Sign up to save your podcasts
Or
Share Blumira Briefings, Ep. 2: Breach News, BlackSuit, and Begone Batch Files!
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Blumira Briefings, Ep. 2: Breach News, BlackSuit, and Begone Batch Files!
Welcome back for our latest episode of Blumira Briefings!
This week, Zoe is joined by Matt Warner (CEO/Co-founder), Mike Toole (Director of IT and Security), and Jake Ouellette (Detection Engineering) to break down the week's headlines with a side of perspective! 🔒
In this episode, we'll cover:
📊 This week's top threats, suspects, and risks tracked by our detection and response platform
⚠️ New critical security flaws found in VMware Tools and CrushFTP (with CVSS scores of 7.8 and 9.8 respectively! Learn what makes certain vulnerabilities more severe than others
🔍 CheckPoint confirms a breach but says it contains "old data" – we discuss how to evaluate vendor security incidents and what questions customers should be asking
😬 The Oracle breach saga unfolds in three parts – from denial to confirmation to healthcare data exposure! We discuss what this reveals about breach disclosure practices
🦠 Jake breaks down how a fake Zoom installer led to BlackSuit ransomware through a sophisticated multi-stage attack chain, and how attackers use legitimate tools for malicious purposes
🔑 Why Evilginx tools continue to successfully bypass MFA, and what stronger authentication methods like passkeys can do to help protect your accounts
LINKS/SOURCES 🔗
⚠️ VMWare Tools Advisory: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25518
⚠️ CrushFTP Advisory: https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Update
🛠️ More on canary tokens: https://docs.canarytokens.org/guide/entraid-token.html
📰 New Security Flaws Found in VMware Tools and CrushFTP — High Risk, PoC Released: https://thehackernews.com/2025/03/new-security-flaws-found-in-vmware.html
📰 Check Point confirms breach, but says it was 'old' data and crook made 'false' claims: https://www.theregister.com/2025/03/31/check_point_confirms_breach/
📰 Oracle denies breach after hacker claims theft of 6 million data records: https://www.bleepingcomputer.com/news/security/oracle-denies-data-breach-after-hacker-claims-theft-of-6-million-data-records/
📰 Oracle customers confirm data stolen in alleged cloud breach is valid: https://www.bleepingcomputer.com/news/security/oracle-customers-confirm-data-stolen-in-alleged-cloud-breach-is-valid/
📰 Oracle Health breach compromises patient data at US hospitals: https://www.bleepingcomputer.com/news/security/oracle-health-breach-compromises-patient-data-at-us-hospitals/
📰 Fake Zoom Ends in BlackSuit Ransomware: https://thedfirreport.com/2025/03/31/fake-zoom-ends-in-blacksuit-ransomware/
📰 Evilginx Tool (Still) Bypasses MFA: https://www.darkreading.com/endpoint-security/evilginx-bypasses-mfa
Don't miss out on these important security updates – hit that subscribe button and join us every Friday for your weekly security download! 💪
View all episodes
By BlumiraWelcome back for our latest episode of Blumira Briefings!
This week, Zoe is joined by Matt Warner (CEO/Co-founder), Mike Toole (Director of IT and Security), and Jake Ouellette (Detection Engineering) to break down the week's headlines with a side of perspective! 🔒
In this episode, we'll cover:
📊 This week's top threats, suspects, and risks tracked by our detection and response platform
⚠️ New critical security flaws found in VMware Tools and CrushFTP (with CVSS scores of 7.8 and 9.8 respectively! Learn what makes certain vulnerabilities more severe than others
🔍 CheckPoint confirms a breach but says it contains "old data" – we discuss how to evaluate vendor security incidents and what questions customers should be asking
😬 The Oracle breach saga unfolds in three parts – from denial to confirmation to healthcare data exposure! We discuss what this reveals about breach disclosure practices
🦠 Jake breaks down how a fake Zoom installer led to BlackSuit ransomware through a sophisticated multi-stage attack chain, and how attackers use legitimate tools for malicious purposes
🔑 Why Evilginx tools continue to successfully bypass MFA, and what stronger authentication methods like passkeys can do to help protect your accounts
LINKS/SOURCES 🔗
⚠️ VMWare Tools Advisory: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25518
⚠️ CrushFTP Advisory: https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Update
🛠️ More on canary tokens: https://docs.canarytokens.org/guide/entraid-token.html
📰 New Security Flaws Found in VMware Tools and CrushFTP — High Risk, PoC Released: https://thehackernews.com/2025/03/new-security-flaws-found-in-vmware.html
📰 Check Point confirms breach, but says it was 'old' data and crook made 'false' claims: https://www.theregister.com/2025/03/31/check_point_confirms_breach/
📰 Oracle denies breach after hacker claims theft of 6 million data records: https://www.bleepingcomputer.com/news/security/oracle-denies-data-breach-after-hacker-claims-theft-of-6-million-data-records/
📰 Oracle customers confirm data stolen in alleged cloud breach is valid: https://www.bleepingcomputer.com/news/security/oracle-customers-confirm-data-stolen-in-alleged-cloud-breach-is-valid/
📰 Oracle Health breach compromises patient data at US hospitals: https://www.bleepingcomputer.com/news/security/oracle-health-breach-compromises-patient-data-at-us-hospitals/
📰 Fake Zoom Ends in BlackSuit Ransomware: https://thedfirreport.com/2025/03/31/fake-zoom-ends-in-blacksuit-ransomware/
📰 Evilginx Tool (Still) Bypasses MFA: https://www.darkreading.com/endpoint-security/evilginx-bypasses-mfa
Don't miss out on these important security updates – hit that subscribe button and join us every Friday for your weekly security download! 💪