Security Weekly Podcast Network (Audio) Code of Hammurabi, RockYou, MimicRat, Trustconnect, Introsort, AI, Josh Marpet... - SWN #557
Feb 20, 2026
Ancient law meets modern cybercrime and password hygiene. Deep dives on a stealthy MimicRat click‑fraud campaign and rebranded malware‑as‑a‑service. AI gets examined for self‑learning flaws, statistical mistakes, and disinformation risks. Discussion of identity control failures, mass exploitation of mobile management flaws, and the cyber equity gap facing small vendors.
AI Snips
Chapters
Transcript
Episode notes
Identity Failures Drive Most Breaches
- Weak identity controls were involved in 90% of incidents reviewed by Unit 42, revealing identity as the primary attack vector.
- Doug White emphasizes that knowing and cleaning up accounts is a foundational security task often neglected.
Purge Stale Accounts Immediately
- Audit and remove stale or orphaned accounts promptly to reduce attack surfaces.
- Run targeted checks on a sample of accounts to discover inactive, fired, or deceased users and revoke their access.
MimicRat Blends In Over HTTPS
- MimicRat is a multi-stage click‑forged campaign delivering a C++ RAT via PowerShell and HTTPS to blend with legitimate analytics traffic.
- The malware uses token impersonation, SOCKS5 tunneling, and a 22-command post-exploitation set, making detection harder.