In this episode, the host addresses a previous mistake in naming a company involved in a breach, correcting SitusAMC for Ascensus, and extends apologies. Key topics include US banks assessing a breach fallout from financial tech vendor SitusAMC, ransomware group CioP targeting Broadcom through Oracle’s vulnerabilities, a new malware campaign hiding in Blender 3D models named SteelC, supply chain attacks in the JavaScript ecosystem through NPM packages with Shai-Hulud malware, and a phishing scam using lookalike domains to deceive Microsoft account holders. Listeners are reminded to manually type URLs to avoid phishing scams, and are informed about the Thanksgiving weekend schedule change.
00:00 Introduction and Apology
01:26 Cybersecurity Headlines
02:13 US Banks Data Theft Incident
03:44 Broadcom and Oracle ERP Breach
05:29 Blender Malware Campaign
07:45 Shai-Hulud NPM Package Attack
09:41 Phishing Campaign Targeting Microsoft Accounts
11:39 Final Thoughts and Thanksgiving Wishes
Read the original article: