CrowdStrike Chaos, VMware ESXi Vulnerability & More

by | Aug 14, 2024 | Podcast

YouTube

Mit dem Laden des Videos akzeptieren Sie die Datenschutzerklärung von YouTube.
Mehr erfahren

Video laden

By loading the podcast, you accept Libsyn's privacy policy.
Read more

Load podcast

In today’s episode of the Security Swarm Podcast, Andy and Eric Siron discuss the Monthly Threat Report of August 2024. They cover the aftermath of the CrowdStrike incident, Microsoft’s proposed enhancements to improve the security of their ecosystem, as well as the discovery of a vulnerability in AMD processors that could allow persistent malware.

Additionally, they discuss the emergence of new AI jailbreak attacks, which can bypass content restrictions and generate harmful outputs and a VMware ESXi vulnerability that could allow attackers to gain access to virtual machines.

Key Takeaways:

  • The CrowdStrike incident highlights the need for rigorous software testing.
  • Microsoft is moving forward with some changes and guidance on kernel access as a direct response to the CrowdStrike incident.
  • Researchers have discovered a vulnerability in AMD processors that could allow threat actors to embed persistent malware, underscoring the ongoing battle against advanced threats.
  • The Olympic Games have been the target of dozens of foiled cyberattacks, demonstrating the high-stakes nature of nation-state cyber conflicts.
  • There is a new critical vulnerability in the VMware ESXi Hypervisor that allows authentication bypass. Broadcom has released a patch

Timestamps:

(01:00) CrowdStrike Incident and Lessons Learned

(04:14) Importance of Proper Software Testing and Development Processes

(7:21) Potential Consequences of Rushed Software Updates

(28:18) AI Jailbreak Attacks and Generative AI Risks

(33:43) VMware ESXi Vulnerability and Potential Ransomware Implications

(37:53) Bumblebee Loader and the Threat of Rapid Active Directory Compromise

(39:41) HealthEquity Data Breach and the Normalization of PII Breaches

(40:17) Anonymous Sudan and Their Disruptive DDOS Attacks

(41:54) Cyber Attacks on the Olympic Games and the Role of Nation-State Actors

Episode Resources:

Full Monthly Threat Report

Podcast episode on Anonymous Sudan

AMD CPU Vulnerability Info

Webinar where Andy covers the ways threat actors use Generative AI 

VMware ESXi Authentication Bypass Exploit

Security Swarm Podcast re: threat actor attacks on the Olympic Games