Exploit Pulse

This episode covers the critical CVE-2024-8963 vulnerability found in Ivanti Cloud Service Appliance (CSA) that has been actively exploited in recent cyberattacks. With a CVSS score of 9.4, this vulnerability allows unauthorized attackers to execute arbitrary commands on the affected appliance. We’ll discuss how the issue was "accidentally resolved" in recent patches, the risks posed to affected users, and the warning issued by Ivanti and the U.S. Cybersecurity and Infrastructure Security Agency (CISA). Tune in to learn more about the urgency of updating to CSA version 5.0 and how organizations can mitigate the threat before the October 2024 deadline.

In this episode, we dive into a real-world case of a phishing attack that exploited GitHub's email notification system. We'll explore how a malicious user sent a deceptive email from GitHub’s legitimate address, tricking recipients into visiting a phishing site to gain unauthorized access to their repositories. The episode covers key elements of the attack, how it was detected, and steps taken to report the issue to GitHub. Additionally, we’ll share tips on how to safeguard your account from similar threats 🚨 and how the community can stay vigilant against these evolving tactics.

In this episode, we dive deep into the world of AI and how it’s transforming cybersecurity. From spotting threats at lightning speed to adaptive defenses against cyberattacks, AI is reshaping the digital landscape. But with this power comes challenges—privacy concerns, ethical usage, and the race to stay ahead of cybercriminals. We explore how AI is more than just a tool; it’s proactive, continuously learning, and evolving to keep us safe online. Join us as we unpack the double-edged sword of AI in security, discuss the future of passwords, and ask the big questions about privacy, trust, and responsibility. Tune in for an engaging discussion on the tech that’s safeguarding our digital lives—and how we can ensure it’s used for good. 💡 Stay curious, stay safe!