The Cybersecurity Defenders Podcast
A podcast about cybersecurity and the people that keep the internet safe.The podcast is built as a series of segments: we will be looking back at the last couple of weeks in cybersecurity news, talking to different people in the industry about their thoughts and experiences, we're going to break apart some of the TTPs being used by adversaries, and we will even cover a little bit of hacker history.
The Cybersecurity Defenders Podcast
#55 - Intel Chat: XWorm, SugarCRM zero-day, Statc Stealer, Background Task Manager fail, Seaspy & Whirlpool
•
LimaCharlie
In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.
- A new injector written in Rust is used to inject shellcode and introduce XWorm into a victim’s environment.
- Multiple cases where the SugarCRM was the initial attack vector and allowed threat actors to gain access to AWS accounts.
- Statc Stealer is a sophisticated malware that infects devices powered by Windows, gains access to computer systems and steals sensitive information.
- Patrick Wardle's research says that macOS's Background Task Manager can be easily bypassed and that Apple failed to act on his recommendations to fix it.
- CISA are reporting on the Seaspy and Whirlpool backdoors after obtaining malware samples from a compromised device.
The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.