Malicious OAuth apps are coming for your Exchange admins! Oh noes! Also, Powerpoint gets in the malware delivery game and it turns out that hackers are not considering the efficiency of spinning up AWS boxes to run cryptominers. Not very considerate of them. David has a particularly nasty twist on the Powerpoint one.
Article 1 - Exchange servers abused for spam through malicious OAuth applications
Supporting Article:
OAuth app policies
Article 2 - Hackers Using PowerPoint Mouseover Trick to Infect Systems with Malware
Article 3 - Cryptominers hijack $53 worth of system resources to earn $1
Supporting Article:
Configure Amazon EC2 Dedicated Hosts
If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!
In this episode, we discuss Active Defense! What is it, how do you do it, and what should you pay for. Supporting Links:What is...
The Interplanetary File System serving malware from the stars! Also included are some bonus discussions around automatically exfiltrating information from your own organization using...
This week we discuss eSIM Stealing (not swapping!), the EPA attempting to secure water systems again, and the coming, future Maximum Overdrive like Apocalypse...
