Weekly: Defense Evasion via Virtualization, LockBit target TSMC, CISA Identify New Exploited Vulnerabilities

Summary: In this episode of ShadowTalk, host Chris Morgan, along with Corey Carter, Jonny Elrod, Gjergji Paco, and one of ReliaQuests CISO's Rick Holland, discuss the latest news in cyber security and threat research. Topics this week include:

• Threat actors obfuscating activity through virtualization
• LockBit claim to have impacted Taiwanese semiconductor giant TSMC
• CISA identify new exploited vulnerabilities
• New critical vulnerability impacting Fortinet, FortiOS and FortiProxy SSL-VPN appliances

Resources:

• https://www.reliaquest.com/blog/virtual-machines-defense-evasion/
• https://www.bleepingcomputer.com/news/security/cisa-orders-govt-agencies-to-patch-bugs-exploited-by-russian-hackers/
• https://thehackernews.com/2023/07/alert-330000-fortigate-firewalls-still.html
• https://www.scmagazine.com/brief/ransomware/tsmc-discloses-data-breach-from-lockbit-claimed-attack-against-third-party