NordVPN: https://go.nordvpn.net/aff_c?offer_id=15&aff_id=87753&url_id=902 Follow the Podcast on Social Media!Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcastPatreon: https://www.patreon.com/SecurityUnfilteredPodcastYouTube: https://www.youtube.com/@securityunfilteredpodcastTikTok: Not today China! Not today

This week in the Security Weekly News: the NSA admits to secretly buying your internet browsing data, malicious Google ads target Chinese users, Juniper releases update for Junos OS flaws, Outlook could be leaking your NTLM passwords, WhiteSnake malware on Windows, Jason Wood discusses new guidance on the Microsoft "Midnight Blizzard" attack, and more! Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-358

In this episode of "The Daily Decrypt," host offsetkeyz dives into the latest cybersecurity stories that matter. Outlook Vulnerability - We begin with an in-depth look at a significant vulnerability in Microsoft Outlook (CVE-2023-35636), which could allow attackers to access NTLM hashed passwords. Learn about the nature of this phishing attack and how to protect yourself. Read more. Raptor Technologies Breach - Discover the details behind the major data breach at Raptor Technologies, affecting educational institutions. We discuss the implications of this breach and its impact on school safety. Read more. TrickBot Developer Sentenced - Finally, we cover the sentencing of the TrickBot malware developer, highlighting a rare instance of justice in the cybercrime world. Read more. Stay informed and understand the complexities of cyber safety with "The Daily Decrypt." Tune in for concise, engaging, and informative discussions on the ever-evolving world of cybersecurity. Remember to follow us on Twitter @DailyDecryptPod for regular updates and news snippets! OffsetKeyz: Good morning, everyone. We now have a Twitter account, so if you haven't yet, go follow us at Daily Decrypt Pod. This will give you news updates even before they appear on the podcast. As news develops, we'll keep you informed there. Today, we're discussing three stories. The first is an Outlook vulnerability, which will seem familiar if you listened to our recent episode about LLMNR. It was released last month and is quite significant. We'll also talk about a major breach at Raptor Technologies, a security provider for educational institutions like middle schools and high schools. Finally, we'll briefly cover the sentencing of the main developer of the Trickbot malware to five years in jail. In this podcast, we aim to start with simpler topics for a broader audience and gradually delve into more technical aspects, making it accessible for everyone. OffsetKeyz: Microsoft's Patch Tuesday recently disclosed a significant vulnerability in Microsoft Outlook. Discovered by researchers, this vulnerability in Outlook's calendar sharing function could potentially allow attackers to access NT LAN Manager or NTLM hashed passwords when a user opens a specifically crafted file. The attackers crafted headers to expose an NTLM hash during authentication, which is essentially your password in a hashed form. This type of phishing attack is quite targeted, aiming specifically at Outlook users. The breach's nature and scale are concerning, given the widespread use of the older NTLM protocol. Microsoft plans to phase it out in Windows 11 for the more secure Kerberos protocol. The takeaway here is to be cautious with links, especially in Outlook. Verify the source and be aware of deceptive practices like substituting characters. Remember, they're getting the NTLM hash, not the password directly, and this hash needs to be cracked. Using a strong, unique password, preferably generated by a password manager, can significantly mitigate this risk. OffsetKeyz: Next, we have a major breach at Raptor Technologies. This breach is particularly concerning as it involves educational institutions, which often lack robust security resources. Raptor Technologies, a US-based school safety software provider, experienced a breach that exposed about 4 million records, as reported by Jeremiah Fowler. These records included detailed school incident response plans, layouts, and information on infrastructure challenges like malfunctioning cameras and security gaps. This data leak is a serious concern, as it includes blueprints and security response strategies, potentially opening doors to physical threats. The breach underlines the importance of cybersecurity in the education sector and the risks associated with third-party providers. OffsetKeyz: Lastly, the developer behind Trickbot has been sentenced to 64 months in prison. This is a rare occurrence in the cybersecurity world due to the anonymity and complexities involved in tracking cybercriminals. The developer was extradited from South Korea, showcasing the importance of international cooperation in tackling cybercrime. Trickbot, a banking Trojan, has been a significant threat, distributed through phishing emails or malicious websites. It stealthily harvests sensitive information and can deploy ransomware. The sentencing of the developer is a positive step in combating cybercrime and serves as a deterrent for similar activities. OffsetKeyz: That's all for today. I hope you enjoy the new format. We're aiming for a balance between simplicity and in-depth discussion. Feel free to leave comments, feedback, or tweet us with your thoughts. Stay tuned for our upcoming bonus episode, where we'll discuss how to break into cybersecurity, perfect for those seeking a career change or IT professionals wanting to specialize in cybersecurity. Thanks for listening! Thanks to Jered Jones for providing the music for this episode. Find him on Spotify here: https://open.spotify.com/artist/37xLl4KR8hJ5jBuS8zYjQN?si=W75mgw68SsmCb7Zfu5ESeg

This week in the Security Weekly News: the NSA admits to secretly buying your internet browsing data, malicious Google ads target Chinese users, Juniper releases update for Junos OS flaws, Outlook could be leaking your NTLM passwords, WhiteSnake malware on Windows, Jason Wood discusses new guidance on the Microsoft "Midnight Blizzard" attack, and more! Show Notes: https://securityweekly.com/swn-358

This week in the Security Weekly News: the NSA admits to secretly buying your internet browsing data, malicious Google ads target Chinese users, Juniper releases update for Junos OS flaws, Outlook could be leaking your NTLM passwords, WhiteSnake malware on Windows, Jason Wood discusses new guidance on the Microsoft "Midnight Blizzard" attack, and more! Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-358

This week I'm talking about detecting evidence of lateral movement on Window systems using NTLM credential validation events. Much like the episode I did on Kerberos, NTLM events offer the same advantage of being concentrated on domain controllers, which allows you, as the analyst, leverage a great resource for user account analysis. I will have the background, artifact breakdown, and triage strategy coming up right after this…..

How fake drives continue to be sold on Amazon despite negative reviews Microsoft is discontinuing support for the VBScript language The 30-year old NTLM authentication protocol will eventually be removed from Windows Two new vulnerabilities found in cURL A new Cisco router vulnerability rated CVSS 10.0 was used to hack over 40,000 devices Debate over whether "lib" should rhyme with "vibe" or "air" Instructions for accessing the SpinRite 6.1 pre-release version Feedback on passkey exportability and server IP address encryption A listener asks if ransomware can encrypt already encrypted files How Privacy Badger un-rewrites Google's search result links The NSA and CISA warn about the power of privilege and the dangers of account misconfigurations like privilege creep, elevated service account permissions, and non-essential use of elevated accounts Show Notes - https://www.grc.com/sn/SN-945-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit joindeleteme.com/twit promo code TWIT canary.tools/twit - use code: TWIT

How fake drives continue to be sold on Amazon despite negative reviews Microsoft is discontinuing support for the VBScript language The 30-year old NTLM authentication protocol will eventually be removed from Windows Two new vulnerabilities found in cURL A new Cisco router vulnerability rated CVSS 10.0 was used to hack over 40,000 devices Debate over whether "lib" should rhyme with "vibe" or "air" Instructions for accessing the SpinRite 6.1 pre-release version Feedback on passkey exportability and server IP address encryption A listener asks if ransomware can encrypt already encrypted files How Privacy Badger un-rewrites Google's search result links The NSA and CISA warn about the power of privilege and the dangers of account misconfigurations like privilege creep, elevated service account permissions, and non-essential use of elevated accounts Show Notes - https://www.grc.com/sn/SN-945-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit joindeleteme.com/twit promo code TWIT canary.tools/twit - use code: TWIT

How fake drives continue to be sold on Amazon despite negative reviews Microsoft is discontinuing support for the VBScript language The 30-year old NTLM authentication protocol will eventually be removed from Windows Two new vulnerabilities found in cURL A new Cisco router vulnerability rated CVSS 10.0 was used to hack over 40,000 devices Debate over whether "lib" should rhyme with "vibe" or "air" Instructions for accessing the SpinRite 6.1 pre-release version Feedback on passkey exportability and server IP address encryption A listener asks if ransomware can encrypt already encrypted files How Privacy Badger un-rewrites Google's search result links The NSA and CISA warn about the power of privilege and the dangers of account misconfigurations like privilege creep, elevated service account permissions, and non-essential use of elevated accounts Show Notes - https://www.grc.com/sn/SN-945-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit joindeleteme.com/twit promo code TWIT canary.tools/twit - use code: TWIT

How fake drives continue to be sold on Amazon despite negative reviews Microsoft is discontinuing support for the VBScript language The 30-year old NTLM authentication protocol will eventually be removed from Windows Two new vulnerabilities found in cURL A new Cisco router vulnerability rated CVSS 10.0 was used to hack over 40,000 devices Debate over whether "lib" should rhyme with "vibe" or "air" Instructions for accessing the SpinRite 6.1 pre-release version Feedback on passkey exportability and server IP address encryption A listener asks if ransomware can encrypt already encrypted files How Privacy Badger un-rewrites Google's search result links The NSA and CISA warn about the power of privilege and the dangers of account misconfigurations like privilege creep, elevated service account permissions, and non-essential use of elevated accounts Show Notes - https://www.grc.com/sn/SN-945-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit joindeleteme.com/twit promo code TWIT canary.tools/twit - use code: TWIT

How fake drives continue to be sold on Amazon despite negative reviews Microsoft is discontinuing support for the VBScript language The 30-year old NTLM authentication protocol will eventually be removed from Windows Two new vulnerabilities found in cURL A new Cisco router vulnerability rated CVSS 10.0 was used to hack over 40,000 devices Debate over whether "lib" should rhyme with "vibe" or "air" Instructions for accessing the SpinRite 6.1 pre-release version Feedback on passkey exportability and server IP address encryption A listener asks if ransomware can encrypt already encrypted files How Privacy Badger un-rewrites Google's search result links The NSA and CISA warn about the power of privilege and the dangers of account misconfigurations like privilege creep, elevated service account permissions, and non-essential use of elevated accounts Show Notes - https://www.grc.com/sn/SN-945-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit joindeleteme.com/twit promo code TWIT canary.tools/twit - use code: TWIT

How fake drives continue to be sold on Amazon despite negative reviews Microsoft is discontinuing support for the VBScript language The 30-year old NTLM authentication protocol will eventually be removed from Windows Two new vulnerabilities found in cURL A new Cisco router vulnerability rated CVSS 10.0 was used to hack over 40,000 devices Debate over whether "lib" should rhyme with "vibe" or "air" Instructions for accessing the SpinRite 6.1 pre-release version Feedback on passkey exportability and server IP address encryption A listener asks if ransomware can encrypt already encrypted files How Privacy Badger un-rewrites Google's search result links The NSA and CISA warn about the power of privilege and the dangers of account misconfigurations like privilege creep, elevated service account permissions, and non-essential use of elevated accounts Show Notes - https://www.grc.com/sn/SN-945-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit joindeleteme.com/twit promo code TWIT canary.tools/twit - use code: TWIT

How fake drives continue to be sold on Amazon despite negative reviews Microsoft is discontinuing support for the VBScript language The 30-year old NTLM authentication protocol will eventually be removed from Windows Two new vulnerabilities found in cURL A new Cisco router vulnerability rated CVSS 10.0 was used to hack over 40,000 devices Debate over whether "lib" should rhyme with "vibe" or "air" Instructions for accessing the SpinRite 6.1 pre-release version Feedback on passkey exportability and server IP address encryption A listener asks if ransomware can encrypt already encrypted files How Privacy Badger un-rewrites Google's search result links The NSA and CISA warn about the power of privilege and the dangers of account misconfigurations like privilege creep, elevated service account permissions, and non-essential use of elevated accounts Show Notes - https://www.grc.com/sn/SN-945-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit joindeleteme.com/twit promo code TWIT canary.tools/twit - use code: TWIT

It's no surprise that OT security has fared poorly over the last 30+ years. To many appsec folks, these systems have uncommon programming languages, unfamiliar hardware, and brittle networking stacks. They also tend to have different threat scenarios. Many of these systems are designed, successfully, to maintain availability. But when a port scan can freeze or crash a device, that availability seems like it hasn't put enough consideration into adversarial environments. We chat about the common failures of OT design and discuss a few ways that systems designed today might still be secure 30 years from now. In the news, how HTTP/2's rapid reset is abused for DDoS, a look at the fix for Curl's recent high severity bug, OWASP moves to make CycloneDX a standard, Microsoft deprecates NTLM, VBScript, and old TLS -- while also introducing an AI bug bounty program. Visit https://securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/asw-259

How HTTP/2's rapid reset is abused for DDoS, a look at the fix for Curl's recent high severity bug, OWASP moves to make CycloneDX a standard, Microsoft deprecates NTLM, VBScript, and old TLS -- while also introducing an AI bug bounty program. Show Notes: https://securityweekly.com/asw-259

It's no surprise that OT security has fared poorly over the last 30+ years. To many appsec folks, these systems have uncommon programming languages, unfamiliar hardware, and brittle networking stacks. They also tend to have different threat scenarios. Many of these systems are designed, successfully, to maintain availability. But when a port scan can freeze or crash a device, that availability seems like it hasn't put enough consideration into adversarial environments. We chat about the common failures of OT design and discuss a few ways that systems designed today might still be secure 30 years from now. In the news, how HTTP/2's rapid reset is abused for DDoS, a look at the fix for Curl's recent high severity bug, OWASP moves to make CycloneDX a standard, Microsoft deprecates NTLM, VBScript, and old TLS -- while also introducing an AI bug bounty program. Visit https://securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://securityweekly.com/asw for all the latest episodes!

On this episode of Storm Watch the hosts discuss a recent vulnerability in the Cisco IOS software, which they describe as a "legit terrible vulnerability". This vulnerability can be triggered to place an implant on a Cisco device, granting the attacker full access to the device. They emphasize that this is a serious issue and encourage listeners to look into it further. They also discuss a vulnerability in WordPad, which they find surprising given that WordPad is often forgotten about. They note that Microsoft has claimed to have updated WordPad to address this vulnerability and also that Microsoft is abandoning WordPad (though they made an update for this vuln). The hosts also discuss the importance of blocking outbound NTLM over SMB in Windows, with Glenn emphasizing that organizations should not allow SMB outbound from their perimeter. They discuss the challenges of restricting outbound internet access for the general user base, noting that it would require an application firewall and could potentially lead to a large number of help desk tickets. Another topic of discussion is a recent blog post by Vulncheck, which reveals that many devices have already been compromised due to the iOS software vulnerability. They note that the compromised devices were found in Digital Ocean, which they find amusing.  Finally the team reviews recent GreyNoise Tags, additions to CISA KEV, a new "KEV API" open-source tool, and the new KEV "ransomware" field, with a daily-updated visualization by GreyNoise. Episode Slides >> Join our Community Slack >> Learn more about GreyNoise >>    

https://youtu.be/dSUkvBUDum4 This week on the podcast, we cover the recent HTTP/2 protocol vulnerability that lead to the largest DDoS attack ever recorded by CloudFlare. After that, we discuss Microsoft's announcement about the deprecation of VBScript and the impending removal of NTLM. We then cover a collection of data allegedly stolen from the genealogy website 23 and Me before ending with a fun bit of research targeting private servers for the Grand Theft Auto Online video game.

In this episode of the Business of Tech podcast, Dave Sobel discusses four key topics. First, he explores how SMBs are turning to technology for resilience. Next, he delves into the potential of automation, AI, and the four-day workweek. He then highlights significant changes in the cybersecurity landscape, focusing on VBScript, NTLM, and DDoS vulnerabilities. Finally, Dave shares the news that Google has joined Adobe and Microsoft in pledging to defend AI copyright. Throughout the episode, he emphasizes the implications for MSPs and the potential of passkeys in unlocking new opportunities. Don't miss this insightful discussion on the latest trends and developments in the tech industry.Four things to know today00:00 SMBs Look to Tech for Resilience: Automation, AI, and the 4-Day Workweek05:27 Significant Changes in Cybersecurity Landscape: VBScript, NTLM, and DDoS Vulnerabilities08:26 Google joins Adobe, and Microsoft with Pledge to Defend AI Copyright: What it Means for MSPs10:11 Unlocking the Potential of Passkeys: Why Small Might Lead the WayAdvertiser: https://mspglobal.com/ CODE MSPRADIOhttps://rfcode.com/mspradio/ CODE MSPRADIO for 30% offLooking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Support the show on Patreon: https://patreon.com/mspradio/Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.comFollow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftech

Today we talk about an awesome path to internal network pentest pwnage using downgraded authentication from a domain controller, a tool called ntlmv1-multi, and a boatload of cloud-cracking power on the cheap from vast.ai. Here's my chicken scratch notes for how to take the downgraded authentication hash capture (using Responder.py -I eth0 --lm) and eventually tweeze out the NTLM hash of the domain controller (see https://7ms.us for full show notes).