Security Weekly
Security Weekly NewsSubscribe
Vulnerability Management, Security Staff Acquisition & Development, Threat Management

AirGaps, Slackware, Mitnick, Awareness, Microsoft, Bad API, Aaran Leyland and More – SWN #311

AirGaps, Slackware, Kevin Mitnick, Awareness, Microsoft, Bad API, JumpCloud, Megarac, Aaran Leyland, and More on the Security Weekly News.

Visit https://www.securityweekly.com/swn for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

View Show Index

Full Audio

Segments

1. AirGaps, Slackware, Mitnick, Awareness, Microsoft, Bad API, Aaran Leyland and More – SWN #311

AirGaps, Slackware, Kevin Mitnick, Awareness, Microsoft, Bad API, JumpCloud, Megarac, Aaran Leyland, and More on the Security Weekly News.

Hosts

Doug White
Doug White
Professor at Roger Williams University
  1. 1. Kevin Mitnick Obituary – Las Vegas, NV
  2. 2. Security Awareness Training Isn’t Working – How Can We Improve It?
  3. 3. Microsoft Bows to Pressure to Free Up Cloud Security Logs
  4. 4. Most financial and insurance firms report security issues in production APIs
  5. 5. North Korean-linked Lazarus Group tied to supply chain attack on JumpCloud
  6. 6. Critical Flaws in AMI MegaRAC BMC Software Expose Servers to Remote Attacks
  7. 7. Google tries internet air-gap for some staff PCs
  8. 8. Slackware turns 30
Aaran Leyland
Aaran Leyland
Cyber security lead EMEA at Defence
  1. 1. Poisoned Facebook Ads Deliver Malware Using Fake ChatGPT, Bard & Other AI Services

    Cyber criminals have recently started using Facebook to pretend to be well-known generative AI brands like ChatGPT, Google Bard, Midjourney, and Jasper to steal users’ personal information.

    Users on Facebook are deceived into downloading content from fake brand sites and advertisements.

    These downloads contain harmful malware that steals users’ internet credentials for banking, social networking, gaming, and other services, their cryptocurrency wallets, and any data saved in their browsers.

    According to the Check Point Research Team (CPR), the majority of Facebook campaigns that use fake sites and dangerous advertisements eventually spread malware that steals information.

    Users who are not aware of the situation are liking and commenting on fake posts, spreading them to their social networks.

Related

Incident Response
Making tabletop exercises better! – Ryan Fried – ESW #332

If you've ever played Dungeons & Dragons, you probably know that the quality of the experience depends on how prepared, experienced, and talented the Dungeon Master is. Today, we'll talk to InfoSec DM and practitioner extraordinaire Ryan Fried about some of the key elements that separate a good cybersecurity tabletop exercise from a bad one! T...