CyberTalk: The Security Update

Welcome to a video series intended to raise awareness of cybersecurity issues beyond what is simply in the latest newsfeed.

In this series, Robin Johns and Bill Carter discuss the top Security items that every cyber team needs to know to help keep them aware of what is happening in the wider security space, and more importantly, how Cato helps keep you protected.

In today's episode, we discuss the following topics:

1. Impacket - All your Bases!
   • The impacket tool was used by APTs to target the US Defense Industrial Base sector. The initial vector was unknown, but how do you identify reconnaissance and exfiltration in your organisation?
2. PLCs - Patching is Logical
   
   • A critical vulnerability with a 9.3 CVSS score was found in the Siemens SIMATIC programmable logic controllers (PLCs) and the controlling portal, allowing the theft of cryptographic keys. What are you doing to prevent your IoT from being hacked?
3. Alchimist - Turning Vulnerabilities into Gold
   
   • A previously undocumented C2 framework is being used to target Windows, macOS, and Linux machines; with the Alchimist toolset granting anybody that can point/click the ability to create a botnet. Are you vulnerable?
4. Mirai - Another Word
   
   • In episode 1, we shared that we saw Mirai as a top-10 intercept at Cato Networks in the wild. Since then, Mirai has been used to orchestrate a 2.5Tbps DDoS attack on the Wynncraft Minecraft server. How could this have been prevented, and what's the impact?

Watch it here: