MFA & Cybersecurity: Crypto-Miner Takedown, Ivanti Debacle, and AI-Enhanced Phishing

We kick off with introductions and a roundtable discussion, followed by an exploration of a mass crypto-miner takedown, with insights drawn from reports by the Ukrainian Cyber Police and Bleeping Computer.

We then discuss the Ivanti debacle, referencing a blog post by Volexity. This is followed up by the note of two X account hacking events (SEC & Mandiant), as reported by The Register and Security Affairs. The NSA's warning about AI-enhanced phishing is also on our agenda, with sources from NBC News and Infosec Exchange.

We tap back to ancient Stuxnet news, the malware that cost a billion dollars, based on an article by Graham Cluley (there are some new twists to this tale). We also delve into the broad implications of the Orrick breach, as reported by Security Week. In our tool spotlight, we feature Cyberwatch, a GitHub project by Casualtek.

We also discuss a blog posts from Censys, about a Juniper vulnerability and encourage folks to attend the "Stop Predicting, Start Protecting" lunch-and-learn.

From GreyNoise, we highlight the second 2024 Tag Webinar and discuss recent tags and active campaigns.

We wrap up with a roundup of known exploited vulnerabilities from CISA.