Video Episode: https://youtu.be/otdn468NX9Y In today's episode, we explore the alarming implications of a rogue WHOIS server exploited by Benjamin Harris, the CEO of watchTowr, enabling him to generate counterfeit HTTPS certificates and potentially manipulate thousands of servers. We also discuss new malicious tactics employed by the Lazarus Group, including fake coding tests for software developers to disseminate malware, and Microsoft's recent patch release addressing 79 vulnerabilities, including three actively exploited flaws. Additionally, we touch on Ivanti's urgent updates for critical vulnerabilities in its Endpoint Manager software. 00:00 - Intro 01:07 - Ivanti Vulnerability 02:30 - Microsoft Patch Tuesday 04:00 - Lazarus Fake Code Challenges 07:00 - Researcher Exposes WHOIS Server Vulnerabilities Articles referenced in this episode: https://arstechnica.com/security/2024/09/rogue-whois-server-gives-researcher-superpowers-no-one-should-ever-have/ https://thehackernews.com/2024/09/developers-beware-lazarus-group-uses.html https://thehackernews.com/2024/09/microsoft-issues-patches-for-79-flaws.html https://thehackernews.com/2024/09/ivanti-releases-urgent-security-updates.html Sign up for digestible cyber news delivered to your inbox: https://news.thedailydecrypt.com Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/ Logo Design by https://www.zackgraber.com/ Tags: Benjamin Harris, WHOIS server, HTTPS certificates, vulnerabilities, Lazarus Group, Malware, VMConnect, Cybersecurity, Microsoft, Endpoint Manager, remote code execution Search Phrases: What are today's top cybersecurity news stories?, Benjamin Harris WHOIS server exploit, fake HTTPS certificates tracking, vulnerabilities in internet security, Lazarus Group malware campaign, VMConnect software developer scams, Microsoft security patch urgency, critical vulnerabilities in Windows, Ivanti Endpoint Manager updates, remote code execution risks