{"version":1,"type":"rich","provider_name":"Libsyn","provider_url":"https:\/\/www.libsyn.com","height":300,"width":600,"title":"Breaking in with CrashFix, supply chain security, and CMMC phase 1 - Anna Pham, David Zendzian, Jacob Horne - ESW #449","description":"Interview with Anna Pham Breaking in with ClickFix: Anatomy of a modern endpoint attack Cybersecurity company Huntress just published a report on a new ClickFix variant they\u2019ve discovered, which they\u2019ve dubbed CrashFix. This technique was developed by KongTuke to serve as the primary lure within a new custom malicious browser extension also created by the group. In short, the team observed the threat actors using KongTuke\u2019s malicious browser extension to display a fake security warning, claiming the browser had \u201cstopped abnormally\u201d and prompting users to run a \u201cscan\u201d to remediate the threats. Upon \u201crunning the scan,\u201d the user is presented with a fake \u201cSecurity issues detected\u201d alert and instructed to manually \u201cfix\u201d the issue by opening the Windows Run dialog, pasting from their clipboard, and pressing Enter. The malicious extension silently copies a PowerShell command to the clipboard, disguised as a legitimate repair command. From there, they execute the malicious command. Segment Resources:  BLOG -  Dissecting CrashFix: KongTuke's New Toy  Interview with David Zendzian Continuous compliance and real security lifecycle management Supply chain attacks are not just on the rise; attackers are learning from the past, making these attacks even more effective and dangerous than before. It was just over a month ago when the Shai-Hulud attack first impacted NPM packages, forcing enterprises around the world into lockdown. While only 187 packages were compromised in that initial incident, it served as a wake-up call for many: an accurate inventory of systems is good, but a clear, real-time Software Bill of Materials (SBOM) for applications is non-negotiable. In this world of manifest based infrastructure and container based applications with (real) &quot;devsecops&quot;, the dream of continuous upgrades of OS\/Runtime\/Stack\/App and App Dependencies is very mature and there are solid examples of companies and federal entities managing this at scale without thousands of teams and people. Segment Resources:  BLOG -  Supply Chain Security: How accurate SBOMs can deliver proactive threat mitigation  Interview with Jacob Horne CMMC Phase 1 Enforcement \u2014 What the November 10 Deadline Means for the Defense Supply Chain With the upcoming CMMC Phase 1 enforcement on November 10, cybersecurity teams across the defense and federal supply chain are facing new compliance requirements that directly affect contract eligibility and data-protection standards. Jacob Horne, Chief Cybersecurity Evangelist at Summit 7, can break down what this milestone means for enterprise security leaders, MSPs\/MSSPs, and contractors preparing for audits. Show Notes: https:\/\/securityweekly.com\/esw-449 ","author_name":"Enterprise Security Weekly (Video)","author_url":"https:\/\/securityweekly.com\/esw","html":"<iframe title=\"Libsyn Player\" style=\"border: none\" src=\"\/\/html5-player.libsyn.com\/embed\/episode\/id\/40346070\/height\/300\/theme\/custom\/thumbnail\/yes\/direction\/forward\/render-playlist\/no\/custom-color\/88AA3C\/\" height=\"300\" width=\"600\" scrolling=\"no\"  allowfullscreen webkitallowfullscreen mozallowfullscreen oallowfullscreen msallowfullscreen><\/iframe>","thumbnail_url":"https:\/\/assets.libsyn.com\/secure\/content\/199339925"}