Contacts
Info
The Hackle Box is a monthly cyber threat intel discussion where Oscar Minks and members of FRSecure's technical services team (Team Ambush) break down the latest trends in the information...
show more
The Hackle Box is a monthly cyber threat intel discussion where Oscar Minks and members of FRSecure's technical services team (Team Ambush) break down the latest trends in the information security industry involving hacking techniques, vulnerabilities, exploits, and more.
show less
The Hackle Box
The Hackle Box
-
Police Troll LockBit, Microsoft Holds Execs Accountable for Security
13 MAY 2024 · The guys are back for another episode of the Hackle Box—a monthly conversation between information security experts about new and noteworthy exploits. This time, they discuss critical Citrix flaws, fake journalists stealing data, Microsoft holding execs accountable for security, police trolling a ransomware gang, and more. Links: Citrix Addresses High-Severity Flaw in NetScaler ADC and Gateway https://thehackernews.com/2023/10/critical-citrix-netscaler-flaw.html Apt42 Pose As Journalists, Harvest Credentials, Access Cloud Data https://attackfeed.com/apt42-hackers-pose-as-journalists-to-harvest-credentials-and-access-cloud-data-infothehackernews-com-the-hacker-news/ Microsoft Will Hold Execs Accountable for Cybersecurity https://www.darkreading.com/cloud-security/feds-microsoft-clean-up-cloud-security-act Burnout Is Pushing Workers to Use AI—Even If Their Boss Doesn’t Know https://www.wired.com/story/ai-workers-burnout-microsoft-linkedin/ Police Resurrect LockBit's Site and Troll the Ransomware Gang | TechCrunch https://techcrunch.com/2024/05/06/police-resurrect-lockbits-site-and-troll-the-ransomware-gang/ US Indicts LockBit Ransomware Ringleader, Offers $10 Million Reward https://www.theverge.com/2024/5/7/24151493/us-lockbit-ransomware-ringleader-indictment-reward Please like, subscribe, and follow us on social! Facebook: https://www.facebook.com/frsecure/ Twitter: https://twitter.com/frsecure/ Instagram: https://www.instagram.com/frsecureofficial/  LinkedIn: https://www.linkedin.com/company/frsecure/ About FRSecure https://frsecure.com/ FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can’t do it alone. Whether you’re wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve. -
AI-Written Malware, XZ Utils, Attackers Target Hospital Help Desks
16 APR 2024 · The guys are back for another episode of the Hackle Box—a monthly conversation between information security experts about new and noteworthy exploits. This time, they discuss AI-written malware, XZ Utils, and attackers targeting hospital IT help desks. Links: XZ Utils scare https://www.darkreading.com/application-security/xz-utils-scare-exposes-hard-truths-in-software-security Change Healthcare hit with cyber extortion (again) https://www.infosecurity-magazine.com/news/change-healthcare-double-cyber/ Health Department warns attackers targeting IT help desks https://www.bleepingcomputer.com/news/security/us-health-dept-warns-hospitals-of-hackers-targeting-it-help-desks/ Malicious PowerShell script appears to be AI-written https://www.bleepingcomputer.com/news/security/malicious-powershell-script-pushing-malware-looks-ai-written/ Please follow us on social! Facebook: https://www.facebook.com/frsecure/ Twitter: https://twitter.com/frsecure/ Instagram: https://www.instagram.com/frsecureofficial/ LinkedIn: https://www.linkedin.com/company/frsecure/ About FRSecure https://frsecure.com/ FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can’t do it alone. Whether you’re wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve. -
Gemini AI Vulnerability, ChatGPT Plugins, Typosquatting, Vishing
19 MAR 2024 · The guys are back for another episode of the Hackle Box—a monthly conversation between information security experts about new and noteworthy exploits. This time, they discuss security risks in ChatGPT plugins, a major flaw in Google's Gemini AI, typosquatting, and a worldwide vishing epidemic. Links: ChatGPT Plugin Security https://www.infosecurity-magazine.com/news/security-risks-chatgpt-plugins/ Gemini AI Vulnerability https://www.darkreading.com/cyber-risk/google-gemini-vulnerable-to-content-manipulation-researchers-say Worldwide Vishing Epidemic https://www.darkreading.com/endpoint-security/sophisticated-vishing-campaigns-take-world-by-storm Typosquatting https://www.darkreading.com/threat-intelligence/typosquatting-wave-shows-no-signs-of-abating Please like, subscribe, and follow us on social! Facebook: https://www.facebook.com/frsecure/ Twitter: https://twitter.com/frsecure/ Instagram: https://www.instagram.com/frsecureofficial/ LinkedIn: https://www.linkedin.com/company/frsecure/ About FRSecure https://frsecure.com/ FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can’t do it alone. Whether you’re wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve. -
AnyDesk, Resumes Stolen From Compromised Job Boards, Industry News
12 FEB 2024 · The guys are back for another episode of the Hackle Box—a monthly conversation between information security experts about new and noteworthy exploits. This time, they discuss compromised job boards where millions of resumes were stolen, AnyDesk's actions post-hack, an exploited SSRF flaw in Ivanti, and more. Links: Millions of resumes stolen via exploited job boards https://thehackernews.com/2024/02/hackers-exploit-job-boards-in-apac.html AnyDesk resets passwords/revokes certificates after hack https://techcrunch.com/2024/02/05/remote-access-giant-anydesk-resets-passwords-and-revokes-certificates-after-hack/ SSRF flaw in Ivanti exploited https://thehackernews.com/2024/02/recently-disclosed-ssrf-flaw-in-ivanti.html Fortinet reissues critical FortiSIEM vulnerabilities https://www.theregister.com/2024/02/06/fortinet_fortisiem_vulns/ Please like, subscribe, and follow us on social! Facebook: https://www.facebook.com/frsecure/ Twitter: https://twitter.com/frsecure/ Instagram: https://www.instagram.com/frsecureofficial/ LinkedIn: https://www.linkedin.com/company/frsecure/ About FRSecure https://frsecure.com/ FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can’t do it alone. Whether you’re wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve. -
Cybersecurity Funding Reduced 40% in 2023, Vulnerability/Patch News
19 JAN 2024 · The guys are back for another episode of the Hackle Box—a monthly conversation between information security experts about new and noteworthy exploits. This time, they discuss the reduced cybersecurity funding observed in 2023 as well as new vulnerabilities, patches, and more. Links: Cybersecurity Funding Reduced https://www.securityweek.com/cybersecurity-funding-dropped-40-in-2023-analysis/ Critical Flaws in Windows Kerberos and Hyper-V https://securityweek.com/microsoft-ships-urgent-fixes-for-critical-flaws-in-windows-kerberos-hyper-v/ Pikabot Malware https://www.darkreading.com/cyberattacks-data-breaches/pikabot-malware-qakbot-replacement-black-basta-attacks Decryptor for Black Basta and Babuk's Tortilla Ransomware https://thehackernews.com/2024/01/free-decryptor-released-for-black-basta.html Please like, subscribe, and follow us on social! Facebook: https://www.facebook.com/frsecure/ Twitter: https://twitter.com/frsecure/ Instagram: https://www.instagram.com/frsecureofficial/ LinkedIn: https://www.linkedin.com/company/frsecure/ About FRSecure https://frsecure.com/ FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can’t do it alone. Whether you’re wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve. -
Breachmas & Common Social Engineering Attacks
12 DEC 2023 · The guys are back for another episode of the Hackle Box—a monthly conversation between information security experts about new and noteworthy exploits. This time, they discuss common social engineering attacks carried out around the holidays when key team members are out of the office or organizations are shut down for seasonal breaks. Links Social Engineering https://thehackernews.com/2023/12/hacking-human-mind-exploiting.html Cisco IOS XE Vuln Exploitation https://www.securityweek.com/exploitation-of-recent-cisco-ios-xe-vulnerabilities-spikes/ Sierra:21 Attacks https://thehackernews.com/2023/12/sierra21-flaws-in-sierra-wireless.html Atlassian https://www.darkreading.com/application-security/patch-now-critical-atlassian-bugs-endanger-enterprise-apps Please follow us on social! Facebook: https://www.facebook.com/frsecure/ Twitter: https://twitter.com/frsecure/ Instagram: https://www.instagram.com/frsecureofficial/ LinkedIn: https://www.linkedin.com/company/frsecure/ About FRSecure https://frsecure.com/ FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can’t do it alone. Whether you’re wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve. -
Recent Vulnerabilities in Confluence and Apache ActiveMQ
15 NOV 2023 · The guys are back for another episode of the Hackle Box—a monthly conversation between information security experts about new and noteworthy exploits. This time around, they discuss recent vulnerabilities in Confluence and Apache ActiveMQ. Follow us on social! Facebook: https://www.facebook.com/frsecure/ Twitter: https://twitter.com/frsecure/ Instagram: https://www.instagram.com/frsecureofficial/ LinkedIn: https://www.linkedin.com/company/frsecure/ About FRSecure - https://frsecure.com/ FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can’t do it alone. Whether you’re wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve. -
Incident Response Horror Stories
16 OCT 2023 · The guys are back for a special, Friday the 13th episode of the Hackle Box—a monthly conversation between information security experts about new and noteworthy exploits. This time around, we're getting in the spooky spirit and telling scary stories from real-life IR cases. 🎃 Please like, subscribe, and follow us on social! Facebook: https://www.facebook.com/frsecure/ Twitter: https://twitter.com/frsecure/ Instagram: https://www.instagram.com/frsecureofficial/ LinkedIn: https://www.linkedin.com/company/frsecure/ -
Scattered Spider - The MGM Hackers, InfoSec News
18 SEP 2023 · Oscar and Pinky are back for this month's session of the Hackle Box—a monthly conversation between the information security experts about new and noteworthy exploits. DISCUSSED THIS MONTH: Scattered Spider (MGM attack) https://hackdojo.io/articles/E59P05LKQ/-scattered-spider-behind-mgm-cyberattack-targets-casinos Caesers confirms ransomware https://hackdojo.io/articles/73WL5VP9N/caesars-confirms-ransomware-hack-stolen-loyalty-program-database MGM hackers branching out https://hackdojo.io/articles/AEWED5DK7/mgm-hackers-broadening-targets-monetization-strategies UNC3944 Smishing Ransomware https://www.mandiant.com/resources/blog/unc3944-sms-phishing-sim-swapping-ransomware LastPass iOS vulnerability (BLASTPASS) https://hackdojo.io/articles/AEWEDLDK7/blastpass-government-agencies-told-to-secure-iphones-against-spyware-attacks Follow us on social! Facebook: https://www.facebook.com/frsecure/ Twitter: https://twitter.com/frsecure/ Instagram: https://www.instagram.com/frsecureofficial/ LinkedIn: https://www.linkedin.com/company/frsecure/ -
DEFCON 31, EvilProxy, QR Code Credential Theft, AI Stealing Passwords
22 AUG 2023 · Eric and Pinky are back with another session of the Hackle Box—a monthly conversation between the information security experts about new and noteworthy exploits. Discussed this month - DEFCON Recap - EvilProxy campaign - https://www.techrepublic.com/article/evilproxy-phishing-attack/ - QR Codes used for credential theft - https://www.darkreading.com/attacks-breaches/qr-code-phishing-campaign-targets-top-u-s-energy-company - AI stealing passwords, listening to keystrokes - https://www.darkreading.com/attacks-breaches/ai-model-can-replicate-password-listening-to-keystrokes Follow us on social! Facebook: https://www.facebook.com/frsecure/ Twitter: https://twitter.com/frsecure/ Instagram: https://www.instagram.com/frsecureofficial/ LinkedIn: https://www.linkedin.com/company/frsecure/
The Hackle Box is a monthly cyber threat intel discussion where Oscar Minks and members of FRSecure's technical services team (Team Ambush) break down the latest trends in the information...
show more
The Hackle Box is a monthly cyber threat intel discussion where Oscar Minks and members of FRSecure's technical services team (Team Ambush) break down the latest trends in the information security industry involving hacking techniques, vulnerabilities, exploits, and more.
show less
Information
Author | The InfoSec Mission |
Categories | Technology |
Website | frsecure.com |
hacklebox@frsecure.com |
Copyright 2024 - Spreaker Inc. an iHeartMedia Company