Sign up to save your podcasts
Or
Share The Hackle Box October 2021: REBOL Yell, Microsoft Going Password-less, OMIGOD, Microsoft Azure
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
The Hackle Box October 2021: REBOL Yell, Microsoft Going Password-less, OMIGOD, Microsoft Azure
Team Ambush members Oscar, Eric, and Pinky are back with another session of the Hackle Box—a series where they break down new and noteworthy breaches, vulnerabilities, exploits, and more over the last month.
This month's topics:
Microsoft going “passwordless”
https://arstechnica.com/gadgets/2021/09/starting-today-you-can-remove-your-password-from-your-microsoft-account/
OMIGOD—an exploitable hole in Microsoft open-source code
https://nakedsecurity.sophos.com/2021/09/16/omigod-an-exploitable-hole-in-microsoft-open-source-code/
New Azure Active Directory password brute-forcing flaw has no fix
https://arstechnica.com/information-technology/2021/09/new-azure-active-directory-password-brute-forcing-flaw-has-no-fix/?amp=1
Does your organization have a Security.txt file?
https://krebsonsecurity.com/2021/09/does-your-organization-have-a-security-txt-file/
CISA releases tool to help orgs fend off insider threat risks
https://www.bleepingcomputer.com/news/security/cisa-releases-tool-to-help-orgs-fend-off-insider-threat-risks/?utm_content=182136940&utm_medium=social&utm_source=twitter&hss_channel=tw-71605818
The REBOL Yell—novel exploit using REBOL for command-and-control
https://frsecure.com/blog/the-rebol-yell-new-rebol-exploit/
Teasing Project Hyphae
As always, the session ends with the Hacker Tip of the Month from Eric and the Phishing Report with Pinky.
Give this session a watch or listen, and feel free to send any comments, questions, or topic suggestions to [email protected].
And please like and subscribe!
This month's topics:
Microsoft going “passwordless”
https://arstechnica.com/gadgets/2021/09/starting-today-you-can-remove-your-password-from-your-microsoft-account/
OMIGOD—an exploitable hole in Microsoft open-source code
https://nakedsecurity.sophos.com/2021/09/16/omigod-an-exploitable-hole-in-microsoft-open-source-code/
New Azure Active Directory password brute-forcing flaw has no fix
https://arstechnica.com/information-technology/2021/09/new-azure-active-directory-password-brute-forcing-flaw-has-no-fix/?amp=1
Does your organization have a Security.txt file?
https://krebsonsecurity.com/2021/09/does-your-organization-have-a-security-txt-file/
CISA releases tool to help orgs fend off insider threat risks
https://www.bleepingcomputer.com/news/security/cisa-releases-tool-to-help-orgs-fend-off-insider-threat-risks/?utm_content=182136940&utm_medium=social&utm_source=twitter&hss_channel=tw-71605818
The REBOL Yell—novel exploit using REBOL for command-and-control
https://frsecure.com/blog/the-rebol-yell-new-rebol-exploit/
Teasing Project Hyphae
As always, the session ends with the Hacker Tip of the Month from Eric and the Phishing Report with Pinky.
Give this session a watch or listen, and feel free to send any comments, questions, or topic suggestions to [email protected].
And please like and subscribe!
View all episodes
By The InfoSec Mission
5
33 ratings
Team Ambush members Oscar, Eric, and Pinky are back with another session of the Hackle Box—a series where they break down new and noteworthy breaches, vulnerabilities, exploits, and more over the last month.
This month's topics:
Microsoft going “passwordless”
https://arstechnica.com/gadgets/2021/09/starting-today-you-can-remove-your-password-from-your-microsoft-account/
OMIGOD—an exploitable hole in Microsoft open-source code
https://nakedsecurity.sophos.com/2021/09/16/omigod-an-exploitable-hole-in-microsoft-open-source-code/
New Azure Active Directory password brute-forcing flaw has no fix
https://arstechnica.com/information-technology/2021/09/new-azure-active-directory-password-brute-forcing-flaw-has-no-fix/?amp=1
Does your organization have a Security.txt file?
https://krebsonsecurity.com/2021/09/does-your-organization-have-a-security-txt-file/
CISA releases tool to help orgs fend off insider threat risks
https://www.bleepingcomputer.com/news/security/cisa-releases-tool-to-help-orgs-fend-off-insider-threat-risks/?utm_content=182136940&utm_medium=social&utm_source=twitter&hss_channel=tw-71605818
The REBOL Yell—novel exploit using REBOL for command-and-control
https://frsecure.com/blog/the-rebol-yell-new-rebol-exploit/
Teasing Project Hyphae
As always, the session ends with the Hacker Tip of the Month from Eric and the Phishing Report with Pinky.
Give this session a watch or listen, and feel free to send any comments, questions, or topic suggestions to [email protected].
And please like and subscribe!
This month's topics:
Microsoft going “passwordless”
https://arstechnica.com/gadgets/2021/09/starting-today-you-can-remove-your-password-from-your-microsoft-account/
OMIGOD—an exploitable hole in Microsoft open-source code
https://nakedsecurity.sophos.com/2021/09/16/omigod-an-exploitable-hole-in-microsoft-open-source-code/
New Azure Active Directory password brute-forcing flaw has no fix
https://arstechnica.com/information-technology/2021/09/new-azure-active-directory-password-brute-forcing-flaw-has-no-fix/?amp=1
Does your organization have a Security.txt file?
https://krebsonsecurity.com/2021/09/does-your-organization-have-a-security-txt-file/
CISA releases tool to help orgs fend off insider threat risks
https://www.bleepingcomputer.com/news/security/cisa-releases-tool-to-help-orgs-fend-off-insider-threat-risks/?utm_content=182136940&utm_medium=social&utm_source=twitter&hss_channel=tw-71605818
The REBOL Yell—novel exploit using REBOL for command-and-control
https://frsecure.com/blog/the-rebol-yell-new-rebol-exploit/
Teasing Project Hyphae
As always, the session ends with the Hacker Tip of the Month from Eric and the Phishing Report with Pinky.
Give this session a watch or listen, and feel free to send any comments, questions, or topic suggestions to [email protected].
And please like and subscribe!