About this episode
Team Ambush members Oscar, Eric, and Pinky are back with another session of the Hackle Box—a series where they break down new and noteworthy breaches, vulnerabilities, exploits, and more over the last month.This month's topics:Microsoft going “passwordless”https://arstechnica.com/gadgets/2021/09/starting-today-you-can-remove-your-password-from-your-microsoft-account/OMIGOD—an exploitable hole in Microsoft open-source codehttps://nakedsecurity.sophos.com/2021/09/16/omigod-an-exploitable-hole-in-microsoft-open-source-code/New Azure Active Directory password brute-forcing flaw has no fixhttps://arstechnica.com/information-technology/2021/09/new-azure-active-directory-password-brute-forcing-flaw-has-no-fix/?amp=1Does your organization have a Security.txt file?https://krebsonsecurity.com/2021/09/does-your-organization-have-a-security-txt-file/CISA releases tool to help orgs fend off insider threat riskshttps://www.bleepingcomputer.com/news/security/cisa-releases-tool-to-help-orgs-fend-off-insider-threat-risks/?utm_content=182136940&utm_medium=social&utm_source=twitter&hss_channel=tw-71605818The REBOL Yell—novel exploit using REBOL for command-and-controlhttps://frsecure.com/blog/the-rebol-yell-new-rebol-exploit/Teasing Project HyphaeAs always, the session ends with the Hacker Tip of the Month from Eric and the Phishing Report with Pinky.Give this session a watch or listen, and feel free to send any comments, questions, or topic suggestions to hacklebox@frsecure.com.And please like and subscribe!
