#55 - Intel Chat: XWorm, SugarCRM zero-day, Statc Stealer, Background Task Manager fail, Seaspy & Whirlpool
The Cybersecurity Defenders Podcast - A podcast by LimaCharlie
In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel. A new injector written in Rust is used to inject shellcode and introduce XWorm into a victim’s environment.Multiple cases where the SugarCRM was the initial attack vector and allowed threat actors to gain access to AWS accounts.Statc Stealer is a sophisticated malware that infects devices powered by Windows, gains access to computer systems and steals sensitive information.Patrick Wardle's research says that macOS's Background Task Manager can be easily bypassed and that Apple failed to act on his recommendations to fix it.CISA are reporting on the Seaspy and Whirlpool backdoors after obtaining malware samples from a compromised device.The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.