This weeks' briefing covers:

00:00 - Intro and Situational Awareness

2:24 - Microsoft and Hewlett Packard Enterprise Disclose Attacks By KTA014 (APT29)

5:59 - (Out of Band) Authentication Bypass in Fortra GoAnywhere MFT

8:26 - Remote Code Execution Vulnerability in Jenkins

10:02 - Apple Struggles To Protect Users From Malware with Xprotect

11:20 - KASSEIKA Employing Bring Your Own Vulnerable Driver

13:19 - Malware Spotlight: PRIVATELOADER

16:53 - Researchers Discover Billions of Exposed Credentials

21:39 - Ransomware Roundup

Dive deeper:

Additional Resources:

CVE-2024-0204: Authentication Bypass Vulnerability in Fortra GoAnywhere MFT: https://www.kroll.com/en/insights/publications/cyber/authentication-bypass-in-fortra-goanywhere-mft

Kroll Cyber Blog: https://www.kroll.com/en/insights/publications/cyber

Kroll Cyber Threat Intelligence: https://www.kroll.com/en/services/cyber-risk/managed-security/threat-intelligence-services

Kroll Threat Intelligence Reports: https://www.kroll.com/en/insights/publications/cyber/threat-intelligence-reports

Kroll Responder MDR: https://www.kroll.com/en/services/cyber-risk/managed-security/kroll-responder

#krollcyber #threatintelligence #cyberthreats