The episode begins with a discussion of a recent Microsoft report suggesting that basic security hygiene could protect against 99% of attacks, highlighting the importance of multi-factor authentication, zero trust, and patching. It also notes that 80% of ransomware compromises occur via unmanaged devices, emphasizing the need for organizations to prioritize their security efforts.
Next, a recent vulnerability in Confluence, a popular team collaboration software, is discussed, which is exploited as a zero-day, allowing remote attackers to create new users. The importance of auditing user accounts, even after patching, to ensure that no unauthorized users are created during the exploit is stressed. The episode then turns its attention to the impact of a cyber attack on Clorox, predicting a significant drop in sales due to the attack, potentially timed to coincide with flu season.
A new vulnerability in the HTTP/2 protocol, exploitable for a denial-of-service (DoS) attack, is covered, noting that the best protection against such attacks currently is a DDoS mitigation service.
Finally, the addition and removal of certain devices from the Known Exploitable Vulnerabilities (KEV) list are discussed, with the MeetingOwl being removed from the list. The episode concludes by emphasizing the importance of basic security measures and the role of cybersecurity professionals in protecting against threats.
