Sign up to save your podcasts
Or
Share Blumira Briefings, Ep. 2: Breach News, BlackSuit, and Begone Batch Files!
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Blumira Briefings, Ep. 2: Breach News, BlackSuit, and Begone Batch Files!
Welcome back for our latest episode of Blumira Briefings!Β
This week, Zoe is joined by Matt Warner (CEO/Co-founder), Mike Toole (Director of IT and Security), and Jake Ouellette (Detection Engineering) to break down the week's headlines with a side of perspective! π
In this episode, we'll cover:
π This week's top threats, suspects, and risks tracked by our detection and response platform
β οΈ New critical security flaws found in VMware Tools and CrushFTP (with CVSS scores of 7.8 and 9.8 respectively! Learn what makes certain vulnerabilities more severe than others
π CheckPoint confirms a breach but says it contains "old data" β we discuss how to evaluate vendor security incidents and what questions customers should be asking
π¬ The Oracle breach saga unfolds in three parts β from denial to confirmation to healthcare data exposure! We discuss what this reveals about breach disclosure practices
π¦ Jake breaks down how a fake Zoom installer led to BlackSuit ransomware through a sophisticated multi-stage attack chain, and how attackers use legitimate tools for malicious purposes
π Why Evilginx tools continue to successfully bypass MFA, and what stronger authentication methods like passkeys can do to help protect your accounts
LINKS/SOURCES π
β οΈ VMWare Tools Advisory: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25518Β
β οΈ CrushFTP Advisory: https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Update
π οΈ More on canary tokens: https://docs.canarytokens.org/guide/entraid-token.html
π° New Security Flaws Found in VMware Tools and CrushFTP β High Risk, PoC Released: https://thehackernews.com/2025/03/new-security-flaws-found-in-vmware.html
π°Β Check Point confirms breach, but says it was 'old' data and crook made 'false' claims: https://www.theregister.com/2025/03/31/check_point_confirms_breach/
π°Β Oracle denies breach after hacker claims theft of 6 million data records: https://www.bleepingcomputer.com/news/security/oracle-denies-data-breach-after-hacker-claims-theft-of-6-million-data-records/
π° Oracle customers confirm data stolen in alleged cloud breach is valid: https://www.bleepingcomputer.com/news/security/oracle-customers-confirm-data-stolen-in-alleged-cloud-breach-is-valid/
π° Oracle Health breach compromises patient data at US hospitals: https://www.bleepingcomputer.com/news/security/oracle-health-breach-compromises-patient-data-at-us-hospitals/
π° Fake Zoom Ends in BlackSuit Ransomware: https://thedfirreport.com/2025/03/31/fake-zoom-ends-in-blacksuit-ransomware/
π° Evilginx Tool (Still) Bypasses MFA: https://www.darkreading.com/endpoint-security/evilginx-bypasses-mfa
Don't miss out on these important security updates β hit that subscribe button and join us every Friday for your weekly security download! πͺ
View all episodes
By BlumiraWelcome back for our latest episode of Blumira Briefings!Β
This week, Zoe is joined by Matt Warner (CEO/Co-founder), Mike Toole (Director of IT and Security), and Jake Ouellette (Detection Engineering) to break down the week's headlines with a side of perspective! π
In this episode, we'll cover:
π This week's top threats, suspects, and risks tracked by our detection and response platform
β οΈ New critical security flaws found in VMware Tools and CrushFTP (with CVSS scores of 7.8 and 9.8 respectively! Learn what makes certain vulnerabilities more severe than others
π CheckPoint confirms a breach but says it contains "old data" β we discuss how to evaluate vendor security incidents and what questions customers should be asking
π¬ The Oracle breach saga unfolds in three parts β from denial to confirmation to healthcare data exposure! We discuss what this reveals about breach disclosure practices
π¦ Jake breaks down how a fake Zoom installer led to BlackSuit ransomware through a sophisticated multi-stage attack chain, and how attackers use legitimate tools for malicious purposes
π Why Evilginx tools continue to successfully bypass MFA, and what stronger authentication methods like passkeys can do to help protect your accounts
LINKS/SOURCES π
β οΈ VMWare Tools Advisory: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25518Β
β οΈ CrushFTP Advisory: https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Update
π οΈ More on canary tokens: https://docs.canarytokens.org/guide/entraid-token.html
π° New Security Flaws Found in VMware Tools and CrushFTP β High Risk, PoC Released: https://thehackernews.com/2025/03/new-security-flaws-found-in-vmware.html
π°Β Check Point confirms breach, but says it was 'old' data and crook made 'false' claims: https://www.theregister.com/2025/03/31/check_point_confirms_breach/
π°Β Oracle denies breach after hacker claims theft of 6 million data records: https://www.bleepingcomputer.com/news/security/oracle-denies-data-breach-after-hacker-claims-theft-of-6-million-data-records/
π° Oracle customers confirm data stolen in alleged cloud breach is valid: https://www.bleepingcomputer.com/news/security/oracle-customers-confirm-data-stolen-in-alleged-cloud-breach-is-valid/
π° Oracle Health breach compromises patient data at US hospitals: https://www.bleepingcomputer.com/news/security/oracle-health-breach-compromises-patient-data-at-us-hospitals/
π° Fake Zoom Ends in BlackSuit Ransomware: https://thedfirreport.com/2025/03/31/fake-zoom-ends-in-blacksuit-ransomware/
π° Evilginx Tool (Still) Bypasses MFA: https://www.darkreading.com/endpoint-security/evilginx-bypasses-mfa
Don't miss out on these important security updates β hit that subscribe button and join us every Friday for your weekly security download! πͺ