Sign up to save your podcasts
Or
Share Outlook C2 Framework, VMWare ESXi Vuln, and PKFail leads to UEFI Supply Chain Attacks.
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Outlook C2 Framework, VMWare ESXi Vuln, and PKFail leads to UEFI Supply Chain Attacks.
Security Digest for 30 July 2024:
Podcast Requested Feedback: https://forms.gle/w2RB5DRzbbvu3ziS7
Notable News:
WhatsApp for Windows lets Python, PHP scripts execute with no warning (bleepingcomputer.com)
PKfail: Untrusted Platform Keys Undermine Secure Boot on UEFI Ecosystem (binarly.io)
SupplyChainAttacks/PKfail/ImpactedDevices.md at main · binarly-io/SupplyChainAttacks · GitHub
Malicious Python Package Targets macOS Developers (checkmarx.com)
SeleniumGreed Cryptomining Campaign Exploiting Grid Services | Wiz Blog
Scammer Abuses Microsoft 365 Tenants, Relaying Through Proofpoint Servers to Deliver Spam Campaigns | Proofpoint US
HealthEquity says data breach impacts 4.3 million people (bleepingcomputer.com)
Two-Step Phishing Campaign Exploits Microsoft Office Forms (perception-point.io)
Over 1 Million websites are at risk of sensitive information leakage (salt.security)
TrustedSec | Specula - Turning Outlook Into a C2 With One Registry…
Ransomware operators exploit ESXi hypervisor vulnerability for mass encryption | Microsoft Security Blog
Support Content Notification - Support Portal - Broadcom support portal
Prevalent Patches:
Security Bulletin: NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, Jetson TX1, Jetson TX2 Series (including Jetson TX2 NX), and Jetson Nano (including Jetson Nano 2GB) - July 2024 | NVIDIA (custhelp.com)
Apple security releases - Apple Support
CISA Corner:
NVD - CVE-2024-4879 (nist.gov)
NVD - CVE-2024-5217 (nist.gov)
NVD - CVE-2023-45249 (nist.gov)
Siemens SICAM Products | CISA
Positron Broadcast Signal Processor | CISA
View all episodes
By The Cybersecurity Digest LLCSecurity Digest for 30 July 2024:
Podcast Requested Feedback: https://forms.gle/w2RB5DRzbbvu3ziS7
Notable News:
WhatsApp for Windows lets Python, PHP scripts execute with no warning (bleepingcomputer.com)
PKfail: Untrusted Platform Keys Undermine Secure Boot on UEFI Ecosystem (binarly.io)
SupplyChainAttacks/PKfail/ImpactedDevices.md at main · binarly-io/SupplyChainAttacks · GitHub
Malicious Python Package Targets macOS Developers (checkmarx.com)
SeleniumGreed Cryptomining Campaign Exploiting Grid Services | Wiz Blog
Scammer Abuses Microsoft 365 Tenants, Relaying Through Proofpoint Servers to Deliver Spam Campaigns | Proofpoint US
HealthEquity says data breach impacts 4.3 million people (bleepingcomputer.com)
Two-Step Phishing Campaign Exploits Microsoft Office Forms (perception-point.io)
Over 1 Million websites are at risk of sensitive information leakage (salt.security)
TrustedSec | Specula - Turning Outlook Into a C2 With One Registry…
Ransomware operators exploit ESXi hypervisor vulnerability for mass encryption | Microsoft Security Blog
Support Content Notification - Support Portal - Broadcom support portal
Prevalent Patches:
Security Bulletin: NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, Jetson TX1, Jetson TX2 Series (including Jetson TX2 NX), and Jetson Nano (including Jetson Nano 2GB) - July 2024 | NVIDIA (custhelp.com)
Apple security releases - Apple Support
CISA Corner:
NVD - CVE-2024-4879 (nist.gov)
NVD - CVE-2024-5217 (nist.gov)
NVD - CVE-2023-45249 (nist.gov)
Siemens SICAM Products | CISA
Positron Broadcast Signal Processor | CISA