The Cybersecurity Defenders Podcast
A podcast about cybersecurity and the people that keep the internet safe.The podcast is built as a series of segments: we will be looking back at the last couple of weeks in cybersecurity news, talking to different people in the industry about their thoughts and experiences, we're going to break apart some of the TTPs being used by adversaries, and we will even cover a little bit of hacker history.
The Cybersecurity Defenders Podcast
#44 - Intel Chat: Fake GitHub repos, NPM poison, Vidar, Mac malware, Tsunami DDOS, Cl0p reward, and the EDR killer: Spyboy
•
LimaCharlie
•
Season 2
•
Episode 31
In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.
- VulnCheck comes across a malicious GitHub repository that is claimed to be a Signal 0-day.
- CheckMarx are reporting that Without altering a single line of code, attackers poisoned the NPM package “bignum” by hijacking a S3 bucket.
- Team CYMRU has released a detailed publication on Vidar infrastructure which encompasses both the primary administrative aspects and the underlying backend.
- Bit Defender Mac researchers stumbled upon a small set of files with backdoor capabilities that seem to form part of a more complex malware toolkit.
- Researchers have found an unofficial package called 'https' that exists on NPM with over 1600 other packages that depend on it.
- An attack campaign that consists of the Tsunami DDoS Bot being installed on inadequately managed Linux SSH servers.
- Cl0p rewards of up to $10 million are being offered by the U.S. State Department's Rewards for Justice program.
- SentinelOne is reporting on the Terminator EDR killer - Spyboy.
The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.