Big thank you to Cisco for sponsoring this video! (And for the FREE Ethical Hacking Training!)
// Free Ethical Hacking course //
Free Ethical Hacking course: https://skillsforall.com/course/ethical-hacker?courseLang=en-US
// Talos Report //
2024 Q1 Trends: https://blog.talosintelligence.com/talos-ir-quarterly-trends-q1-2024/
These are the threats you need to be aware of in 2024 from the Talos Report:
* Talos IR also observed a variety of threats in engagements, including data theft extortion, brute-force activ- ity targeting VPNs, and the previously seen commodity loader Gootloader.
* Talos IR responded to new variants of Phobos and Akira ransomware for the first time this quarter as well as the previously seen LockBit and Black Basta ransomware operations.
* A recent Talos IR engagement suggests that Akira has returned to using encryption as an additional extortion method, now deploying a multipronged attack strategy to target Windows and Linux ma- chines.
* Security researchers discovered an MFA bypassing phishing kit called “Tycoon 2FA” that has since become one of the most widespread phishing kits. However, this has yet to appear in any Talos IR engagements.
Firewalls getting hacked:
ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices: https://blog.talosintelligence.com/arcanedoor-new-espionage-focused-campaign-found-targeting-perimeter-network-devices/
AI voice cloning:
The use of voice cloning of voice mails to sound authentic. Attackers use voice clones to phone help desk and reset passwords etc.
2FA is a major issue:
"Users accepting unauthorized MFA push notifications was the top observed security weakness, accounting for 25 percent of engagements this quarter. The lack of proper MFA implementation closely followed, accounting for 21 percent of engagements, a 44 percent decrease from the previous quarter"
// Martin Lee’s SOCIAL //
Twitter / X: https://twitter.com/mlee_security
LinkedIn: https://www.linkedin.com/in/martinlee/
Talos Blog: http://blogs.cisco.com/tag/trac/
Security Website: https://sec.cloudapps.cisco.com/security/center/home.x
Cisco Blog: https://blogs.cisco.com/author/martinlee
// Book //
Cyber Threat Intelligence by Martin Lee:
USA: https://amzn.to/4dJ2LQj
UK: https://amzn.to/3K3TqVH
// Articles MENTIONED //
Talos Incident Response Threat Summary for Jan- March 2024: https://blog.talosintelligence.com/content/files/2024/04/Talos-IR-Trends--Q1-2024-.pdf
// David SOCIAL //
Discord: https://discord.com/invite/usKSyzb
Twitter: https://www.twitter.com/davidbombal
Instagram: https://www.instagram.com/davidbombal
LinkedIn: https://www.linkedin.com/in/davidbombal
Facebook: https://www.facebook.com/davidbombal.co
TikTok: http://tiktok.com/@davidbombal
YouTube: https://www.youtube.com/@davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: [email protected]
// MY STUFF //
https://www.amazon.com/shop/davidbombal
// MENU //
00:00 - Coming up
00:58 - Intro
01:14 - Firewall Hacking
05:23 - Patching, Configuration & MFA
09:44 - Logging
13:14 - The Cuckoo's Egg
15:53 - MFA Fatigue
19:10 - Weaknesses in MFA
23:45 - SMS 2FA
25:15 - A.I Voice Cloning
31:11 - Brute Force VPNs
33:17 - Is MFA/2FA Effective?
36:03 - Tycoon 2FA
37:32 - Cyber Paranoia & Self-Care
42:46 - Final Thoughts
43:54 - Outro
firewalls
cisco
talos
cisco talos
pegasus
spyware
hacking
hacker
malware
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
Disclaimer: This video is for educational purposes only.
#ai #iphone #android