Weekly: TeamCity and Supply Chain Risk, BEC Detections, Midnight Blizzard
In this episode of ShadowTalk, host Chris, along with Corey and Caroline, discuss the latest news in cyber security and threat research. Topics this week include:TeamCity Server critical vulnerability leaves potential for supply chain riskReliaQuest research into advanced business email compromise (BEC) detectionsMicrosoft compromised by Midnight Blizzard password spraying attackResources: https://www.rapid7.com/blog/post/2024/03/04/etr-cve-2024-27198-and-cve-2024-27199-jetbrains-teamcity-multiple-authentication-bypass-vulnerabilities-fixed/ https://blog.jetbrains.com/teamcity/2024/03/our-approach-addressing-recently-discovered-vulnerabilities-in-teamcity-on-premises/ https://blog.jetbrains.com/teamcity/2024/03/preventing-exploits-jetbrains-ethical-approach-to-vulnerability-disclosure/ https://www.reliaquest.com/blog/business-email-compromise-detection/