In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including the dangers of malware disguised as proof of concept code on GitHub, the alarming rise in phishing attacks, the implications of a recent Treasury hack, and the targeted attacks on Ivanti’s security products. The conversation emphasizes the need for skepticism in security research, the importance of creating a safer environment for users, and the ongoing challenges posed by sophisticated threat actors.

Links:

• https://www.bleepingcomputer.com/news/security/fake-ldapnightmware-exploit-on-github-spreads-infostealer-malware/


• https://www.forbes.com/sites/daveywinder/2025/01/09/do-not-click-new-gmail-outlook-apple-mail-warning-for-billions/


• https://www.bleepingcomputer.com/news/security/treasury-hackers-also-breached-us-foreign-investments-review-office/


• https://www.bleepingcomputer.com/news/security/google-chinese-hackers-likely-behind-ivanti-vpn-zero-day-attacks/

<iframe title="Defensive Security Podcast Episode 292" width="604" height="340" src="https://www.youtube.com/embed/tsBmC1ybSso?feature=oembed" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen></iframe>