A welcome return of the podcast @Deciphersec with @dennisf and @LindseyODWelch

https://feeds.buzzsprout.com/228511.rss
https://decipher.sc/2025/09/02/decipher-is-everyone/

Hoe. Lee. Shit. @Deciphersec is back! A new podcast just dropped, surprising me when I saw it, about halfway through it and thought I’d post something about it. Congrats to @dennisf and @LindseyODWelch welcome back home!

Me and @LindseyODWelch tried to make sense of a long, hot week in Vegas at Black Hat in our latest @Deciphersec podcast.

https://youtu.be/eziktGJ8PZY?si=IBYLqGsJ5VtP_6fy

Testing testing. Is this place still a thing? 👋🏽

New @Deciphersec Memory Safe podcast with @sherrod_im is so much fun.

https://youtu.be/26FolkowmO0?si=pUoUIlWpX08HFYVV

“Without developers managing the Boa web server, its known vulnerabilities could allow attackers to silently gain access to networks by collecting information from files."

Discontinued Web Server Poses IoT Security Risks

https://duo.com/decipher/discontinued-boa-web-server-reveals-iot-supply-chain-risks

Discontinued Web Server Poses IoT Security Risks https://decipher.sc/discontinued-boa-web-server-reveals-iot-supply-chain-risks #decipher #deciphersec

For any Apple News users, you can find our channel here: https://apple.news/T5UJ8OZJ8RgmuGlAVP9aU5A

Updated CISA Infrastructure Resilience Planning Framework includes new tool for identifying critical infrastructure and other resources.

https://www.cisa.gov/news/2022/11/22/cisa-updates-infrastructure-resilience-planning-framework

Complex M&A Deals Pave Way For Security Gaps https://decipher.sc/complex-m-and-a-deals-can-leave-security-lost-in-translation #decipher #deciphersec

"If the acquired company has poor security, it could be an easy jumping off point to the parent company for much more valuable information.”

Visibility is key for #security in M&A - However, deals are often fast-moving, making due diligence difficult

https://duo.com/decipher/complex-m-and-a-deals-can-leave-security-lost-in-translation

"It's a big shift in the way you build systems and you know there's no perfect answer here. The best you can really do is have multiple people look at something in those situations because at the end of the day you are trusting people."

https://duo.com/decipher/q-and-a-dan-lorenc

A threat actor targeted the legal/retail sectors in callback phishing attacks that cost victims thousands:

-Callback phishing attack requires significant investment, including setting up fake call centers/ unique infrastructure
-But the lack of malware in the original phishing email/ the abuse of legitimate tools make the attack harder to detect

“By design, this style of social engineering attack leaves very few artifacts because of the use of legit trusted tech tools to carry out attacks."

https://duo.com/decipher/threat-actors-find-success-in-callback-phishing-attacks

Hive Ransomware Attacks Target FortiOS, Microsoft Exchange Flaws https://decipher.sc/hive-ransomware-attacks-target-fortios-microsoft-exchange-flaws

#Ransomware incidents now make up majority of British government’s crisis management COBRA meetings

https://therecord.media/ransomware-incidents-now-make-up-majority-of-british-governments-crisis-management-cobra-meetings/

#malware #infosec

The Hive #ransomware has victimized 1,300 companies globally as of November, in particular targeting #healthcare sector organizations, according to U.S. federal agencies in a new advisory.
https://duo.com/decipher/hive-ransomware-attacks-target-fortios-microsoft-exchange-flaws

@howelloneill "risks of being used improperly" seems key

Security weaknesses in BIG-IP products have previously been targeted by threat groups in attacks. However, researchers with Rapid7, who discovered the flaws, said that they believe widespread exploitation of the issues “is unlikely.”

https://duo.com/decipher/code-execution-flaws-found-in-f5-big-ip-appliances

The biggest changes to the LodaRAT malware:
-A function that automatically copies the RAT’s files onto every mounted removable storage device - a capability that required non-automated, individual commands in previous versions of the malware
-A string encoding algorithm that aims to improve the speed of decoding strings and make execution quicker overall
-The cutting out of several “dead” - or non-functional - commands from the components of the malware’s code
https://duo.com/decipher/lodarat-malware-evolves-with-new-functionalities

New podcast with Chainguard's Dan Loren is up!

Decipher Podcast: Dan Lorenc https://decipher.sc/decipher-podcast-dan-lorenc #decipher #deciphersec