Security Weekly Podcast Network (Audio) Win95, Shuckworm, Ottokit, DCs, EC2, IAB, OSS, Recall, Josh Marpet, and More... - SWN #467
Apr 11, 2025
In a captivating mix of humor and caution, the discussion highlights recent cybersecurity threats like Shuckworm's USB attacks on military targets. Key vulnerabilities in WordPress and Amazon EC2 are examined, shedding light on the agility of cybercriminals versus corporate slowdowns. There's also a dive into new defense procurement regulations aimed at fostering innovation. Plus, the nostalgic sound of Windows 95's boot chime is celebrated for its cultural impact, linking it to a renowned artist's legacy.
AI Snips
Chapters
Transcript
Episode notes
Fast Threat Exploitation
- Criminals are rapidly exploiting disclosed vulnerabilities due to efficient organization and resources.
- An authentication bypass in AutoKit was exploited within hours of public disclosure.
Patching Time Frame
- Evaluate your patching time frame for critical vulnerabilities.
- Consider how long it would take to patch your systems after a public disclosure.
Domain Controller Security
- Evaluate the security of your domain controllers, including outdated secondary controllers.
- Limit access and monitor for unusual activity, as domain controllers are prime targets.