350: Hackers Stealing NTLM Hashes?! (featuring Mike Saunders!)

This week on Technado, Daniel and Sophie welcome special guest Mike Saunders of Red Siege!

In our new Rapid Fire segment, the team covers the top security news of the week with fast-paced commentary and hot takes. Kali Linux has a new release, NSO Group and Meta are still locked in a lawsuit, CISA’s issuing a new warning re: ransomware, and thousands of ChatGPT creds are up for sale on the black market. And as always, there are plenty of vulnerabilities to be found: the team talks a zero-day exploited by Lazarus, three severe vulnerabilities in a Zeek plugin, and the recent AMEX 3rd-party breach.

After a short break, it’s another new segment: Deep Dive! With Mike’s help, Dan and Soph get into the details of a new Linux variant of BIFROSE remote access trojan, featuring some visuals and demos courtesy of Daniel. Finally, the trio covers the nitty-gritty of TA577’s novel attack chain involving phishing to steal NTLM authentication hashes.