In today’s episode of the Security Swarm Podcast, Andy and Eric Siron discuss the Monthly Threat Report of August 2024. They cover the aftermath of the CrowdStrike incident, Microsoft’s proposed enhancements to improve the security of their ecosystem, as well as the discovery of a vulnerability in AMD processors that could allow persistent malware.
Additionally, they discuss the emergence of new AI jailbreak attacks, which can bypass content restrictions and generate harmful outputs and a VMware ESXi vulnerability that could allow attackers to gain access to virtual machines.
Key Takeaways:
- The CrowdStrike incident highlights the need for rigorous software testing.
- Microsoft is moving forward with some changes and guidance on kernel access as a direct response to the CrowdStrike incident.
- Researchers have discovered a vulnerability in AMD processors that could allow threat actors to embed persistent malware, underscoring the ongoing battle against advanced threats.
- The Olympic Games have been the target of dozens of foiled cyberattacks, demonstrating the high-stakes nature of nation-state cyber conflicts.
- There is a new critical vulnerability in the VMware ESXi Hypervisor that allows authentication bypass. Broadcom has released a patch
Timestamps:
(01:00) CrowdStrike Incident and Lessons Learned
(04:14) Importance of Proper Software Testing and Development Processes
(7:21) Potential Consequences of Rushed Software Updates
(28:18) AI Jailbreak Attacks and Generative AI Risks
(33:43) VMware ESXi Vulnerability and Potential Ransomware Implications
(37:53) Bumblebee Loader and the Threat of Rapid Active Directory Compromise
(39:41) HealthEquity Data Breach and the Normalization of PII Breaches
(40:17) Anonymous Sudan and Their Disruptive DDOS Attacks
(41:54) Cyber Attacks on the Olympic Games and the Role of Nation-State Actors
Episode Resources:
Podcast episode on Anonymous Sudan
Webinar where Andy covers the ways threat actors use Generative AI
VMware ESXi Authentication Bypass Exploit
Security Swarm Podcast re: threat actor attacks on the Olympic Games