Video Episode: https://youtu.be/eXP0jiOQjFc

In today’s episode, we explore the alarming rise of phishing campaigns exploiting Webflow to harvest sensitive login credentials from crypto wallets like Coinbase and MetaMask, alongside vulnerabilities in SonicWall VPNs linked to ransomware attacks. We also discuss a new technique allowing attackers to bypass Windows’ security features for kernel rootkits and a critical CVE affecting Cisco VPN services that can lead to denial-of-service attacks. Tune in for insights on how these attack methods are shaping the cybersecurity landscape and the challenges they present to organizations globally.

References: 1. https://thehackernews.com/2024/10/cybercriminals-use-webflow-to-deceive.html 2. https://www.bleepingcomputer.com/news/security/new-windows-driver-signature-bypass-allows-kernel-rootkit-installs/ 3. https://www.bleepingcomputer.com/news/security/fog-ransomware-targets-sonicwall-vpns-to-breach-corporate-networks/ 4. https://www.cybersecuritydive.com/news/cisco-exploited-cve-vpn/731216/

Timestamps

00:00 – Introduction

01:03 – Webflow Phishing

02:06 – Windows Downgrade Updates

03:29 – VPN Vulnerabilities

1. What are today’s top cybersecurity news stories? 2. How are cybercriminals using Webflow for phishing attacks? 3. What is the new Windows Driver Signature bypass vulnerability? 4. How did Fog ransomware exploit SonicWall VPNs? 5. What is the CVE-2024-20481 vulnerability affecting Cisco VPNs? 6. Why have phishing attacks on crypto wallets increased recently? 7. What are the implications of the Windows Update takeover vulnerability? 8. How do ransomware operators breach corporate networks through VPNs? 9. What security measures can organizations take against VPN-related attacks? 10. What trends are emerging in cyberattacks against financial services?

Webflow, phishing, credentials, scams, Windows Update, rootkits, vulnerabilities, Driver Signature Enforcement, Fog, Akira, SonicWall, ransomware, Cisco, VPN, vulnerability, denial of service,