PP096: Taking Note of a Notepad++ Attack; Telnet and NTLM Are Still a Thing?

• PP096: Taking Note of a Notepad++ Attack; Telnet and NTLM Are Still a Thing? • Podcast:Download(47.0MB) |Embed Jennifer (JJ)Minella DrewConry-Murray Everything old is new again in today’s Packet Protector news roundup, as a decade-old Telnet exploit resurfaces, and Microsoft unfolds its roadmap to phase out the ancient NTLM protocol. • In other news, Google takes down a sprawling residential proxy network, the popular Notepad++ app takes steps to recover from a serious compromise, and a Polish government agency shares lessons learned from a cyberattack against energy and manufacturing infrastructure. • Voice-based phishing (or vishing) attacks are targeting holders of Okta, Google, and Microsoft credentials, the Open Claw AI agent raises alarm bells among security researchers, and Moltbook vibe codes a gaping data leak. • Researchers warn of shadow AI running amok on corporate networks, threat researchers warn of a large-scale phishing campaign against government agencies in 37 countries, and the EU drafts a proposal to ban Chinese-made equipment from sensitive sectors. • Drew and JJ are skeptical of a survey that finds consumers will avoid a retailer after a breach, and Google Gemini is found to leak calendar data.

Article Summaries:

• Packet Protector’s latest roundup highlights a mix of legacy and emerging cyber‑threats. A decade‑old Telnet vulnerability has resurfaced, prompting renewed scrutiny of outdated protocols. Microsoft announced plans to disable NTLM by default in future Windows releases, signaling a move away from the ancient authentication scheme. Google dismantled a large residential proxy network, while the Notepad++ editor reported a state‑linked compromise and is rolling out fixes. Polish CERT detailed coordinated attacks on energy and manufacturing sites, and EU officials are drafting a ban on Chinese equipment in sensitive sectors. Additional alerts include voice‑phishing campaigns targeting Okta, Google, and Microsoft accounts, and concerns over AI‑driven “shadow” tools such as OpenClaw and Moltbook.

Sources:

• https://packetpushers.net/podcasts/packet-protector/pp096-taking-note-of-a-notepad-attack-telnet-and-ntlm-are-still-a-thing/