Windows 11 BitLocker Zero-Day, TeamPCP Malware Leak, Iran Gas Station Hacks | Cybersecurity Today
5/20/202613 min
A serious new Windows 11 BitLocker vulnerability, open-sourced offensive malware tools, a suspected Iranian cyber campaign targeting U.S. fuel infrastructure, and malware that appears designed to interfere with nuclear weapons simulation systems.
Cybersecurity Today would like to thank Material Security for sponsoring this podcast. Material Security provides faster, more complete detection and response for email, identity, and data threats inside Google Workspace and Microsoft 365. You can contact them at material[dot]security.
David Shipley breaks down four major cybersecurity stories on Cybersecurity Today. First, a newly disclosed zero-day dubbed YellowKey reportedly defeats default Windows 11 BitLocker protection on systems using TPM-only encryption, giving attackers with physical access a path to unencrypted data through the Windows Recovery Environment. Microsoft is investigating, while security experts are urging stronger BitLocker configurations.
The episode also examines the TeamPCP threat group's decision to release offensive tooling publicly, dramatically lowering the barrier for copycat supply-chain attacks. Researchers have already spotted malicious NPM packages borrowing similar techniques, including persistence mechanisms aimed at developer environments such as Visual Studio Code and Claude Code.
David also looks at disturbing analysis of the FAST16 malware, which researchers believe was engineered to tamper with nuclear weapons simulation software including LS-DYNA and AutoDyn. And finally, U.S. officials reportedly suspect Iranian actors in cyberattacks targeting internet-exposed gas station automatic tank gauge systems, a reminder that weak operational technology security can quickly become a real-world infrastructure problem.
00:00 Sponsor Message
00:24 Headlines Overview
00:50 BitLocker Zero Day
03:32 TeamPCP Tools Leak
06:13 Copycat NPM Malware
06:50 Fast16 Nuclear Sabotage
08:37 Iran Gas Station Hacks
10:28 Hardening Critical Infrastructure
11:16 Wrap Up And Events
11:59 Sponsor Deep Dive
#Cybersecurity #Windows11 #BitLocker #ZeroDay #TeamPCP #IranCyberAttack #SupplyChainAttack #CriticalInfrastructure #CyberSecurityToday
Transcript preview
First 90 secondsSpeaker 00:00
Cybersecurity Today would like to thank Material Security for sponsoring this podcast. Material Security provides faster, more complete detection and response for email, identity, and data threats inside Google Workspace and Microsoft 365. You can contact them at material.security.
David Shipley· Host0:23
A zero day defeats default Windows 11 BitLocker encryption. TeamPCP open sources its malware tools. Fast-16 malware designed to sabotage nuclear explosion experiments. And Iran suspected in US gas station hacks. This is Cybersecurity Today, and I'm your host, David Shipley. Let's get started. A new zero day exploit completely defeats default BitLocker encryption on Windows 11, giving anyone with physical access to the device full access to the encrypted drive in seconds. According to Ars Technica, the exploit is called YellowKey. It was published last week by a researcher using the alias Nightmare Eclipse. Multiple independent security researchers, including Kevin Beaumont and Will Dormann at Taros Labs, have confirmed it works. Here's what the attack looks like. You plug in a USB drive containing a specially crafted folder