Research Saturday

By: N2K Networks
Listen for free

  • Summary

  • Every Saturday, we sit down with cybersecurity researchers to talk shop about the latest threats, vulnerabilities, and technical discoveries.
    © 2024 N2K Networks, Inc. 706761
    Show More Show Less
Politics & Government
Show More Show Less
activate_Holiday_promo_in_buybox_DT_T2
Episodes
  • Quishing for trouble.

    Quishing for trouble.
    Dec 21 2024
    Adam Khan, VP of Security Operations at Barracuda, joins to discuss his team's work on "The evolving use of QR codes in phishing attacks." Cybercriminals are evolving phishing tactics by embedding QR codes, or “quishing,” into PDF documents attached to emails, tricking recipients into scanning them to access malicious websites that steal credentials. Barracuda researchers found over half a million such emails from June to September 2024, with most impersonating brands like Microsoft, DocuSign, and Adobe to exploit urgency and trust. To counter these attacks, businesses should deploy multilayered email security, use AI-powered detection tools, educate employees on QR code risks, and enable multifactor authentication to safeguard accounts. The research can be found here: Threat Spotlight: The evolving use of QR codes in phishing attacks Learn more about your ad choices. Visit megaphone.fm/adchoices
    Show More Show Less
    17 mins
  • Watching the watchers. IoT vulnerabilities exposed by AI.

    Watching the watchers. IoT vulnerabilities exposed by AI.
    Dec 14 2024
    This week, we are joined by Andrew Morris, Founder and CTO of GreyNoise, to discuss their work on "GreyNoise Intelligence Discovers Zero-Day Vulnerabilities in Live Streaming Cameras with the Help of AI." GreyNoise discovered two critical zero-day vulnerabilities in IoT-connected live streaming cameras, used in sensitive environments like healthcare and industrial operations, by leveraging its AI-powered detection system, Sift. The vulnerabilities, CVE-2024-8956 (insufficient authentication) and CVE-2024-8957 (OS command injection), could allow attackers to take full control of affected devices, manipulate video feeds, or integrate them into botnets for broader attacks. This breakthrough underscores the transformative role of AI in identifying threats that traditional systems might miss, highlighting the urgent need for robust cybersecurity measures in the expanding IoT landscape. The research can be found here: GreyNoise Intelligence Discovers Zero-Day Vulnerabilities in Live Streaming Cameras with the Help of AI Learn more about your ad choices. Visit megaphone.fm/adchoices
    Show More Show Less
    21 mins
  • The JPHP loader breaking away from the pack.

    The JPHP loader breaking away from the pack.
    Dec 7 2024
    Shawn Kanady, Global Director of Trustwave SpiderLabs, to discuss their work on "Pronsis Loader: A JPHP-Driven Malware Diverging from D3F@ck Loader." Trustwave SpiderLabs has uncovered Pronsis Loader, a new malware variant using the rare programming language JPHP and stealthy installation tactics to evade detection. The malware is capable of delivering high-risk payloads like Lumma Stealer and Latrodectus, posing a significant threat. Researchers highlight its unique capabilities and infrastructure, offering insights for bolstering cybersecurity defenses. The research can be found here: Pronsis Loader: A JPHP-Driven Malware Diverging from D3F@ck Loader Learn more about your ad choices. Visit megaphone.fm/adchoices
    Show More Show Less
    26 mins

What listeners say about Research Saturday

Average customer ratings

Reviews - Please select the tabs below to change the source of reviews.

Audible.co.uk reviews

Amazon reviews
No Reviews are Available