In this episode of “The Daily Decrypt,” host offsetkeyz dives into the latest cybersecurity stories that matter.
- Outlook Vulnerability – We begin with an in-depth look at a significant vulnerability in Microsoft Outlook (CVE-2023-35636), which could allow attackers to access NTLM hashed passwords. Learn about the nature of this phishing attack and how to protect yourself. Read more.
- Raptor Technologies Breach – Discover the details behind the major data breach at Raptor Technologies, affecting educational institutions. We discuss the implications of this breach and its impact on school safety. Read more.
- TrickBot Developer Sentenced – Finally, we cover the sentencing of the TrickBot malware developer, highlighting a rare instance of justice in the cybercrime world. Read more.
Stay informed and understand the complexities of cyber safety with “The Daily Decrypt.” Tune in for concise, engaging, and informative discussions on the ever-evolving world of cybersecurity.
Remember to follow us on Twitter @DailyDecryptPod for regular updates and news snippets!
OffsetKeyz: Good morning, everyone. We now have a Twitter account, so if you haven’t yet, go follow us at Daily Decrypt Pod. This will give you news updates even before they appear on the podcast. As news develops, we’ll keep you informed there. Today, we’re discussing three stories. The first is an Outlook vulnerability, which will seem familiar if you listened to our recent episode about LLMNR. It was released last month and is quite significant. We’ll also talk about a major breach at Raptor Technologies, a security provider for educational institutions like middle schools and high schools. Finally, we’ll briefly cover the sentencing of the main developer of the Trickbot malware to five years in jail. In this podcast, we aim to start with simpler topics for a broader audience and gradually delve into more technical aspects, making it accessible for everyone.
OffsetKeyz: Microsoft’s Patch Tuesday recently disclosed a significant vulnerability in Microsoft Outlook. Discovered by researchers, this vulnerability in Outlook’s calendar sharing function could potentially allow attackers to access NT LAN Manager or NTLM hashed passwords when a user opens a specifically crafted file. The attackers crafted headers to expose an NTLM hash during authentication, which is essentially your password in a hashed form. This type of phishing attack is quite targeted, aiming specifically at Outlook users. The breach’s nature and scale are concerning, given the widespread use of the older NTLM protocol. Microsoft plans to phase it out in Windows 11 for the more secure Kerberos protocol. The takeaway here is to be cautious with links, especially in Outlook. Verify the source and be aware of deceptive practices like substituting characters. Remember, they’re getting the NTLM hash, not the password directly, and this hash needs to be cracked. Using a strong, unique password, preferably generated by a password manager, can significantly mitigate this risk.
OffsetKeyz: Next, we have a major breach at Raptor Technologies. This breach is particularly concerning as it involves educational institutions, which often lack robust security resources. Raptor Technologies, a US-based school safety software provider, experienced a breach that exposed about 4 million records, as reported by Jeremiah Fowler. These records included detailed school incident response plans, layouts, and information on infrastructure challenges like malfunctioning cameras and security gaps. This data leak is a serious concern, as it includes blueprints and security response strategies, potentially opening doors to physical threats. The breach underlines the importance of cybersecurity in the education sector and the risks associated with third-party providers.
OffsetKeyz: Lastly, the developer behind Trickbot has been sentenced to 64 months in prison. This is a rare occurrence in the cybersecurity world due to the anonymity and complexities involved in tracking cybercriminals. The developer was extradited from South Korea, showcasing the importance of international cooperation in tackling cybercrime. Trickbot, a banking Trojan, has been a significant threat, distributed through phishing emails or malicious websites. It stealthily harvests sensitive information and can deploy ransomware. The sentencing of the developer is a positive step in combating cybercrime and serves as a deterrent for similar activities.
OffsetKeyz: That’s all for today. I hope you enjoy the new format. We’re aiming for a balance between simplicity and in-depth discussion. Feel free to leave comments, feedback, or tweet us with your thoughts. Stay tuned for our upcoming bonus episode, where we’ll discuss how to break into cybersecurity, perfect for those seeking a career change or IT professionals wanting to specialize in cybersecurity. Thanks for listening!
Thanks to Jered Jones for providing the music for this episode. Find him on Spotify here: https://open.spotify.com/artist/37xLl4KR8hJ5jBuS8zYjQN?si=W75mgw68SsmCb7Zfu5ESeg