Exploring CrushFTP Vulnerabilities & Autonomous AI Cyber Threats

In this episode of Storm⚡️Watch, we begin by spotlighting the critical vulnerabilities in CrushFTP and the emergence of autonomous hacking by LLM agents. We also introduce CPE Guesser tools, celebrate a GreyNoise milestone, and emphasize the importance of staying vigilant against evolving threats.

Recent episodes

Exploring CrushFTP Vulnerabilities & Autonomous AI Cyber Threats

AI Storms the Cybersecurity Front: Deepfakes & Attacks

This episode of Storm⚡️Watch features AI Security Researcher Erick Galinkin for a deep dive into AI threats like those affecting LastPass and healthcare. The team also examines an XZ-style attack on OpenJS and showcases Malpedia, along with updates on vulnerabilities in D-Link and Sisense.

Ivanti's Security Revamp, Dodging the XZ Bullet & D-Link's NAS Crisis

In this episode of Storm⚡Watch, we start by discussing Ivanti's CEO Jeff Abbott's pledge for a comprehensive security overhaul following a series of breaches linked to vulnerabilities, including CVE-2024-21894. We also explore Andres Freund's accidental heroism in uncovering a backdoor in Linux software, and delve into the vulnerability of D-Link NAS devices to remote code execution.

Honoring Ross J. Anderson, Interview With Horizon3AI's Zach Hanley & China's APT31 Sanctions

In this episode of Storm⚡️Watch, we pay tribute to Ross J. Anderson, setting the stage for a deep dive into cybersecurity. Joined by Zach Hanley of Horizon3.ai, we explore their NodeZero platform before delving into recent sanctions on a Chinese state-sponsored hacking group.

Supply Chain Storms, Firmware Flurries, and Big (Tech) Trouble In Little China

In this episode of Storm⚡️Watch we explore the intricacies of supply chain and firmware safety with Nate Warfield from Eclypsium. Then, we discuss the recent sanctions on APT31 hackers and examine the implications of China's recently expanded "Work Secrets" Law.

AI Crime Warnings & NVD Slowdown

In this episode of Storm⚡️Watch we explore pressing cybersecurity topics, from the Department of Justice's stance on AI in crimes to the National Vulnerability Database (NVD) and its recent slowdown in updates.

Meet the Team

Bob Rudis

Bob Rudis brings 30 years of data defense expertise to his role as VP of Data Science at GreyNoise Intelligence, focusing on internet threat research. Formerly at Rapid7 and Verizon, he authored the Data Breach Investigations Report. Bob is a prolific online voice via Twitter (@hrbrmstr), his blog (rud.is/b), and contributions to the open-source realm, and has authored works on data security.

Glenn Thorpe

Glenn Thorpe, Sr. Director of Security Research at GreyNoise, began his 20+ year cybersecurity journey after a phishing scam sparked his passion. An expert in digital forensics and incident response, he consults on high-priority threats. Away from the office, he’s a weather enthusiast and avid shark diver.

Kimber Duke

As a Product Manager working for Greynoise Intelligence, Kimber's security interests range from emerging threats to network defense engineering, with the addition of embedded systems and ancient RFCs in between.

Emily Austin

Emily helms the security research at Censys, analyzing threats and Internet trends. With a background in threat hunting and incident response, she applies data science to tackle security challenges, having expertise in anti-abuse and fraud detection.

Exploring CrushFTP Vulnerabilities & Autonomous AI Cyber Threats