Weekly: BYOVD Report, Log4Shell Two Years Later, ALPHV Site Outage, Delaying SEC Disclosures
In this episode of ShadowTalk, host Corey Carter, along with ReliaQuest CISO Rick Holland and Gjergji Paco, discuss the latest news in cyber security and threat research. Topics this week include:
- An overview of a ReliaQuest report on a sophisticated incident involving a technique known as Bring Your Own Vulnerable Driver (BYOVD).
- ALPHV ransomware site outage rumored to be caused by law enforcement.
- Apps vulnerable to Log4Shell still being exploited by Advanced Persistence Threats.
- FBI releases policy notice that informs cyber victims how they can request to delay public disclosures to the Securities and Exchange Commission.
Resources:
- https://www.sonatype.com/resources/log4j-vulnerability-resource-center
- https://blog.talosintelligence.com/lazarus_new_rats_dlang_and_telegram/
- https://www.reliaquest.com/blog/alphv-ransomware-site-outage/
- https://www.fbi.gov/file-repository/fbi-policy-notice-120623.pdf/view
- https://www.kovrr.com/blog-post/cybersecurity-legal-and-financial-experts-share-their-reactions-to-the-secs-latest-cyber-disclosure-regulations
Activity