swn115

Security Weekly News Episode #115 – April 20, 2021

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Major BGP Leak, Codecov Attack, Lazarus APT, Discord Ransomware, & GEICO Breach – 02:00 PM-02:30 PM

Description

This week, Dr. Doug talks naughty vaccines, Air frying is not frying, BGP is leaking, Codecov, Lazarus, Google Alerts, Nitro Ransomware, & we’re joined once more for expert commentary by Jason Wood!

Hosts

DougWhite

Doug White

@dougwhitephd

Professor at Roger Williams University
  1. Major BGP leak disrupts thousands of networks globally
  2. Vulnerability Spotlight: Remote code execution vulnerabilities in Cosori smart air fryer
  3. Hundreds of networks reportedly hacked in Codecov supply-chain attack
  4. Google Alerts continues to be a hotbed of scams and malware
  5. Lazarus APT conceals malicious code within BMP image to drop its RAT – Malwarebytes Labs
  6. FBI hacks into hundreds of infected US servers (and disinfects them)
  7. Auto Insurance Giant GEICO Discloses Data Breach
  8. NitroRansomware Asks for $9.99 Discord Gift Codes, Steals Access Tokens
  9. TALOS-2020-1217
JasonWood

Jason Wood

@Jason_Wood

Founder; Primary Consultant at Paladin Security
  1. China-linked hackers used Pulse Secure flaw to target U.S. defense industry – researchers – “The Integrity Assurance utility can reportedly destroy forensic artifacts, so you should capture memory/disk images before running it to ensure you can conduct an investigation.”
    – https://twitter.com/likethecoins/status/1384519104032354306 – Katie Nickels

    ——
    Advisory from Pulse Secure

    https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44784/

    Their XML file disables the following features on the PCS appliance.
    – Windows File Share Browser
    – Pulse Secure Collaboration

    FireEye Blog
    https://www.fireeye.com/blog/threat-research/2021/04/suspected-apt-actors-leverage-bypass-techniques-pulse-secure-zero-day.html