Episode 35

full
Published on:

16th Mar 2021

35: Exchange Hack: We don’t need no attribution

We haf to talk about HAFNIUM.

You can't have missed the news of the Exchange Server hack that's been running the InfoSec world in circles for the past few weeks. Of course we had to get the crew together to go through all things Exchange!

From attribution and exploitation to... deception? We dip our toes in some tasty conspiracy theories (because who doesn't love a good conspiracy theory?!) and take a dive into the tech behind it all to see how this incident went from small fry to 'holy sh*t it's everywhere!'.

***

https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/

https://www.zdnet.com/article/microsoft-exchange-zero-day-vulnerabilities-exploited-in-attacks-against-us-local-govts-university/

Show artwork for Cyber Humanity

About the Podcast

Cyber Humanity
The podcast taking cybersecurity personally
There's a lot of cool techy stuff going down in cybersecurity, and we love it. But you can't deny that a lot of the time we humans get forgotten. Our podcast takes a not-so-serious look at issues in security from a human point of view. Covering social engineering to hacker motivations and everything in between, we chat through security stories and themes and what they mean to us: the oft-neglected humans behind the screen. Apart from Kev, Kev is a cyborg.

These weekly podcasts come in two main flavors. We’re either ranting about themes close to the heart of us security types, or we’re discussing threats and vulnerabilities that have hit headlines – or slipped under the radar – in recent weeks.

Join Chris Pace (tech advocate and keeper of the coloring pencils), Kev Breen (pro blue teamer, also known as 'Mr Nothing to CVE here...'), Max Vetter (former dark web detective and pretty cool guy), and Paul Bentham (ex-gov. type and Immersive Labs product guru) as they wend their way through the murky world of Cyber Humanity.