SSID Confusion Attacks

https://youtu.be/jxnYFdY-3P0 This week on the podcast, we discuss a new Microsoft Windows feature that is shaping up to be a security nightmare. Before that, we discuss a new research initiative from the Advanced Research Projects Agency for Health (ARPA-H) that could make big improvements in healthcare cybersecurity.

https://youtu.be/b_KBOKn1IPo This week on the podcast, we cover a newly disclosed weakness in the 802.11 Wi-Fi standard that affects common enterprise Wi-Fi deployments. Before that, we discuss CISA's Secure by Design Pledge for technology vendors before ending with a Microsoft research post on Quick Assist social engineering.

https://youtu.be/uo9m0hHQua4 In a very special episode of #the443Podcast, WatchGuard Director of Security Operations, Marc Laliberte sits down with Seattle Kraken Cybersecurity Engineer, Ryan Willgues to discuss how Ryan got his start in IT, what it’s like working for an NHL franchise, how the Kraken have deployed WatchGuard’s Unified Security Platform, and much more.

https://youtu.be/SF_42g-BYzM This week on the podcast, we cover guidance from CISA and its international partners that guides organizations on the right questions to ask during the technology procurement process to make sure the products they buy are secure. Before that, we cover Microsoft's research into a common vulnerability impacting over 4 billion Android application installations followed by a discussion on the Tunnel Vision VPN vulnerability

https://youtu.be/dwRG_wO0vgc This week on the podcast, we cover the key takeaways from the 2024 Verizon Data Breach Investigations Report. Before that, we discuss what we learned from United Healthcare CEO Andrew Witty's congressional testimony on their ransomware attack in February. We also discuss a research article from JFrog on malicious Docker Hub repositories.

https://youtu.be/GnxViRW1A24 This week on the podcast, we cover a nation-state backed attack against Cisco ASA appliances which Cisco TALOS themselves have dubbed "ArcaneDoor." After that, we discuss a phishing tookit being used to target LastPass users before ending with a new way to deliver malware payloads using legitimate services.

https://youtu.be/3fX7LRXi74I This week on the podcast, we cover a research post that describes a code injection vulnerability caused by the way nearly every high level programming language runs on Windows. We also discuss a series of vulnerabilities in LG televisions that allow remote attackers to root the device before ending with a chat about new adversarial tactics for delivering malware via GitHub.

https://youtu.be/0860ZmM1vgE This week on the podcast, we cover a software supply chain attack years in the making that was days away from a devastating global impact. After that, we cover Facebook's Project Ghostbusters and its impact on user privacy before ending with another software supply chain attack that successfully compromised developers in the gaming world.

https://youtu.be/VqFnomsJzdA This week on the podcast we discuss a vulnerability in required commercial truck hardware that could enable an automatically propagating worm across the entire US. Before that, we cover Apple's "un-patchable" vulnerability in their M-series processors as well as a vulnerability that could let attackers unlock hotel room doors at will.

https://youtu.be/iYM3y85hEkM This week on the podcast, we're joined by Ryan Estes, a member of WatchGuard's Zero-Trust Application Service classification team and resident ransomware expert to discuss the wild month in ransomware news. We start the episode with a story about a fake ransomware operator that scammed cybercriminals out of tens of thousands of dollars before discussing two major Ransomware-as-a-Service operators that have had a pretty rough couple of weeks.