04.08.2023 - By Bryan Brake, Amanda Berlin, and Brian Boettcher
Show Topic Summary (less than 300 words) 3CX supply chain attack, Mark Russinovich and Sysinternals, ransomware notifications from CISA, and emotional intelligence Youtube VOD: https://www.youtube.com/watch?v=afZHiBUr-2g Questions and potential topics (5 minimum): https://www.straitstimes.com/tech/downloading-a-cracked-version-of-fifa-23-or-hogwarts-legacy-for-free-it-s-probably-malware https://leadershipfreak.blog/2023/03/27/the-7-powers-of-questions/ https://securityintelligence.com/articles/is-it-time-to-hide-your-work-emails/ https://www.lollydaskal.com/leadership/what-remote-leaders-do-differently-to-be-successful/ https://www.lollydaskal.com/leadership/the-role-of-emotional-intelligence-in-leadership-why-it-matters/ https://www.cybersecuritydive.com/news/3cx-mandiant-investigate-supply-chain-attack/646543/ https://www.bleepingcomputer.com/news/security/openai-chatgpt-payment-data-leak-caused-by-open-source-bug/ https://www.cybersecuritydive.com/news/cisa-pre-ransomware-notification/646041/ https://www.sentinelone.com/labs/the-life-and-times-of-sysinternals-how-one-developer-changed-the-face-of-malware-analysis/ Additional information / pertinent Links (would you like to know more?): https://unit42.paloaltonetworks.com/3cxdesktopapp-supply-chain-attack/ https://www.orangecyberdefense.com/global/blog/research/3cx-voip-app-supply-chain-compromise https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/ https://www.linkedin.com/feed/update/urn:li:activity:7047156405715300352/ Sigma Rule - https://github.com/SigmaHQ/sigma/blob/master/rules/windows/process_creation/proc_creation_win_malware_3cx_compromise_susp_children.yml https://en.wikipedia.org/wiki/Information_Sharing_and_Analysis_Center https://www.cisa.gov/news-events/news/cisa-establishes-ransomware-vulnerability-warning-pilot-program https://www.fda.gov/media/166614/download https://www.amazon.com/Windows-Internals-Part-architecture-management/dp/0735684189 https://medium.com/@martin-thissen/llama-alpaca-chatgpt-on-your-local-computer-tutorial-17adda704c23 Show Points of Contact: Amanda Berlin: @infosystir @hackershealth Brian Boettcher: @boettcherpwned Bryan Brake: @bryanbrake @[email protected] Website: https://www.brakeingsecurity.com Twitch: https://twitch.tv/brakesec Youtube: https://www.youtube.com/c/BDSPodcast Email: [email protected]