Ep8: Microsoft's zero-days and a wormable Windows TCP/IP flaw known to China
August 17th, 2024
1 hr 17 mins 45 secs
Tags
About this Episode
Three Buddy Problem - Episode 8: This week’s show digs into Microsoft’s in-the-wild zero-day woes, Patch Tuesday and the absence of IOCs, a wormable Windows TCP/IP flaw that the Chinese government knew about for months, Iran’s aggressive hacking US election targets, CrowdStrike v Qihoo360 and major problems with APT naming conventions.
Hosts: Costin Raiu (Art of Noh), Juan Andres Guerrero-Saade (SentinelLabs), Ryan Naraine (SecurityWeek)
Episode Links
- Episode 8 Transcript
- Six Windows Zero-Days Being Actively Exploited
- CVE-2024-38063 - Windows Ping of Death
- Wormable TCP/IP flaw known to China — Chinese researcher Xiao Wei of Cyber KunLun said he discovered the vulnerability “several months ago.”
- Google TAG: Iran steps hacking against Israel, U.S.
- Microsoft report on Iran election hacking
- Qihoo claims CrowdStrike bug exploitable
- CrowdStrike root cause analysis
- LABScon - Speakers 2024