ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "Security Briefing: Kaiser Data Breach, Criminals Exploit CrushFTP Vuln, Brokewell Malware Takes Over Android Devices"
Episode Synopsis
May 1st, 2024 Security Briefing with IANS Faculty Wolfgang Goerlich and Jessica Hebenstreit
Kaiser Notifies Millions of Data Breach - 13.4 insured people and patients will be receiving breach notices that their protected health information may have been compromised - considered the largest health-related data breach of 2024 to date.
Criminals Exploit CrushFTP Vulnerability - Adversaries are exploiting a vulnerability in CrushFTP to gain remote code execution (RCE). The vulnerability (CVE-2024-4040) combines server-side template injection with a virtual file system sandbox escape to allow attackers to read and execute files as root on Linux systems hosting CrushFTP.
Brokewell Malware Takes Over Android Devices - Discovered and documented by researchers at ThreatFabric, Brokewell is malware running on Android phones and devices.
With IANS Research, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams.
Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.
Kaiser Notifies Millions of Data Breach - 13.4 insured people and patients will be receiving breach notices that their protected health information may have been compromised - considered the largest health-related data breach of 2024 to date.
Criminals Exploit CrushFTP Vulnerability - Adversaries are exploiting a vulnerability in CrushFTP to gain remote code execution (RCE). The vulnerability (CVE-2024-4040) combines server-side template injection with a virtual file system sandbox escape to allow attackers to read and execute files as root on Linux systems hosting CrushFTP.
Brokewell Malware Takes Over Android Devices - Discovered and documented by researchers at ThreatFabric, Brokewell is malware running on Android phones and devices.
With IANS Research, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams.
Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.
More episodes of the podcast IANS Cyber Intel
Security Briefing: Exchange Vulns, SonicWall Zero Day That Wasn’t, GitHub to Join MSFT’s CoreAI
13/08/2025
Security Briefing: Mobile Provider Leaks Location Data, ConnectWise Breach, Red Canary Acquired
04/06/2025
Security Briefing: EU Souring on US Cloud Providers, CISA Cuts, Supply Chain Cautionary Tale
09/04/2025
The State of the CISO in 2025
17/02/2025
In God we trust