Podcasts about petitpotam

A daily look at the relevant information security news from overnight - 21 June, 2022Episode 249 - 21 June 2022ToddyCat Tracked- https://www.bleepingcomputer.com/news/security/new-toddycat-apt-group-targets-exchange-servers-in-asia-europe/ NTLM Relay Attack - https://thehackernews.com/2022/06/new-ntlm-relay-attack-lets-attackers.htmlOT Insecure by Design- https://www.securityweek.com/basecamp-icefall-secure-design-ot-makes-little-headwayMicrosoft Re-Arms Windows - https://www.zdnet.com/article/microsoft-this-out-of-band-windows-security-update-fixes-microsoft-365-sign-in-issues-for-arm-devices/Beware Zombie Bugs - https://www.theregister.com/2022/06/21/apple-safari-zombie-exploit/Hi, I'm Paul Torgersen. It's Tuesday June 21st, 2022, and from Chicago this is a look at the information security news from overnight. From BleepingComputer.comA new APT group dubbed ToddyCat has been targeting Microsoft Exchange servers throughout Asia and Europe. According to the Kaspersky researchers, it looks like they have been in action since at least December of 2020. Kaspersky has also found a previously unknown passive backdoor they named Samurai and new trojan malware dubbed Ninja Trojan. Both malware strains allow the attackers to take control of infected systems and move laterally within the victims' networks. From TheHackerNews.com:A new Windows NTLM relay attack dubbed DFSCoerce has been uncovered that leverages the Distributed File System: Namespace Management Protocol to seize control of a domain. This follows a similar method called PetitPotam that abuses Microsoft's Encrypting File System Remote Protocol to coerce Windows servers into authenticating with a relay under an attacker's control. To mitigate NTLM relay attacks, Microsoft recommends enabling Extended Protection for Authentication, SMB signing, and turning off HTTP on AD CS servers. From SecurityWeek.com:Ten years after project Basecamp, Forescout has conducted an updated project, dubbed OT:Icefall, to gauge the current state of Security By Design in OT products. They found 56 insecure by design problems stemming from ten manufacturers. Forescout says the flaws are not programming error vulnerabilities, but rather flaws in the protocols, authorizations, and certifications built into the designs. Seems not enough has changed in the last 10 years. From ZDNet.com:Microsoft has issued an out-of-band update for Windows 11 and Windows 10 to fix an issue that emerged with Arm devices after their latest Patch Tuesday update. It seems some users were prevented from signing into applications including VPN connections, Microsoft Teams, and Microsoft Outlook. The issue only affects Windows devices that use Arm processors; machines using other processors are not affected. If that is you and you have not yet applied the June 14 updates, you should use this out of band update instead. And last today, from TheRegister.comBeware of zombie vulnerabilities. The Safari browser had a vulnerability that was completely patched by Apple back in 2013 when it was discovered. Unfortunately that fix was regressed in 2016 during some code refactoring. That same bug was found being exploited earlier this year. It is unsure for how many of those five years the de-patched bug was being exploited in the wild. See the details and a link to the Google Project Zero research in the article. That's all for me today. Have a great rest of your day. Like and subscribe, and until tomorrow, be safe out there.

Hello everyone! This episode will be about Microsoft Patch Tuesday for May 2022. Sorry for the delay, this month has been quite intense. As usual, I'm using my Vulristics project and going through not only the vulnerabilities that were presented on May 10th, but all the MS vulnerabilities presented by Microsoft since the previous Patch Tuesday, April 12th. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Episode #364 Topotam (https://twitter.com/topotam77) nous présente son parcours de vie, ainsi que l'histoire de l'outil PetitPotam (https://github.com/topotam/PetitPotam) The post Interview Topotam appeared first on NoLimitSecu.

In this session excerpted from a web seminar, Sean Deuby (Semperis Director of Services) and Michele Crockett (Semperis Senior Director of Product Marketing) discuss two important Microsoft security flaws: the Windows Print Spooler vulnerability called PrintNightmare and the PetitPotam flaw. Sean gives some background on how cybercriminals exploit these flaws, how they came to light, and what you can do to guard against them.   More Resources: Watch the full webinar, Stepping Up Your Active Directory Defenses: Lessons Learned from Recent Attacks Like PrintNightmare Read “Detecting and Mitigating the PetitPotam Attack on Windows Domains” Blog by Ran Harel Read “TODO: Disable the Print Spooler service on Domain Controllers” Blog by Sander Berkouwer

Link: https://research.nccgroup.com/2021/09/23/detecting-and-hunting-for-the-petitpotam-ntlm-relay-attack/ Sponsor by SEC Playground แบบสอบถามเพื่อปรับปรุง Chill Chill Security Channel: https://forms.gle/e5K396JAox2rZFp19 Music by https://www.bensound.com/ --- Support this podcast: https://anchor.fm/chillchillsecurity/support

The PetitPotam attack against Microsoft CA has garnered a lot of attention. Our hosts describe this attack and define related terms like Mimikatz, pass-the-hash, and NTLM Relay. The episode goes on to give a roadmap for mitigating this attack , including free resources available to help defend against PetitPotam.

On this week's show Patrick Gray and Adam Boileau discuss recent security news, including: T-Mobile owned hard USA no fly list winds up on unsecured ElasticSearch in Bahrain… because reasons Facebook scrambles to secure Afghani accounts Hacker steals and returns $600 from de-fi platform Healthcare sector struggles with ransomware attacks A very sweet TCP-based amplification technique that will be A Problem Much, much more Evan Sultanik and Dan Guido will be joining us to talk about Fickling – a tool developed by Trail of Bits to do unnatural things to the Python Pickle files that are heavily used as a means to share machine learning models. The machine learning supply chain is really quite wobbly, and they'll be joining us later to talk about that. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that's your thing. Show notes T-Mobile breach climbs to over 50 million people T-Mobile: Breach Exposed SSN/DOB of 40M+ People – Krebs on Security 1.9 million records from the FBI's terrorist watchlist leaked online - The Record by Recorded Future Facebook, other platforms scramble to secure user accounts in Afghanistan This $600 Million Crypto Heist Is the Most Bizarre Hack in Recent Memory A Hacker Stole and Then Returned $600 Million Japanese crypto-exchange Liquid hacked for $94 million - The Record by Recorded Future Operator of the Helix bitcoin mixer pleads guilty to money laundering - The Record by Recorded Future Healthcare provider expected to lose $106.8 million following ransomware attack - The Record by Recorded Future Hospitals hamstrung by ransomware are turning away patients | Ars Technica US healthcare org sends data breach warning to 1.4m patients following ransomware attack | The Daily Swig The pandemic revealed the health risks of hospital ransomware attacks - The Verge Ransomware hackers could hit U.S. supply chain, experts warn Ransomware hits Lojas Renner, Brazil's largest clothing store chain - The Record by Recorded Future RansomClave project uses Intel SGX enclaves for ransomware attacks - The Record by Recorded Future Wanted: Disgruntled Employees to Deploy Ransomware – Krebs on Security Japan's Tokio Marine is the latest insurer to be victimized by ransomware Cyber insurance market encounters ‘crisis moment' as ransomware costs pile up White House to tackle cyber challenges with Apple, IBM, insurance CEOs | Reuters FBI sends its first-ever alert about a 'ransomware affiliate' - The Record by Recorded Future New LockFile ransomware gang weaponizes ProxyShell and PetitPotam attacks - The Record by Recorded Future Multiple ransomware gangs pounce on 'PrintNightmare' vulnerability Peterborough NH Cyberattack: Town Loses $2.3M in Taxpayer Money – NBC Boston Almost 2,000 Exchange servers hacked using ProxyShell exploit - The Record by Recorded Future ALTDOS hacking group wreaks havoc across Southeast Asia - The Record by Recorded Future Hackers Leak Surveillance Camera Videos Purportedly Taken From Inside Iran's Evin Prison - by Kim Zetter - Zero Day Apple reopens legal fight against security firm Corellium, raising concerns for ethical hackers Apple says researchers can vet its child safety features. But it's suing a startup that does just that. | MIT Technology Review This $500 Million Russian Cyber Mogul Planned To Take His Company Public—Then America Accused It Of Hacking For Putin's Spies Cisco: Security devices are vulnerable to SNIcat data exfiltration technique - The Record by Recorded Future SNIcat: Circumventing the guardians | mnemonic BlackBerry's popular operating system for medical devices affected by critical vulnerabilities, drawing fed warnings Realtek SDK vulnerabilities impact dozens of downstream IoT vendors | The Daily Swig Hundreds of thousands of Realtek-based devices under attack from IoT botnet - The Record by Recorded Future Accellion Kiteworks Vulnerabilities | Insomnia Security Firewalls and middleboxes can be weaponized for gigantic DDoS attacks - The Record by Recorded Future Hackers tried to exploit two zero-days in Trend Micro's Apex One EDR platform - The Record by Recorded Future Exhaustive study puts China's infamous Great Firewall under the microscope | The Daily Swig Web hosting platform cPanel & WHM is vulnerable to authenticated RCE and privilege escalation | The Daily Swig Benno on Twitter: "I will donate $50 to a charity of @riskybusiness' choice if he puts this in the show." / Twitter Never a dill moment: Exploiting machine learning pickle files PrivacyRaven: Implementing a proof of concept for model inversion GitHub - trailofbits/fickling: A Python pickling decompiler and static analyzer

Today's Headlines and the latest #cybernews from the desk of the #CISO: CISA Warns Organizations of ProxyShell Attacks on Exchange Servers Cybercrime Group Asking Insiders for Help in Planting Ransomware LockFile ransomware uses PetitPotam attack to hijack Windows domains ShadowPad Malware is Becoming a Favorite Choice of Chinese Espionage Groups CISA Issues Guidance on Protecting Data From Ransomware Cloudflare mitigated one of the largest DDoS attack involving 17.2 million rps   Story Links: https://www.securityweek.com/cisa-warns-organizations-proxyshell-attacks-exchange-servers https://thehackernews.com/2021/08/cybercrime-group-asking-insiders-for.html https://www.bleepingcomputer.com/news/security/lockfile-ransomware-uses-petitpotam-attack-to-hijack-windows-domains/ https://thehackernews.com/2021/08/shadowpad-malware-is-becoming-favorite.html https://www.securityweek.com/cisa-issues-guidance-protecting-data-ransomware https://thehackernews.com/2021/08/cloudflare-mitigated-one-of-largest.html   Hacking MFA Webinar with Roger Grimes of KnowBe4, Tuesday August 24th, 2021, at 11 AM EST Register here: https://us06web.zoom.us/webinar/register/WN_G2wKG4YIS9WhB8ks01eO6A   “The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine   The Practitioner Brief is sponsored by: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub  Attivo Networks: www.attivonetworks.com **** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-j-azar/ James on Parler: @realjamesazar Telegram: CyberHub Podcast Locals: https://cyberhubpodcast.locals.com ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Liquid cryptocurrency exchange loses $94 million following hack New unofficial Windows patch fixes more PetitPotam attack vectors New York man sentenced to prison for stealing students' nude photos after hacking their accounts Thanks to our episode sponsor, Copado The traditional development lifecycle is a game of tradeoffs. You either deploy at blazing speed and put yourself at risk of bugs and breaches — or you shore up your security and release software at a snail's pace. But with Copado DevOps, you get the best of both worlds. Leverage Copado's low-code DevOps platform to drive 94% fewer production bugs, 95% faster releases and an average ROI of 307%. To get a free demo, visit Copado.com. For the stories behind the headlines, head to CISOseries.com

SOHO Routers Redux, GPT-3, Microsoft Proxy Shell and Petitpotam, Flytrap, Nichestack, Bitcoin taxes, and Rickrolling. All this and Jason Wood on the Security Weekly News.   Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn141

This week, SOHO Routers Redux, GPT-3, Microsoft Proxy Shell and Petitpotam, Flytrap, Nichestack, Bitcoin taxes, and Rickrolling. All this and Jason Wood on the Security Weekly News!   Show Notes: https://securityweekly.com/swn141 Visit https://www.securityweekly.com/swnfor all the latest episodes!    Follow us on Twitter: https://twitter.com/securityweekly Follow us on Facebook: https://facebook.com/secweekly

This week, SOHO Routers Redux, GPT-3, Microsoft Proxy Shell and Petitpotam, Flytrap, Nichestack, Bitcoin taxes, and Rickrolling. All this and Jason Wood on the Security Weekly News!   Show Notes: https://securityweekly.com/swn141 Visit https://www.securityweekly.com/swn for all the latest episodes!    Follow us on Twitter: https://twitter.com/securityweekly Follow us on Facebook: https://facebook.com/secweekly

Om Shownotes ser konstiga ut (exempelvis om alla länkar saknas. Det ska finnas MASSOR med länkar) så finns de på webben här också: https://www.enlitenpoddomit.se    Avsnitt 328 spelades in den 3 juli och eftersom den rommerska kejsaren Valens föddes omkring 328 i Cibalae och var son till Gratianus den äldre, en general från Pannonien så handlar dagens avsnitt om: INTRO: FEEDBACK AND BACKLOG: Johan har börjat jobba. Inte David. Han har trillat ned i ett kaninhål om datamängder i rymden. https://www.rymdstyrelsen.se/upptack-rymden/bloggen/2021/4/datamangder-pa-fard-genom-rymden/  https://eyes.nasa.gov/dsn/dsn.html  https://sv.wikipedia.org/wiki/Voyager_1  ALLMÄNT NYTT - Elbilsladdare och rörpostsystem hackade:   https://www.bleepingcomputer.com/news/security/pwnedpiper-critical-bug-set-impacts-major-hospitals-in-north-america/    https://techcrunch.com/2021/08/03/security-flaws-found-in-popular-ev-chargers/  - Nya Kindle saknar 3G-kort   https://techcrunch.com/2021/07/29/old-amazon-kindle-devices-will-soon-lose-3g-access  MICROSOFT - Windows 11 nu i betakanalen    https://www.thurrott.com/windows/windows-11/253857/windows-11-comes-to-the-insider-beta-channel  - CloudPC    https://www.thurrott.com/uncategorized/253986/hands-on-with-microsoft-cloud-pc  - Myndigheter nobbar Teams    https://omni.se/myndigheter-nobbar-teams-kan-lacka-uppgifter/a/KpOBdX  - PrintNightmare    https://www.bleepingcomputer.com/news/microsoft/remote-print-server-gives-anyone-windows-admin-privileges-on-a-pc/     https://www.bleepingcomputer.com/news/security/public-windows-printnightmare-0-day-exploit-allows-domain-takeover/  - PetitPotam och fix    https://www.bleepingcomputer.com/news/microsoft/windows-petitpotam-attacks-can-be-blocked-using-new-method/  - Dynamics och PowerPlatform 2021 Wave 2    https://www.zdnet.com/article/microsoft-makes-available-previews-of-features-coming-to-dynamics-365-power-platform-starting-in-october/  - Windows Defender blocker PUA    https://www.bleepingcomputer.com/news/microsoft/windows-10-to-automatically-block-potentially-unwanted-apps/  BONUS: https://filezilla-project.org/download.php?show_all=1  APPLE - Batteri till AirTag    https://www.macrumors.com/2021/07/28/airtag-replacement-batteries-no-bitter-coating  - GarageBand lär dig mixa    https://www.macrumors.com/2021/07/29/garageband-for-iphone-ipad-new-sound-packs  - Ljudbugg i Apple TV+    https://www.engadget.com/apple-tv-app-movie-rental-purchase-no-audio-bug-143602283.html  GOOGLE: - Pixel 6    https://techcrunch.com/2021/08/02/google-gives-the-world-its-first-glimpse-of-the-pixel-6  - Blockerar riktigt gamla enheter    https://swedroid.se/riktigt-gamla-androidtelefoner-kan-snart-inte-langre-logga-in-i-google-appar/  - Reklamfritt YouTube    https://swedroid.se/google-introducerar-premium-lite-reklamfritt-youtube-for-69kr-man/  Chrome indikerar inte längre säkra siter https://www.bleepingcomputer.com/news/google/google-chrome-to-no-longer-show-secure-website-indicators/ TIPS:  - Masterchief i Waze   https://www.thurrott.com/mobile/254046/waze-now-offers-a-halo-infinite-theme  PRYLLISTA Johan vill ha https://www.indiegogo.com/projects/aawireless#/   David vill ha https://www.klarstein.se/Vitvaror/Kylskap-och-Frysboxar/Minifrys-och-Mini-bar/MKS-13-minibar-32-liter-klass-A-svart-glas-0dB.html  EGNA LÄNKAR - En Liten Podd Om IT på webben, http://enlitenpoddomit.se/  - En Liten Podd Om IT på Facebook, https://www.facebook.com/EnLitenPoddOmIt/  - En Liten Podd Om IT på Youtube, https://www.youtube.com/channel/UCf0vgNRHAzckDMyh8inuYmQ  - Ge oss gärna en recension    - https://podcasts.apple.com/se/podcast/en-liten-podd-om-it/id946204577?mt=2#see-all/reviews      - https://www.podchaser.com/podcasts/en-liten-podd-om-it-158069  LÄNKAR TILL VART MAN HITTAR PODDEN FÖR ATT LYSSNA: - Apple Podcaster (iTunes), https://itunes.apple.com/se/podcast/en-liten-podd-om-it/id946204577  - Overcast, https://overcast.fm/itunes946204577/en-liten-podd-om-it  - Acast, https://www.acast.com/enlitenpoddomit  - Spotify, https://open.spotify.com/show/2e8wX1O4FbD6M2ocJdXBW7?si=HFFErR8YRlKrELsUD--Ujg%20  - Stitcher, https://www.stitcher.com/podcast/the-nerd-herd/en-liten-podd-om-it  LÄNK TILL DISCORD DÄR MAN HITTAR LIVE STREAM + CHATT - http://discord.enlitenpoddomit.se  (Och glöm inte att maila bjorn@enlitenpoddomit.se om du vill ha klistermärken, skicka med en postadress bara. :) 

Hello everyone! Last Week's Security News, July 26 – August 1. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

This week in the Security News: From a stolen laptop to inside the company network, the essential tool for hackers called "Discord", fixin' your highs, hacking DEF CON, an 11-year-old can show you how to get an RTX 30 series, broadcasting your password, to fuzz or not to fuzz, a real shooting war, evil aerobics instructors, the return of the PunkSpider, No Root for you, & more!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw704

This week in the Security News: From a stolen laptop to inside the company network, the essential tool for hackers called "Discord", fixin' your highs, hacking DEF CON, an 11-year-old can show you how to get an RTX 30 series, broadcasting your password, to fuzz or not to fuzz, a real shooting war, evil aerobics instructors, the return of the PunkSpider, No Root for you, & more!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw704

This week Dr. Doug talks: Patching, PetitPotam, Elon, Microsoft Defender, Ransomware rules, Meteor, and more, on this edition of the Security Weekly News Wrap up Show! Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn138

This week Dr. Doug talks: Patching, PetitPotam, Elon, Microsoft Defender, Ransomware rules, Meteor, and more, on this edition of the Security Weekly News Wrap up Show!   Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn138

This week Dr. Doug talks: Patching, PetitPotam, Elon, Microsoft Defender, Ransomware rules, Meteor, and more, on this edition of the Security Weekly News Wrap up Show! Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn138

SpecterOps researchers Lee Christensen and Will Schroeder discuss their work, to be presented at Black Hat, on how AD “misconfiguration debt” lays out a dizzying array of attack paths such as the one in the PetitPotam exploit for which Microsoft  rushed out a fix.

Picture of the Week. Faster and more efficient phishing detection in Chrome 92. A Universal Decryptor for all Kaseya victims. The printer driver used by millions of HP, Samsung and Xerox Printers is exploitable. Windows' Process Hacker. "GoLang" gains supply chain security features at GitHub. Closing the Loop. SeriousSAM & PetitPotam. We invite you to read our show notes at https://www.grc.com/sn/SN-829-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: business.eset.com/twit Melissa.com/twit

Microsoft rushes fix for PetitPotam attack PoC Apple releases urgent zero day bug patch for Mac, iPhone and iPad devices Google launches new Bug Hunters vulnerability rewards platform Thanks to our episode sponsor, Varonis The first time we got hit with ransomware it took us weeks to recover. The second time we got hit, it took us two hours. Why? Because we had Varonis. Varonis reduces the ransomware blast radius and monitors our most important data, automatically. Hear more at varonis.com/risk For the stories behind the headlines, head to CISOseries.com.

Picture of the Week. Faster and more efficient phishing detection in Chrome 92. A Universal Decryptor for all Kaseya victims. The printer driver used by millions of HP, Samsung and Xerox Printers is exploitable. Windows' Process Hacker. "GoLang" gains supply chain security features at GitHub. Closing the Loop. SeriousSAM & PetitPotam. We invite you to read our show notes at https://www.grc.com/sn/SN-829-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: business.eset.com/twit Melissa.com/twit

Twitter: mpgn: https://twitter.com/mpgn_x64 topotam : https://twitter.com/topotam77 Github project: PetitPotam: https://github.com/topotam/PetitPotam

Picture of the Week. Faster and more efficient phishing detection in Chrome 92. A Universal Decryptor for all Kaseya victims. The printer driver used by millions of HP, Samsung and Xerox Printers is exploitable. Windows' Process Hacker. "GoLang" gains supply chain security features at GitHub. Closing the Loop. SeriousSAM & PetitPotam. We invite you to read our show notes at https://www.grc.com/sn/SN-829-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: business.eset.com/twit Melissa.com/twit

 Philipp Amann is the Head of Strategy at European Cybercrime CenterNo More Ransom, an incredibly useful self-serve library of ransomware crackers, from Alpha to ZiggyNeed some specific guidance on what to do if you suffer a ransomware attack? Check out NMR's publication!Also mentioned was Europol's annual Internet Organised Crime Threat Assessment report, which is a great readInterested in partnering with NMR? Send in a request here!The Rapid Rundown is mostly about the PetitPotam proof of concept NTLM attack, as discovered by @topotam77Microsoft's helpful mitigation KB for the sameThe SANS Diary writeup of this novel NTLM attack quite capably demonstrates the risks of this attack

Picture of the Week. Faster and more efficient phishing detection in Chrome 92. A Universal Decryptor for all Kaseya victims. The printer driver used by millions of HP, Samsung and Xerox Printers is exploitable. Windows' Process Hacker. "GoLang" gains supply chain security features at GitHub. Closing the Loop. SeriousSAM & PetitPotam. We invite you to read our show notes at https://www.grc.com/sn/SN-829-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: business.eset.com/twit Melissa.com/twit

This week: Dr. Doug talks Elon saying scary things, Exotic Programming languages, Babuk, Kaseya, Petitpotam, litigation and of course the Expert Commentary of Jason Wood on this edition of the Security Weekly News!   Show Notes: https://securityweekly.com/swn137 Visit https://www.securityweekly.com/swn for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week: Dr. Doug talks Elon saying scary things, Exotic Programming languages, Babuk, Kaseya, Petitpotam, litigation and of course the Expert Commentary of Jason Wood on this edition of the Security Weekly News!   Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn137

This week: Dr. Doug talks Elon saying scary things, Exotic Programming languages, Babuk, Kaseya, Petitpotam, litigation and of course the Expert Commentary of Jason Wood on this edition of the Security Weekly News!   Show Notes: https://securityweekly.com/swn137 Visit https://www.securityweekly.com/swn for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Picture of the Week. Faster and more efficient phishing detection in Chrome 92. A Universal Decryptor for all Kaseya victims. The printer driver used by millions of HP, Samsung and Xerox Printers is exploitable. Windows' Process Hacker. "GoLang" gains supply chain security features at GitHub. Closing the Loop. SeriousSAM & PetitPotam. We invite you to read our show notes at https://www.grc.com/sn/SN-829-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: business.eset.com/twit Melissa.com/twit

Picture of the Week. Faster and more efficient phishing detection in Chrome 92. A Universal Decryptor for all Kaseya victims. The printer driver used by millions of HP, Samsung and Xerox Printers is exploitable. Windows' Process Hacker. "GoLang" gains supply chain security features at GitHub. Closing the Loop. SeriousSAM & PetitPotam. We invite you to read our show notes at https://www.grc.com/sn/SN-829-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: business.eset.com/twit Melissa.com/twit

Picture of the Week. Faster and more efficient phishing detection in Chrome 92. A Universal Decryptor for all Kaseya victims. The printer driver used by millions of HP, Samsung and Xerox Printers is exploitable. Windows' Process Hacker. "GoLang" gains supply chain security features at GitHub. Closing the Loop. SeriousSAM & PetitPotam. We invite you to read our show notes at https://www.grc.com/sn/SN-829-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: business.eset.com/twit Melissa.com/twit

Picture of the Week. Faster and more efficient phishing detection in Chrome 92. A Universal Decryptor for all Kaseya victims. The printer driver used by millions of HP, Samsung and Xerox Printers is exploitable. Windows' Process Hacker. "GoLang" gains supply chain security features at GitHub. Closing the Loop. SeriousSAM & PetitPotam. We invite you to read our show notes at https://www.grc.com/sn/SN-829-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: business.eset.com/twit Melissa.com/twit

Picture of the Week. Faster and more efficient phishing detection in Chrome 92. A Universal Decryptor for all Kaseya victims. The printer driver used by millions of HP, Samsung and Xerox Printers is exploitable. Windows' Process Hacker. "GoLang" gains supply chain security features at GitHub. Closing the Loop. SeriousSAM & PetitPotam. We invite you to read our show notes at https://www.grc.com/sn/SN-829-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: business.eset.com/twit Melissa.com/twit

Picture of the Week. Faster and more efficient phishing detection in Chrome 92. A Universal Decryptor for all Kaseya victims. The printer driver used by millions of HP, Samsung and Xerox Printers is exploitable. Windows' Process Hacker. "GoLang" gains supply chain security features at GitHub. Closing the Loop. SeriousSAM & PetitPotam. We invite you to read our show notes at https://www.grc.com/sn/SN-829-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: business.eset.com/twit Melissa.com/twit

Picture of the Week. Faster and more efficient phishing detection in Chrome 92. A Universal Decryptor for all Kaseya victims. The printer driver used by millions of HP, Samsung and Xerox Printers is exploitable. Windows' Process Hacker. "GoLang" gains supply chain security features at GitHub. Closing the Loop. SeriousSAM & PetitPotam. We invite you to read our show notes at https://www.grc.com/sn/SN-829-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: business.eset.com/twit Melissa.com/twit

Picture of the Week. Faster and more efficient phishing detection in Chrome 92. A Universal Decryptor for all Kaseya victims. The printer driver used by millions of HP, Samsung and Xerox Printers is exploitable. Windows' Process Hacker. "GoLang" gains supply chain security features at GitHub. Closing the Loop. SeriousSAM & PetitPotam. We invite you to read our show notes at https://www.grc.com/sn/SN-829-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: business.eset.com/twit Melissa.com/twit

Windowsドメインを乗っ取る「PetitPotam攻撃」 - PoCが公開済み　複数小売電気事業者、既契約情報を他社チャットボットで取得　ほか

Heute mit: Rohstoffmangel, Kartellwächter, PetitPotam, Ingenuity ***SPONSOR-HINWEIS*** Um unsere Podcasts stetig weiter zu verbessern und für euch spannende Themen auswählen zu können, ist Eure Meinung bei unserer Podcast-Umfrage gefragt. Einfach auf https://www.heise.de/podcast-umfrage gehen und mitmachen. Dankeschön ***SPONSOR-HINWEIS ENDE***

VIDEO ZDE: Nový PetitPotam NTLM Relay útok umožňuje převzít kontrolu nad Windows doménou – SecurityCast Ep#68 - YouTube Byla publikována nová varianta NTLM Relay útoku s názvem PetitPotam, který umožňuje útočníkům převzít kontrolu nad doménovým řadičem, a tedy i nad celou doménou Windows; Společnost Kaseya získala univerzální dešifrovací klíč a momentálně spolupracuje se zákazníky na obnově systémů; Policie ve Španělsku zatkla Brita v souvislosti s tím, co mnozí považují za nejhorší hack Twitteru v historii; DOPORUČENÍ PRO MANAŽERY se týká 2021 CWE Top 25 nejnebezpečnějších slabin v softwarech. Sledujte nás na Twitteru @AlefSecurity a @Jk0pr.