FOCUS MODE
EXTRACT IOC
Youtube

Win95, Shuckworm, Ottokit, DCs, EC2, IAB, OSS, Recall, Josh Marpet, and More… – SWN #467

admin

Summary: The video discusses the latest trends and news in cybersecurity, focusing on various threats, vulnerabilities, and preventive measures. Doug White highlights critical information regarding USB security, the rise of initial access brokers, and concerns about Microsoft’s new feature, Recall. It emphasizes the need for organizations to remain vigilant against evolving cyber threats and to foster a proactive security posture.

Keypoints:

  • The episode marks the 467th installment of Security Weekly News.
  • Windows 95 Shuckworm is a focus, with emphasis on a Russian state-backed group’s targeting of military divisions in Ukraine via removable drives.
  • Threat Locker’s zero-trust approach is recommended for maintaining robust cybersecurity.
  • USB drive usage poses significant risks, with recommendations to restrict access and educate employees on the dangers of unknown devices.
  • Initial Access Brokers (IABs) create a dangerous marketplace by obtaining and selling network access credentials to malicious actors.
  • Recent exploits occurred shortly after the disclosure of vulnerabilities in WordPress plugins, underscoring a need for rapid response to threat intel.
  • Microsoft warns that domain controllers are frequently targeted and compromised in human-operated attacks.
  • Amazon’s EC2 instances were exposed to server-side request forgery attacks, leading to concerns about metadata security.
  • Open-source software vulnerabilities are highlighted, including the risk of Trojanized patches that can infect legitimate programs.
  • Microsoft’s Recall feature raises privacy concerns as it involves capturing user desktop data for AI processing, leading to skepticism about data security.
  • A new executive order aims to modernize defense acquisition, which may lead to significant regulatory changes for defense contractors.
  • Brian Eno’s iconic sound from Windows 95 has been recognized by the U.S. Library of Congress as part of the significant sound archive.

Youtube Video: https://www.youtube.com/watch?v=x1mGZnvwxJc
Youtube Channel: Security Weekly – A CRA Resource
Video Published: Fri, 11 Apr 2025 21:01:03 +0000

Views: 5

Tags: WINDOWS, INITIAL ACCESS