This Threat Talks - deep dive - focuses on a recent SQL injection attack targeting Ivanti EPM software, a powerful endpoint management solution.

Lieuwe Jan Koning, Luca Cipriano and Rob Maas explore the attack's mechanics, its implications for network security, and compare it to historical incidents like the SolarWinds supply chain attack. The episode offers a thorough analysis of how organizations can defend against such vulnerabilities, emphasizing the importance of secure management software in protecting endpoints.

Through expert insights and practical advice, the talk highlights the critical need for robust cybersecurity measures in today's digital landscape.

Interested in the full technical info of the discussed threats? For more detailed information or to access the infographic, please visit https://threat-talks.com/deep-dive-ivanti-epm/

In this deep dive of Threat Talks, we delve into the intricate realm of cybersecurity, spotlighting a newly uncovered vulnerability within Google's OAuth authentication system.

Uncover a hidden feature in the Google multi-login API causing significant disruptions. Intended to streamline the authentication process for Google services like Gmail, Calendar, and Maps, this API harbors an undocumented functionality that enables nefarious actors to circumvent authentication measures, even following a password reset.

Join us as we navigate through the complexities of this security flaw and its implications on digital safety.

Interested in the full technical info of the discussed threats? For more detailed information or to access the infographic, please visit https://threat-talks.com/deep-dive-google-oauth-bypass/

Fancy Bear, also known by the Russian actor designation APT28, has been implicated in cyber attacks targeting Microsoft Outlook and other platforms, utilizing CVEs to exploit systems.

This group, associated with Russian military intelligence, is known for attempting to influence democratic processes in France and the US, supporting pro-Russian actions in Europe and the US.

Interested in the full technical info of the discussed threat? For more detailed information or to access the infographic, please visit https://threat-talks.com/outlook-vulnerability-deep-dive/

Learn about AI-generated phishing attacks, the strengths and weaknesses of multi-factor authentication (MFA), and real-world cyber attack cases.

Discover the balance between security and usability, the importance of user education, and the future of authentication technologies.

Join us for an insightful exploration into the evolving landscape of cybersecurity and how to protect against the ever-present threats online.

Interested in the full technical info of the discussed threats? For more detailed information or to access the infographic, please visit https://threat-talks.com/the-authentication-apocalypse/

Step into the digital fortress with our latest podcast episode on the FortiOS SSLVPN buffer overflow vulnerability. Our cybersecurity experts break down the complexities of this critical threat and guide you through robust protection strategies.

This episode is a must-listen for anyone looking to safeguard their digital landscape against sophisticated cyber threats. Tune in to fortify your knowledge and ensure your organization's resilience in the face of potential cyber attacks.

Interested in the full technical info of the discussed threats? For more detailed information or to access the infographic, please visit https://threat-talks.com/fortios-sslvpn-buffer-overflow/

We take a deep dive into TunnelCrack Cybersecurity Risk, an advanced attack that exploits VPN vulnerabilities. Discover the strategies attackers use, from evil twin attacks at your favorite café to sophisticated DNS manipulations.

More importantly, learn how to protect yourself and your organization from such vulnerabilities. Tune in for an enlightening session filled with invaluable insights and preventive measures.

Interested in the full technical info of the discussed threats? For more detailed information or to access the infographic, please visit https://threat-talks.com/tunnelcrack-vpn-deep-dive/

Delve deeper into cybersecurity's critical aspects with our thorough examination of the Citrix Netscaler Zero Day vulnerability.

This analysis covers the vulnerability's technical nuances, highlighting its capacity for remote code execution and the severe risks it poses to network security.

Understand the sophisticated mechanisms attackers use to exploit this vulnerability, leading to unauthorized access and potential data breaches.

Interested in the full technical info of the discussed threat? For more detailed information or to access the infographic, please visit https://threat-talks.com/citrix-netscaler-deep-dive/

Navigating the complexities of remote work and its security challenges? In this episode of Threat Talks, we delve deep into the pressing issues surrounding remote access and the vulnerabilities that come with it.

Deep Dive into Citrix Netscaler ADC, Tunnelcrack, and Fortinet/FortiGate. Vulnerabilities: Understand the risks and how they impact your business.

Do we really need to reboot our routers weekly? Is avoiding remote access a viable option in today's world? Discover these answers and more!

Interested in the full technical info of the discussed threats? For more detailed information or to access the infographic, please visit https://threat-talks.com/does-remote-work/

This episode features Lieuwe Jan Koning and Luca Cipriano discussing the Mirai botnet, which has infected over 600,000 devices and disrupted major services worldwide. They explain its operations, impact, and the role of IoT devices, also covering malware types and propagation methods.

The episode offers practical cybersecurity tips like strong passwords and regular updates, providing crucial insights for both experts and enthusiasts in today’s evolving cyber threat landscape.

Interested in the full technical info of the discussed threat? For more detailed information or to access the infographic, please visit https://threat-talks.com/miria-botnet-deep-drive/

DDoS attacks are becoming increasingly more frequent, and there doesn’t appear to be any signs of slowing down.

If you’re looking for insights into the types of DDoS attacks that are being used, expert opinions on the best prevention and remediation and much more, tune in for this episode of Threat Talks. Lieuwe Jan Koning, Peter van Burgel and Luca Cipriano discuss the following hacks:

Interested in the full technical info of the discussed threats? For more detailed information or to access the infographic, please visit https://threat-talks.com/cant-deny-ddos-in-2024/