Cybersecurity: Amplified And Intensified artwork

45 - FBI warns FIN7 BadUSB attacks and Yealink calling home

Cybersecurity: Amplified And Intensified

English - January 11, 2022 09:00 - 22 minutes - 20.4 MB - ★★★★★ - 2 ratings
Society & Culture Technology cybersecurity kontinuum amplified intensified cmmc compliance incident response shiva maharaj cybercast ransomware Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: 44 - Bypassing Defender with DumpStack.log and Mimikatz
Next Episode: 46 - Cybersecurity Education At Scale with Dr. Gerald Auger Ph.D.

The FIN7 ransomware group has been sending malware laden BadUSB devices to targets in the United States.

https://therecord.media/fbi-fin7-hackers-target-us-companies-with-badusb-devices-to-install-ransomware/

Yealink phones are communicating with Chinese based servers three times a day and are able to review and log all network traffic flowing through the headset.

https://www.defenseone.com/technology/2022/01/common-office-desk-phone-could-be-leaking-info-chinese-government-report-alleges/360500/



0:00 - Intro


0:38 - Yealink handsets calling home to Chinese servers


4:20 - Mitigating Yealink concerns


8:55 - FIN7 sending LilyGo branded malware laden BadUSB drives to American companies and agencies


12:00 - How to mitigate these two threats


21:36 - Outro


Eric Taylor

https://www.linkedin.com/in/ransomware/

https://twitter.com/barricadecyber

https://www.barricadecyber.com

https://www.buymeacoffee.com/erictaylor


Shiva Maharaj

https://www.linkedin.com/in/shivamaharaj

https://twitter.com/kontinuummsp

https://www.kontinuum.com/

https://www.buymeacoffee.com/shivaemmvaemm 

---

Support this podcast: https://podcasters.spotify.com/pod/show/amplifiedandintensified/support

Twitter Mentions