Episode Description

Forecast = Expect a 90% chance of phishing 🐠 attacks, with a high probability of ransomware showers. Don't forget your two-factor authentication ☔ umbrella!

In this episode, we tackle the controversial Microsoft Recall feature. This new AI-enabled tool for Windows 11 Copilot+ PCs has sparked significant privacy concerns. Recall takes screenshots every few seconds, potentially capturing sensitive information like passwords and private messages. Despite Microsoft's assurances of local storage and encryption, the feature's default activation and the exclusion of Windows Home users from encryption protections have raised alarms among privacy advocates and cybersecurity experts. We explore the implications of this feature and discuss ways users can protect their data.

Next we turn our attention to the sorry state of ISP router safety. A mysterious attack last year disabled over 600,000 internet routers in the U.S., primarily affecting rural and underserved communities. The attack, dubbed "Pumpkin Eclipse," involved malicious firmware updates that rendered the routers inoperable. The incident highlights the vulnerabilities in our critical infrastructure and the need for robust cybersecurity measures. We also take a look at the curious case of Cox Communications routers, documented by Sam Curry in a recent blog post.

During "Tool Time," we introduce CyberSecTools, a useful resource for cybersecurity professionals to survey tools and resources they might find useful when defending their organizations.

We also take a moment for some "Shameless Self-Promotion," discussing Censys' recent findings on a critical vulnerability in Check Point VPN Gateways (CVE-2024-24919). 

Our "Tag Roundup" segment offers updates on recent and active cybersecurity campaigns, including the resurgence of the Dridex and Trickbot malware families. We also highlight ongoing attempts to exploit and survey the Check Point Quantum Gateway vulnerability.

Finally, in "We Need to Talk About KEV," we provide a roundup of known exploited vulnerabilities, emphasizing the importance of staying informed and proactive in cybersecurity defense.

Can't watch? Listen here:

View episode Slides
Link to GreyNoise Twitter account
Link to GreyNoise Twitter account