The Cyber Threat Perspective - podcast cover

The Cyber Threat Perspective

SecurIT360cyberthreatperspective.buzzsprout.com
Technology

Step into the ever-evolving world of cybersecurity with the offensive security group from SecurIT360. We’re bringing you fresh content from our journeys into penetration testing, threat research and various other interesting topics.

[email protected]

Follow on
Metacast
Apple Podcasts
Spotify
Youtube
RSS

Episodes

June 10th 2022 CTP Week in Review: Dogwalk - Qakbot - Follina - ESXi Ransomware

In this week's review: A DFIR Report with no Ransomware and no Cobalt Strike Path Traversal & MOTW Bypass - DIAGCAB Windows Zero-day aka "Dogwalk" Linux version of Black Basta ransomware targets VMware ESXi servers TA570 Qakbot (Qbot) tries CVE-2022-30190 (Follina) exploit (ms-msdt) Blog: https://offsec.blog/ Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfw Twitter: https://twitter.com/cyberthreatpov Work with Us: https://securit360.com Blog: https://offsec.bl...

Jun 10, 202223 minSeason 100Ep. 6

June 3rd 2022 – Cyber Threat Perspective – Week in Review

In this week's review: Microsoft Diagnostics Tool Remote Code Execution Zero Day New Windows Search zero-day added to Microsoft protocol nightmare Vendor Refuses to Remove Backdoor Account That Can... Over 3.6 million exposed MySQL servers on IPv4 and IPv6 |... APTs Overwhelmingly Share Known Vulnerabilities Rather Than Attack O-Days Blog: https://offsec.blog/ Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfw Twitter: https://twitter.com/cyberthreatpov Work with Us: https://...

Jun 03, 202228 minSeason 100Ep. 5

Threat Intel Flash Briefing May 31st 2022 - Follina - CVE-2022-30190

The sky IS NOT falling with this one. Is it important? Yes. Does it highlight an area that's under-researched and likely contains additional attack vectors and techniques? Absolutely. Resources https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30190 https://doublepulsar.com/follina-a-microsoft-office-code-execution-vulnerability-1a47fce5629e https://www.huntress.com/blog/microsoft-office-remote-code-execution-follina-msdt-bug https://github.com/NVISOsecurity/nviso-cti/blob/mast...

May 31, 202217 minSeason 99Ep. 2

May 27th 2022 – Cyber Threat Perspective – Week in Review

In This Weeks Review PDF Malware Is Not Dead Yet Detecting & Preventing Rogue Azure Subscriptions Python and PHP Library Updated with 'Extra' Features by a "Security Researcher" 2022 Verizon Data Breach Investigations Report Zoom: Remote Code Execution with XMPP Exploit released for critical VMware auth bypass bug Blog: https://offsec.blog/ Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfw Twitter: https://twitter.com/cyberthreatpov Work with Us: https://s...

May 27, 202233 minSeason 100Ep. 4

May 20th, 2022 - Cyber Threat Perspective - Week in Review

In This Weeks Review Gootloader & Gootkit Analysis by DFIR Report and Red Canary Authenticated PetitPotam Lives On (CVE-2022-26925) The Hunter Becomes the Hunted: Evicting the Adversary Spoofing SaaS Vanity URLS for Social Engineering Attacks Blog: https://offsec.blog/ Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfw Twitter: https://twitter.com/cyberthreatpov Work with Us: https://securit360.com Blog: https://offsec.blog/ Youtube: https://www.youtube.com/@cyberthreatpov Twi...

May 20, 202222 minSeason 100Ep. 3

May 13th, 2022 - Cyber Threat Perspective - Week in Review

In This Weeks Review Threat Actor using Windows Event Logs for "fileless" Malware CVE-2022-1388 - F5 BIG-IP PoC Released CVE-2021-22600 - Privilege Escalation Bug In The Linux Kernel CVE-2022-26925 - A Windows LSA Spoofing Vulnerability (PetitPotam) CVE-2022–26923 - Another ADCS Domain Privilege Escalation Blog: https://offsec.blog/ Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfw Twitter: https://twitter.com/cyberthreatpov Work with Us: https://securit360.com Blog: ht...

May 13, 202218 minSeason 100Ep. 2

May 6th, 2022 - Cyber Threat Perspective - Week in Review

In this week's review: Detecting SharpHound using Decoys UNC3524: Eye Spy on Your Email | Mandiant The New Initial Access Trend: ZIPs, ISOs & LNKs Unauthenticated RCE in F5 BIG-IP CVE-2022-1388 Blog: https://offsec.blog/ Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfw Twitter: https://twitter.com/cyberthreatpov Work with Us: https://securit360.com Blog: https://offsec.blog/ Youtube: https://www.youtube.com/@cyberthreatpov Twitter: https://x.com/cyberthreatpov Spencer&a...

May 06, 202227 minSeason 100Ep. 1

Threat Intel Flash Briefing - Kerberos Relaying to Local SYSTEM

There exists a universal no-fix local privilege escalation in Windows domain environments where LDAP signing is not enforced (the default settings). Thanks to the research and open source tools of several researchers, it's now trivial to elevate to SYSTEM on most Windows Operating Systems. Resources: https://github.com/Dec0ne/KrbRelayUp https://googleprojectzero.blogspot.com/2021/10/using-kerberos-for-authentication-relay.html https://github.com/cube0x0/KrbRelay https://github.com/Dec0ne/Kr...

Apr 27, 202224 minSeason 99Ep. 1