Episode Summary: This episode covers brute-force attacks on the password reset functionality of Hikvision devices, a macOS SIP bypass vulnerability, Linux rootkit malware, and a novel ransomware campaign targeting AWS S3 buckets. Topics Covered: Hikvision Password Reset Brute Forcing URL: https://isc.sans.edu/diary/Hikvision%20Password%20Reset%20Brute%20Forcing/31586 Hikvision devices are being targeted using old brute-force attacks exploiting predictable password reset codes. Analyzing CVE-2024-44243: A macOS System Integrity Protection Bypass URL: https://www.microsoft.com/en-us/security/blog/2025/01/13/analyzing-cve-2024-44243-a-macos-system-integrity-protection-bypass-through-kernel-extensions/ Microsoft details a macOS vulnerability allowing attackers to bypass SIP using kernel extensions. Rootkit Malware Controls Linux Systems Remotely URL: https://cybersecuritynews.com/rootkit-malware-controls-linux-systems-remotely/ A sophisticated rootkit targeting Linux systems uses zero-day vulnerabilities for remote control. Abusing AWS Native Services: Ransomware Encrypting S3 Buckets with SSE-C URL: https://www.halcyon.ai/blog/abusing-aws-native-services-ransomware-encrypting-s3-buckets-with-sse-c Attackers are using AWS s SSE-C encryption to lock S3 buckets during ransomware campaigns. We cover how the attack works and how to protect your AWS environment.

Ver todos los episodios