Outlook C2 Framework, VMWare ESXi Vuln, and PKFail leads to UEFI Supply Chain Attacks.

https://is1-ssl.mzstatic.com/image/thumb/Podcasts221/v4/26/3c/30/263c3003-f19b-cb33-9291-14fa145e54fe/mza_72390587056937988.png/600x600bb.jpg

The Cybersecurity Digest

The Cybersecurity Digest LLC

14 episodes

1 month ago

In the ever-evolving world of cybersecurity, keeping updated on the latest developments is crucial. The Cybersecurity Digest is your curated source for the most recent cybersecurity updates. Our goal is to bring you a comprehensive roundup of news, ensuring you’re well-informed and ahead of the curve. Stay Informed to Stay Secure.

Tech News

News

RSS

All content for The Cybersecurity Digest is the property of The Cybersecurity Digest LLC and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Tech News

News

https://d3t3ozftmdmh3i.cloudfront.net/staging/podcast_uploaded_episode/44035588/0837dc76dfd9d43f.png

Outlook C2 Framework, VMWare ESXi Vuln, and PKFail leads to UEFI Supply Chain Attacks.

The Cybersecurity Digest

24 minutes 3 seconds

1 year ago

Outlook C2 Framework, VMWare ESXi Vuln, and PKFail leads to UEFI Supply Chain Attacks.

Security Digest for 30 July 2024:

Podcast Requested Feedback: https://forms.gle/w2RB5DRzbbvu3ziS7

Notable News:

WhatsApp for Windows lets Python, PHP scripts execute with no warning (bleepingcomputer.com)

PKfail: Untrusted Platform Keys Undermine Secure Boot on UEFI Ecosystem (binarly.io)
SupplyChainAttacks/PKfail/ImpactedDevices.md at main · binarly-io/SupplyChainAttacks · GitHub

Malicious Python Package Targets macOS Developers (checkmarx.com)

SeleniumGreed Cryptomining Campaign Exploiting Grid Services | Wiz Blog

Scammer Abuses Microsoft 365 Tenants, Relaying Through Proofpoint Servers to Deliver Spam Campaigns | Proofpoint US

HealthEquity says data breach impacts 4.3 million people (bleepingcomputer.com)

Two-Step Phishing Campaign Exploits Microsoft Office Forms (perception-point.io)

Over 1 Million websites are at risk of sensitive information leakage (salt.security)

TrustedSec | Specula - Turning Outlook Into a C2 With One Registry…

Ransomware operators exploit ESXi hypervisor vulnerability for mass encryption | Microsoft Security Blog
Support Content Notification - Support Portal - Broadcom support portal

Prevalent Patches:
Security Bulletin: NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, Jetson TX1, Jetson TX2 Series (including Jetson TX2 NX), and Jetson Nano (including Jetson Nano 2GB) - July 2024 | NVIDIA (custhelp.com)

Apple security releases - Apple Support

CISA Corner:
NVD - CVE-2024-4879 (nist.gov)
NVD - CVE-2024-5217 (nist.gov)
NVD - CVE-2023-45249 (nist.gov)
Siemens SICAM Products | CISA
Positron Broadcast Signal Processor | CISA