The 443 - Security Simplified Podcast

This week on the podcast, we discuss an alert from CISA on nation state threat actors embedding malware into legacy Cisco router firmware. After that, we cover a research post on malicious advertisements served up via Bing's ChatGTP integration. We then end with an analysis of North Korea's Lazarus group's latest social engineering techniques.

This week on the podcast, we get up to speed on the MGM and Caesars Entertainment ransomware incidents from the previous week. After that, we take a deep dive into a blog post from Meta's application security team for their VR headsets. After that, we cover Microsoft's analysis of an ATP's pivot from email to another form of phishing.

This week on the podcast, we cover Microsoft's final report on their July incident involving nation-state actors compromising enterprise email accounts. After that, we discuss a zero-day, zero-click vulnerability in iOS being actively exploited in the wild before ending with a chat about an upcoming change to how Android handles CA certificates.

This week on the podcast, we cover the FBI-lead, multinational takedown of the Qakbot botnet of over 700,000 victim devices. After that, we cover two android malware variants including one targeting victims in southeast Asia and another built by the Russian GRU.

This week on the podcast we cover the latest evolutions of the North Korean threat actor Lazarus before covering an actively-exploited 0day vulnerability in the popular unarchiver WinRAR. We end the episode with an AI-related attack that doesn't actually use AI.