Podcasts about smartscreen

In this episode of the Microsoft Threat Intelligence Podcast host Sherrod DeGrippo is joined by Microsoft's Dinesh Natarajan, Senior Threat Hunter, and Thomas Ball, Senior Security Researcher. They unpack recent findings around AsyncRAT, a remote access Trojan (RAT) used for keylogging, data exfiltration, and deploying further malware.     Dinesh explains how attackers are now using screen-sharing tools, like Screen Connect, as part of a new infection chain that makes the malware delivery process more deceptive. Thomas then shares insights on SectopRAT, another threat targeting browser data and crypto wallets. Uniquely, this RAT creates a second desktop, allowing attackers to operate undetected.     Next, Sherrod talks with Microsoft's Senior Director of Diplomacy, Kaja Ciglic, about the UN's proposed cybercrime treaty. Originally spearheaded by Russia, the treaty aims to create a global framework for prosecuting cybercrime, but critics worry about its potential impact on freedom of expression and human rights.    In this episode you'll learn:       How tech support scam emails lead to AsyncRAT installations on different devices  The importance of leveraging tools like Microsoft Defender's SmartScreen for protection  The treaty encourages cooperation but may let governments exploit unclear cybercrime definitions    Some questions we ask:     How does social engineering through email play a role in these attacks?  What capabilities does AsyncRat have, and why is it so concerning?  How do we ensure the treaty doesn't impact freedom of expression or human rights?    Resources:   View Dinesh Natarajan on LinkedIn  View Thomas Ball on LinkedIn  View Kaja Ciglic on LinkedIn   View Sherrod DeGrippo on LinkedIn     Related Microsoft Podcasts:                    Afternoon Cyber Tea with Ann Johnson  The BlueHat Podcast  Uncovering Hidden Risks        Discover and follow other Microsoft podcasts at microsoft.com/podcasts     Get the latest threat intelligence insights and guidance at Microsoft Security Insider      The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.  

The Automox Security Team discusses August 2024's Patch Tuesday, including a SmartScreen remote code execution vulnerability, a Windows kernel elevation of privilege vulnerability, and print spooler elevation vulnerabilities. They emphasize the importance of user education, keeping operating systems and software up to date, and implementing network segmentation. The conversation also touches on the need to modernize infrastructure and be aware of the services running within server stacks.

In today's episode, we dive into CrowdStrike's refutation of Delta Air Lines' claims over the recent IT failure, the recent surge of Magniber ransomware attacks targeting home users worldwide; we explore how Chinese APT group StormBamboo compromised an ISP to deliver malware, and discuss newly uncovered vulnerabilities in Microsoft Windows Smart App Control and SmartScreen. Join us for this deep dive into current cybersecurity threats and incidents. Video Episode: https://youtu.be/ODwu0Dhpm1Y 00:00 - Intro 01:08 - Crowdstrike v Delta 03:38 - Home Ransomware 06:07 - ISP Compromise 07:36 - Windows Flaw URLs: https://arstechnica.com/information-technology/2024/08/crowdstrike-claps-back-at-delta-says-airline-rejected-offers-for-help/ https://www.bleepingcomputer.com/news/security/surge-in-magniber-ransomware-attacks-impact-home-users-worldwide/ https://www.helpnetsecurity.com/2024/08/05/compromised-isp-dns-malware/ https://thehackernews.com/2024/08/researchers-uncover-flaws-in-windows.html Sign up for digestible cyber news delivered to your inbox: https://news.thedailydecrypt.com Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/ Logo Design by https://www.zackgraber.com/ Tags: CrowdStrike, Delta Air Lines, software update, disruption, StormBamboo, DNS poisoning, cyberespionage, Volexity, Microsoft's vulnerabilities, Smart App Control, threat actors, Apache OFBiz, CVE-2024-38856, remote code execution, cyberattacks Search Phrases: What are today's top cybersecurity news stories? How to protect against Magniber ransomware Steps to take if files are encrypted by ransomware Latest Magniber ransomware outbreak CrowdStrike and Delta Air Lines software update issue Impact of software update failures on airline operations Prevention of DNS poisoning attacks Chinese cyberespionage group StormBamboo latest activities Securing software update mechanisms against malware Windows Smart App Control vulnerabilities How threat actors bypass SmartScreen security measures

NEW YORK – Greenhouse, the leading hiring platform, today announced it has hired Samir Joglekar as its new Chief Revenue Officer. https://hrtechfeed.com/greenhouse-hires-new-chief-revenue-officer/ BOSTON — JobGet, the fastest-growing app-first hiring platform connecting over 70 million Everyday Workers with the nation's most recognized brands, today announced the acquisition of Wirkn, a leading ATS in the frontline recruitment market for malls and retail. This move to partner with shopping centers and malls allows JobGet to offer a tailored frontline solution to even more employers and job seekers. https://hrtechfeed.com/jobget-acquires-wirkn/ ClearCompany, a provider of human capital management software, announced it has acquired Brainier Solutions Inc., a leading provider of innovative learning management software. Financial terms were not disclosed. https://hrtechfeed.com/clearcompany-acquires-learning-management-tool/ Hiring software Wizehire, announced its Candidate Texting feature. This new functionality enables organizations to instantly build stronger relationships with top talent, increase engagement, and streamline the hiring process. https://hrtechfeed.com/new-hr-tech-from-wizehire-talroo/ Talroo, a leading provider of technology to power the recruitment of frontline and essential workers, is pleased to announce the release of SmartScreen, the new AI-assisted Chat-to-Apply Screening tool. This elegant new screening chatbot solves a common problem for both job seekers and employers. Approximately 7 out of 10 employers (Zippia Recruitment Statistics, 2023) find it difficult to hire skilled candidates. SmartScreen automatically extracts and surfaces job requirements using AI in a custom chatbot. https://hrtechfeed.com/new-hr-tech-from-wizehire-talroo/  

Witaj w “Cyber, Cyber… Raport” – specjalnej edycji naszego podcastu, poświęconej fascynującemu światowi cyberprzestrzeni. Co tydzień przenosimy Cię w świat najnowszych wydarzeń z dziedziny cyberbezpieczeństwa, analizując najważniejsze zagrożenia, trendy i wydarzenia. Nasz zespół ekspercki śledzi, interpretuje i dzieli się najbardziej aktualnymi informacjami, abyś był zawsze krok przed zagrożeniem. Dzisiejszy odcinek prowadzi Cyprian Gutkowski Zapraszamy! Dzisiejsze More

Russian groups accesses Microsoft source code in follow up from January attack.StopCrypt, the ransomware still targeting individuals over business has been upgraded.DarkGate leverage recent SmartScreen vulnerability in attacks.

Sponsor by ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠SEC Playground --- Support this podcast: https://podcasters.spotify.com/pod/show/chillchillsecurity/support

From the massive data breaches affecting millions globally, including the largest-ever breach for French citizens, to Nvidia's strategic leap over Amazon in market value, we cover the digital landscape's pressing issues and innovations. Plus, we break down Microsoft's February 2024 Patch Tuesday, addressing critical zero-days and enhancing digital safety. Join us as we explore the implications of these developments for the future of technology and cybersecurity. Original URLs for Each Article: Aircraft Leasing Company Cyberattack: Dark Reading Article Integris Health Data Breach: BleepingComputer Article Bank of America Customer Data Leak: Dark Reading Article Islamic Nonprofit Infiltration: Dark Reading Article French Citizens Data Breach: France TV Info Article Black Basta and Hyundai Motor Europe: Dark Reading Article on Black Basta LockBit and SEIU Local 1000: Dark Reading Article on Subway LockBit Investigation Nvidia's Sovereign AI: Nvidia Blog, Ars Technica Article Microsoft February 2024 Patch Tuesday: Trend Micro Research on CVE-2024-21412, BleepingComputer Article on Microsoft's Patch Thanks to Jered Jones for providing the music for this episode. Find him on Spotify here: https://open.spotify.com/artist/37xLl4KR8hJ5jBuS8zYjQN?si=W75mgw68SsmCb7Zfu5ESeg Transcript: [00:00:00] Good morning listeners. And thanks for tuning in on Valentine's day. Sadly, I do not have anything Valentines related, uh, watch out for romance scams. As always. But we do have two very thrilling stories and a new segment. I'm calling. They got popped. We're going to be talking about. Nvidia and their leap towards sovereign AI and market dominance. And we're also going to be bringing [00:01:00] you the updates from yesterdays patch Tuesday. All right. So first up in an effort to avoid overly discussing data breaches, I'm going to compact them all for you and give them to you. At once. And to help me do this, to help me react to the severity of these breaches, I've brought in my brand new AI girlfriend. Uh, let's name her Tina. Let's kick it off. They got popped. Yes, Tina. Yes, they did. Okay. So first up we have airplanes. Yes, Tina. Yes. Planes, a commercial engine aircraft leasing. Named Willis. Lease finance Corp. Said it suffered a cybersecurity incident on January 31st and [00:02:00] it got its systems knocked offline. Uh, next we have the healthcare sector. Yes, believe it or not. The healthcare sector was just popped Integris health. Last November disclosed personal information, belonging to almost 2.4 million people was exposed. You heard about it yesterday? But bank of America got popped. Yeah, they seem so serious and significant, but yeah, they got popped. The details are in yesterday's episode, but it affected around 57,000 customers. We're going international with an Islamic nonprofit from Saudi Arabia. That's not fair. Saudi Arabia, nonprofit was infiltrated for over three years. By a silent back door. We've got two French companies. No, the baguettes are not even safe. VM muddy and Al Murray. They're both managed third party payments for health insurance [00:03:00] companies. And this combined exposure is the largest ever data breach for French citizens. Staying in Europe. We're talking about Hondai motor Europe. Hyundai. Yes. Uh, but I do love them. Black Basta has. Claim to have stolen three terabytes of data from the Hyundai motor group Europe. And if we talk about text data, that is a lot. And finally back state side. We've got California. A little outdated with the Arnold reference, but lock bit has claimed responsibility for a cyber attack on service employees, international union local, 1000 in California. According to that ransomware gang, it's still 308 gigabytes of data from the union, including employee information, such as social security, numbers, salary information, and financial documents. So as always sign up for crediting credit monitoring. Change your passwords and keep an eye on those bank statements.[00:04:00] All right. So moving into our first real news article story of the day, it's coming to us from ARS Technica, and it is discussing. NVIDIA's CEO Jensen, Hong. Is championing the concept of sovereign AI amid the company, significant leap over Amazon in market value. So that's pretty amazing because Amazon's pretty important. Basically the NVIDIA's CEO is proposing a future where each country controls its own AI destiny. This vision termed sovereign AI suggests a world where nations harness artificial intelligence to preserve their cultural heritage and societal norms. Hong announced this while speaking at the world government summit in Dubai and emphasize the importance of countries owning the production of their own intelligence. So this idea, isn't just about data sovereignty. It's about embedding a nation's language, culture, and collective wisdom into the digital realm. The rise of Nvidia and the global [00:05:00] market. Now neck and neck with Amazon for market value is not just a financial milestone. It's a Testament to the growing importance of AI technology. NVIDIA's GPU's or graphical processing units are critical for AI development and have become indispensable in data centers around the world. Data centers that are used by Amazon. Microsoft Google and more notably open AI. This development underscores how essential AI and invidious technology have become to our digital infrastructure. Highlighting the company's influence in shaping the future of global technology and AI applications. So, this is pretty crazy. I knew Nvidia was doing great due to Bitcoin mining and AI, but I didn't know they were up there on the scale with Amazon. That's pretty cool. In 2019, I built my first computer. And I bought an Nvidia graphics processor, 2070, something like that for, I don't know, four or 500 bucks. Which has felt like a lot at the time.[00:06:00] And that is now over four years ago and that exact graphics processor is worth double it's worth 800 bucks brand new. In tech terms. Tech years are kind of like dog years. Like we progress so much faster in tech. So I, you know, expected that. Graphics processor to decline in value very rapidly. That's not to say that graphics processing hasn't improved much because. Yeah, it's almost even unusable. It's a great graphics processor, but not $800 worth. Good for you, Nvidia. And good for you. Whoever has bought stock in Nvidia, prior to Bitcoin mining and AI and all this stuff, because it's doing pretty well. Yesterday was Microsoft's monthly patch Tuesday. Valentine's day edition to zero days and a total of 73 security flaws. So just to [00:07:00] recap, a zero day is a vulnerability that was built into the initial software to the initial product. That. The company did not know existed. So the two, zero days that were patched were. To CVS. One was a windows SmartScreen security feature bypass, and the other was an internet shortcut files, security feature bypass. So the first one allowed attackers to bypass smart screens security checks by tricking users into opening malicious files. This vulnerability involved attackers exploiting the windows smart screen filter, which is a tool designed to screen out unrecognized apps. And files from the internet to protect users from malicious software by crafting a malicious file in a certain way. Attackers could deceive the smart screen filter into not recognizing the file as a threat. Which often involves manipulating metadata or the files digital signature to either appear benign or to mask its true nature. Once the user is convinced to open the file, believing it to be safe. The attacker could execute malicious [00:08:00] code on the victim system. So this is so huge when. We discussed this when talking about labeling AI content as well, but once the user gets confident, In a security measure, such as this label that identifies malicious files. When they see it, they're going to trust that it's there, and then when it's not there, they're going to trust that it was checked. So just like in the AI content, if people are used to seeing labels. I guess let's use. Corporate email as an example, we've all probably seen these banners on corporate emails that say. This email originated outside of the company, right? When we see that banner, we know to look at it. With a critical eye. But when we don't see that banner, something in our brain says it's safe because we know that that check exists. And when it's not there, it must be safe. Our guard is down when we don't see that banner. That's the same thing about this sort of check. And consumer confidence in [00:09:00] these checks. We trust that they're happening. And so attackers have found a way to exploit that trust. The other. Zero day vulnerability. That was patched yesterday. Is in a similar vein. This vulnerability specifically targets the way windows, processes, internet shortcut files. With respect to mark of the web or M O T w. So MTW is a security feature that assigns a quote zone. To files downloaded from the internet. So similarly, It starts tagging them. As less trusted. Than files originating from the local machine. When a file is tagged windows and various applications apply stricter security measures such as prompting users with warnings. Before execution, same thing. When we're used to seeing that warning and it doesn't come up, we assume it's safe. This basically just allows. Attackers to convince users to download malicious files. And also convinced them that those files are safe. 'cause that warning [00:10:00] didn't pop up. So we're glad Microsoft has patch these. It's just the lesson. Don't. Always trust. Security warnings and security features take your safety into your own hands when you can. Try to stick to downloading files from reputable sources. And if you're feeling advanced, you can go in. To Google and look up, check, sum and file integrity. Checking. Basically the file that is downloaded. From a reputable source. He has a certain signature. And once you get it onto your computer, you can check to see if that signature is still intact. But overall, make sure your systems are regularly patched with security updates, because that's the only way this update's going to get to your computer is by downloading the security updates. So. Make sure to patch. All right. That is it. I hope you guys have great plans for your Valentine's day today. And. We really appreciate you listening. We will talk to you more [00:11:00] tomorrow.

Hello everyone! This episode will be about Microsoft Patch Tuesday for July 2023, including vulnerabilities that were added between June and July Patch Tuesdays. As usual, I use my open source Vulristics project to analyse and prioritize vulnerabilities. I optimized the detection of the vulnerable product and the type of vulnerability based on the description. Now processing already downloaded data (with option –rewrite-flag "False") takes a few seconds. For example, only ~3 seconds for 100 MS Patch Tuesday vulnerabilities. It used to take a few minutes. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

In this episode, we sit down with Matt Bromiley to talk about some of the latest intel coming out of the LimaCharlie community Slack channel: CVE-2023-23397: A zero-touch exploit that affects all versions of Windows Outlook. (Sigma rule) CVE-2023-24880: An unpatched security bypass in Microsoft's SmartScreen security feature.Mandiant observes China-nexus threat actors targeting technologies that do not normally support endpoint detection and response solutions.Kaspersky recently conducted an analysis of 155 dark web forums from January 2020 to June 2022. Threat groups are offering $240k salaries to tech jobseekers.And an interview with Heidi and Bruce Potter, ShmooCon organizers. ShmooCon is an annual east coast hacker convention hell-bent on offering three days of an interesting atmosphere for demonstrating technology exploitation, inventive software, and hardware solutions, and open discussions of critical infosec issues.The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.

Monitoro le connessioni che escono dal mio pc.Oggi vedo un task (programma) connesso ad un ip strano: 20.x.x.x.Controllo, e vedo che si tratta di MicrosoftCerco informazioni (V. linkografia) ed e' un servizio antiphishing collegato a defender, in uso da win 8.Mi era sfuggito. Pare collegato ad Edge, ma killando il task (forzandone la chiusura) ne vengono interessati anche altri task dipendenti: firefox e il client della cloud.Insomma: un tool un po' invadente, necessariamente, e parallelo a quello di malware bytes che uso.Saperlo, non guasterebbe.

This week Dr. Doug talks: Darth Vader, SmartScreen, Erbium, Graphite, Russia, Metador, Whatsapp, RSocks, and is joined by the illustrious Jason Wood on the Security Weekly News! Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Show Notes: https://securityweekly.com/swn242

This week Dr. Doug talks: Darth Vader, SmartScreen, Erbium, Graphite, Russia, Metador, Whatsapp, RSocks, and is joined by the illustrious Jason Wood on the Security Weekly News! Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Show Notes: https://securityweekly.com/swn242

This week Dr. Doug talks: Darth Vader, SmartScreen, Erbium, Graphite, Russia, Metador, Whatsapp, RSocks, and is joined by the illustrious Jason Wood on the Security Weekly News! Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn242

If you have Windows 10 with Windows Defender SmartScreen, you will NOT be able to click on any links that THEY (Microsoft and Google) BELIEVE are UNSAFE, including ANY search that includes the words digging deeper. If you're digging deeper for the truth, GOOGLE AND MICROSOFT say you are UNSAFE. Wow, they come right out and admit their audacity to the world. ABANDON google and microsoft like your life depends on it before they implant a new operating system into your brain - through your arm.

Raising a Screen-Smart Kid: Embrace the Good and Avoid the Bad in the Digital Age, by public health expert Julianna Miner, offers practical advice for parents to help their kids avoid the pitfalls and reap the benefits of being connected.

Raising a Screen-Smart Kid: Embrace the Good and Avoid the Bad in the Digital Age, by public health expert Julianna Miner, offers practical advice for parents to help their kids avoid the pitfalls and reap the benefits of being connected.

Raising a Screen-Smart Kid: Embrace the Good and Avoid the Bad in the Digital Age, by public health expert Julianna Miner, offers practical advice for parents to help their kids avoid the pitfalls and reap the benefits of being connected.

Join us as we dig into all things security in this two-part episode of the Windows Insider Podcast. Jason chats with David Westin, group security manager for operating systems, about big picture security, including red team versus blue team operations, the importance of securing public infrastructure, and the future of AI. Plus, get an inside look at how Insiders make his job easier. Then, Jessica Payne, a senior security researcher for Microsoft Defender, joins us for a conversation about how you can stay secure. She shares a peek into how attackers in the current landscape are taking advantage of vulnerabilities and walks us through what Microsoft’s doing to protect you and what you can do to protect yourself. https://twitter.com/windowsinsider https://insider.windows.com/ https://www.instagram.com/windowsinsider/