The PortalFuse Microsoft Intune and Security Report Podcast

🚨 Get ready to dive deep into the shadowy world of cybercrime! 🕷️ In this electrifying episode, we unravel the twisted connection between the notorious ALPHV/BlackCat ransomware gang 🐈‍⬛ and the sneaky Latrodectus malware loader! 💥
 
Did you know these cyber baddies might be working together? Our investigation, drawing straight from the intel, reveals how Latrodectus, a sophisticated piece of malware also known as BlackWidow, could be opening doors for ALPHV/BlackCat to wreak havoc! 🚪
 
We'll explore:
• The lowdown on ALPHV/BlackCat, the ransomware-as-a-service (RaaS) group with ties to infamous predecessors like BlackMatter and REvil. Their Rust-based ransomware is fast, flexible, and tough to detect.
 
• The nitty-gritty of Latrodectus, the malware loader developed by the Lunar Spider group – the same crew behind the IcedID banking trojan! 🕷️ This loader is designed to sneak into systems and drop other malicious payloads.
 
• The shocking link: Evidence suggests that Lunar Spider, the developers of Latrodectus, has connections with ALPHV/BlackCat! Could Latrodectus be the key that unlocks the door for ALPHV/BlackCat's ransomware attacks? Our previous conversation highlighted this collaborative relationship, where LUNAR SPIDER acts as an initial access broker, potentially using Latrodectus to pave the way for ALPHV/BlackCat's ransomware deployments [Our Conversation History].
 
Tune in to uncover the intricate web connecting these cyber threats and learn why understanding their relationship is crucial for staying safe in the digital landscape!
 
🎧 Don't miss out on this thrilling cybersecurity exposé! 🔥
 
Also, see our briefing document over here: https://portalfuse.io/blog/detailed-briefing-document-alphv-blackcat-latrodectus-and-associated-threat-actors

🌱💻 Spring into Cybersecurity: Critical Edge Updates & USB Printer Glitches! 🎧🔒
As we shake off the winter blues and dive into the fresh energy of spring 🌸, it's time to refresh not just our surroundings but also our digital defenses! 🚀 This week, we’re tackling urgent Microsoft Edge security updates 🛡️ and a pesky USB printer issue that’s causing some chaotic printouts. 🖨️💥
🔹 Microsoft Edge Alert! 🚨A fresh security update is here! Microsoft Edge v134.0.3124.62 patches multiple vulnerabilities, including:⚠️ Out-of-Bounds Write (CVE-2025-24201) – Actively exploited! 🛑⚠️ Type Confusion Bugs (CVE-2025-2135, CVE-2025-1920) – Risk of arbitrary code execution! 🏴‍☠️⚠️ Use After Free (CVE-2025-2136) – A dangerous Inspector component flaw! 🔎
📢 Update ASAP! Delaying puts your system at risk! 🚀
🖨️ USB Printer Chaos! 🤯Ever seen your printer spew out random gibberish, starting with "POST /ipp/print HTTP/1.1"? Yeah, it’s a thing now! 🙄💀 After the latest Windows update, dual-mode USB printers are misbehaving. Microsoft has issued a Known Issue Rollback (KIR) to ease the pain, but IT admins, keep an eye out for a permanent fix coming soon! 🔄
🎧 Stay Secure on the Go! 🚀Tap into our weekly security podcast for expert analysis and the latest Microsoft security updates! 🎙️💡 Plus, join the conversation on r/PortalFuse to chat with fellow IT pros and security enthusiasts.
🔗 Full PortalFuse Weekly Report → PortalFuse Weekly Security Update Report - (Windows and Edge Edition)
💡 Stay updated, stay secure, and keep your tech in check! 🔐✨#MSIntune #Windows11 #WUfB

📢 Get ready, IT aficionados! 💻⚙️ Welcome back to the podcast, where we delve into the future of device management. Today, we're taking a sneak peek into the crystal ball 🔮, specifically at the exciting updates coming to Microsoft Intune in March 2025.
We've got two major announcements that are going to make your lives easier and your device fleet more secure. First up, for all you managing modern Windows devices, especially those sleek ARM64 machines 📱, get ready! Endpoint Privilege Management (EPM) is expanding its horizons to support ARM 64-bit architectures. That means you'll soon be able to manage file elevations on even more of your devices, building upon the existing compatibility with 64-bit operating systems. This is a big win for broader EPM adoption!
But wait, there's more! 🤖 We're also seeing the dawn of a new era in device querying with the introduction of the Copilot assistant for device query. Imagine being able to ask plain English questions 🤔 and having Copilot generate those complex Kusto Query Language (KQL) queries for you to retrieve data from single or multiple devices! Whether you want to know which devices haven't been encrypted or see the top memory-hogging processes on a specific machine, Copilot is here to help. You can even see how Copilot generated the query, offering a fantastic learning opportunity!
So, buckle up! 🚀 We're about to dive deeper into these game-changing features outlined in the "Intune: March 2025 Feature Briefing - EPM & Copilot" and the "What is new in intune for the Week of March 17, 2025". Get ready to enhance your understanding of Intune's future and how these updates, expected around the week of March 17, 2025, will revolutionize your Windows device management experience.
#MSIntune #Windows11

🚨 New cyber threat alert! 🚨
Dive into the murky world of StilachiRAT, a novel and sophisticated Remote Access Trojan (RAT) uncovered by Microsoft researchers 🕵️‍♂️. This isn't your run-of-the-mill malware; StilachiRAT has its sights set on your digital wallets 💰 and personal data 💾.
In this episode, we unpack the inner workings of this stealthy RAT, exploring its arsenal of techniques:
• System reconnaissance: Learn how StilachiRAT meticulously profiles infected systems, gathering everything from OS details to camera presence 📸.• Cryptocurrency theft: Discover its laser focus on 20 different cryptocurrency wallet extensions for Chrome, including MetaMask and Trust Wallet 🦊, and how it sniffs out those precious crypto keys from your clipboard and files 🔑.• Credential theft: Find out how it swipes your saved browser passwords 🤫.• Persistence mechanisms: We'll reveal how StilachiRAT digs in its heels, using sneaky methods to ensure it stays on your system, even if you try to remove it ⏳.• Evasion tactics: Uncover the anti-forensic tricks this RAT uses to hide from security software and analysts, including clearing event logs and obfuscating its code 👻.• Command and Control (C2): Understand how it communicates with its masters using common ports, even delaying its initial contact to avoid detection 📞.While not yet widespread, StilachiRAT's advanced capabilities make it a significant threat, especially for cryptocurrency users. We'll also discuss mitigation strategies recommended by Microsoft to help you protect yourself.
 
Briefing Document: StilachiRAT Malware Analysis | Blog | PortalFuse
 
Stay informed, stay safe! 🛡️ #cybersecurity #malware #crypto #StilachiRAT

In this episode, we dive deep into the March 2025 Patch Tuesday updates, covering critical security vulnerabilities in Windows and Microsoft Edge. From remote code execution (RCE) threats to elevation of privilege (EoP) exploits, these updates are essential for IT admins, security professionals, and system administrators to keep their environments protected.
🚀 Key Topics Covered: ✅ RCE vulnerabilities allowing external attackers to take control✅ EoP flaws that can grant unauthorized system-level access✅ Denial of Service (DoS), Spoofing, and Information Disclosure risks✅ Microsoft Edge Chromium-based security patches✅ Essential security updates and mitigation strategies
🛑 Don't leave your systems vulnerable! Stay ahead of cyber threats by applying these patches ASAP.
🎧 Tune in now to get the full breakdown and expert analysis! 🔊💻 #CyberSecurity #WUfB

💡 New Update Substate in Feature Updates Report!🔹 A new "Not supported" substate has been added! 🆕 This helps admins identify devices with Active Directory issues that might block updates.
📖 Where to Learn More?🔗 Microsoft Learn has a deep dive into Windows Update for Business reports and how to configure them in Intune! 📚
📊 Understanding Data Sources for Windows Update for Business Reports🔹 Service-based Data ⚡ – Collected automatically from Windows Update, appearing in less than an hour.🔹 Client-based Data 🔄 – Requires configuration in Intune and refreshes every 8 hours.
⏳ How Fast is Data Available?⏱️ Service-based Data – Instant updates on registration issues & update status.⏱️ Client-based Data – Tracks feature update progress, including disk space issues.
⚙️ Do You Need to Enable These?✅ Service-based Data – No action needed! 📡 It’s automatic.✅ Client-based Data – Needs Intune policies set up to send device data.
🛠️ What’s in Client-based Data?🔍 Tracks update progress, installation steps, and issues like disk space problems! Perfect for troubleshooting.
🎧 Stay ahead with the latest Intune updates! 🚀 Subscribe now to keep your devices up to date! 🔗🔊

🚀 Intune Update Bonanza: Exciting New Features Unveiled for February 24, 2025 🎉
Welcome to this week's episode where we dive into the latest updates in Microsoft Intune! 🎧✨ Get ready for a comprehensive overview of the exciting new features, including:
🍏 Improvements for managing Apple devices📱 Groundbreaking QR code authentication for Managed Home Screen on Android🤖 Granular control over Windows AI settings that prioritize data privacy 🔐
🔍 Stay tuned as we explore the enhanced security measures, such as:🛡️ New settings for Microsoft Defender device control on Windows🔗 Anticipated update to the Intune connector for Active Directory
These updates aim to balance user control, security, and convenience ⚖️, helping IT admins stay ahead in the ever-evolving tech landscape. 🌍💡
Resources:Frequently Asked Questions about Microsoft Intune Updates (Week of February 24, 2025) | Blog | PortalFuse

Welcome, IT pros and system admins! 🚀 In this episode, we dive deep into the latest Windows and Microsoft Edge security updates, ensuring you stay ahead of emerging threats. 🛡️
🔹 Microsoft Edge Vulnerabilities 🌐⚠️
CVE-2025-21401 – Security Bypass 🛑
CVE-2025-1426 – Use After Free 🖧
CVE-2025-1006 – Heap Buffer Overflow in GPU 🎮
CVE-2025-0999 – Heap Buffer Overflow in V8 🧠
📌 Windows 10 & 11 Updates 🏆
KB5052077 (Windows 10) – Performance & reliability boosts 🚀
KB5053143 (Windows 11) – Recovery environment improvements 🛠️
KB5052094 (Windows 11) – Taskbar, Spotlight, and accessibility fixes 🎨
⚠️ Known Issues & Workarounds 🛑
Citrix compatibility issue 🖥️
System Guard Runtime Monitor Broker error 📝
🔑 Stay updated, secure your systems, and optimize performance! Subscribe now for weekly insights! 🎧✅
#Windows11 #Intune #WUfB 🚀

Welcome to this week’s episode of the PortalFuse Deep Dive, where we’re diving into a game-changer for Windows updates: Windows Hotpatching! 🎉
👉 Tired of Reboots? We’ve got the solution! Microsoft’s Hotpatching lets you install critical security updates without restarting your system! No more downtime, no more interruptions—just smooth, seamless patching! 💡💻
🔎 What’s in this episode?✅ How Hotpatching works (magic? Almost! 🪄)✅ Why it’s a big deal for IT admins & enterprises 🏢🔧✅ How it saves time, improves security, and boosts uptime 🚀
🌟 The Future of Windows Updates is Here! 🌟We explore how Hotpatching is shaping the future of Windows 11 management and speculate what’s next for Windows servicing!
🎧 Tune in now and stay ahead of the curve in IT! Let’s talk tech without the reboot headache! 😎⚡
#Windows11 #Hotpatch #Intune #WUfB 🎤🎬

In this episode of the PortalFuse Security Podcast, we dive into the latest security developments from our February 18, 2025, Weekly Security Report 📰. Stay ahead of the curve as we break down the most critical threats, vulnerabilities, and security updates affecting Windows, Microsoft Edge, and enterprise environments 🏢💻.
 
🔎 Key Topics This Week:🚨 Windows Kernel Vulnerabilities – How newly discovered flaws could be exploited and what you can do to stay protected.🛡️ Zero-Day Exploits in Edge Chromium – Attackers are actively targeting this browser—find out how to safeguard your organization.⚙️ Microsoft’s Latest Security Patches – A deep dive into the latest updates and how they mitigate recent threats.🚀 Emerging Cyber Threats & Attack Trends – Understanding the evolving tactics of cybercriminals and how to counter them.
We’ll also share real-world insights 🌍 on how these vulnerabilities impact businesses and provide actionable security recommendations 🔑 to help IT professionals, security teams, and organizations strengthen their defenses 🏰.
Whether you're an IT admin, a security analyst, or just passionate about cybersecurity, this episode is packed with critical information to keep you one step ahead of cyber threats! 🏆
🎧 Tune in now and stay secure! 🔗💙