Threatwire Episode Summary

The video discusses recent cybersecurity developments, including a major takedown of popular DDoS websites by Europol, significant CVEs (Common Vulnerabilities and Exposures) affecting Microsoft and AMD chips, and the host’s upcoming move affecting the show’s schedule.

Key Points

• Europol, in collaboration with global cybersecurity agencies, has taken down 27 popular DDoS websites, arresting three operators and identifying 300 service users.
• The operation, dubbed “Operation Power Off,” targets services that facilitate DDoS attacks, which peak during the festive season.
• Public advertisements will be released to deter DDoS for hire services on platforms like Google and YouTube.
• Microsoft patched a critical CVE (CVE-2024-49112) with a CVSS score of 9.8, affecting the Windows LDAP, which can lead to remote code execution.
• A new attack bypassing AMD’s memory protections was discovered, involving physical access to devices and a low-cost setup with a Raspberry Pi.
• This attack exploits the secure nested paging feature of AMD chips and has been assigned CVE-2024-21944 with a CVSS score of 5.3.
• The host is moving to a new space for content creation, potentially impacting the next episode’s schedule and is looking for community suggestions for year-end content.