This week, Adobe database exposes 7.5 million Creative Cloud users, PHP team fixes nasty site-owning remote execution bug, Trend Micro's antivirus tools will run malware if the filename is cmd.exe, and how the country of Georgia was hit by a massive cyber attack! In the expert commentary, we welcome Jason Wood, to discuss how Fancy Bear targets Sporting and Anti-Doping Orgs as the 2020 Olympics Loom!
Show Notes: https://wiki.securityweekly.com/HNNEpisode239
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, researchers turn Alexa and Google Home into credential thieves, Microsoft aims to block firmware attacks with new secured-core PCs, the popular VPN service NordVPN confirms data center breach, a 4-year-old critical Linux Wi-Fi bug allows system compromise, and US nuclear weapons command finally ditches 8-inch floppies! In the expert commentary, we welcome Jason Wood, to discuss the Evolution of False Flag Operations!
Show Notes: https://wiki.securityweekly.com/HNNEpisode238
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Signal App rushes to patch serious eavesdropping vulnerability, Wi-Fi signal let researchers ID people through walls from their gait, the FBI warns about attacks that bypass MFA, Vulnerable Twitter API leaves tens of thousands of iOS apps open to attacks, and D-Link home routers open to remote takeover will remain unpatched! In the expert commentary, we welcome Justin Elze from TrustedSec, to talk about Red Teaming and Adversary Emulation!
Show Notes: https://wiki.securityweekly.com/HNNEpisode237
To learn more about TrustedSec, visit: https://trustedsec.com/securityweekly
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, 335 Million Malicious apps were installed on Google Play in September, a new bug found in NSAs Ghidra tool, a Medical Practice closed permanently after a Ransomware attack, researchers find a new hack to read content of password-protected PDF files, and a billboard in Michigan was hacked to play Pornography for drivers along I-75! In the expert commentary, we welcome Sean O'Brien, Founder and CEO of PrivacySafe, to talk about PrivacySafe - The Anti Cloud Appliance!
To learn more about PrivacySafe, visit: https://securityweekly.com/privacysafe
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode236
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Facebook suspends tens of thousands of apps from hundreds of developers, a Privilege Escalation flaw found in Forcepoint VPN Client for Windows, WannaCry and why it never went away, 0patch promises support for Windows 7 beyond January 2020, and how the FBI arrests more than 200 hackers in different countries! In the expert commentary, we welcome Grant Sewell, Director of IT Security at Safelite Autoglass, to talk about Risk-based security and identity controls, and the Use of Preempt Security's Platform!
To learn more about Preempt, visit: https://securityweekly.com/preempt
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode235
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, experts disclosed passcode bypass bug in iOS 13 a week before release, drone attacks hit two Saudi Arabia Aramco oil plants, Google fixes 2FA flaw in built-in security key, LastPass fixes bug that leaks credentials, AMD Radeon Driver flaw lead to VM escape, and how the Air Force will let hackers try to hijack an orbiting satellite! In the expert commentary, we welcome George Avetisov, CEO and Co-Founder at HYPR Corp., to talk about True Passwordless Security!
To learn more about Hypr, visit: https://securityweekly.com/hypr
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode234
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, 60,000 GPS trackers for people and pets are using the same password, YouTube fined $170m for covertly tracking kids online, a free working exploit for BlueKeep, WordPress 5.2.3 fixes new clutch of security vulnerabilities, critical Exim flaw opens millions of servers to Takeover, cyberattack Disrupted Firewalls at U.S. Power Utility, a Million-plus IoT Radios Open to Hijack via Telnet Backdoor, Vulnerabilities in D-Link, Comba Routers Can Leak Credentials, and vulnerabilities exposed 2 million Verizon customer contracts. In the expert commentary, Matt Alderman talks about the slew of ransomware attacks, and pay-offs, targeted at cities and municipalities earlier this year, is the tide starting to turn?
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode233 Visit http://hacknaked.tv to get all the latest episodes!
This week, hackers indiscriminately infected iPhones for two years, Google throws bug bounty bucks at mega-popular third-party apps, how Jack Dorsey's Twitter account got hacked, and how attackers are exploiting vulnerable WordPress plugins to backdoor sites! In the Expert Commentary, Larry Alston of Tufin joins us to discuss Developing and Enforcing Security Policies in the Cloud!
To learn more about Tufin, visit: https://securityweekly.com/tufin
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode232
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, a hacker finds Instagram Account Takeover Flaw worth $10,000, a U.S. Judge orders Capital One hacker Paige Thompson to remain in prison, a vast majority of newly registered domains are malicious, and why half of all Social Media logins are fraud! In the expert commentary, Jason Wood joins us to discuss Building Your First Incident Response Policy: A Practical Guide for Beginners!
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode231
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, 61 impacted versions of Apache Struts let off security advisories, a hacker publicly releases Jailbreak for iOS version 12.4, Chrome users ignoring warnings to change breached passwords, an unpatchable security flaw found in popular SoC boards, and a reward up to $30,000 for find vulns in Microsoft Edge dev and beta channels! In the expert commentary, we welcome Jason Wood, to discuss Ransomware and City Governments!
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode230
Roman Sannikov, Recorded Future - https://www.youtube.com/watch?v=0kCZIX6a-6o
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, a rare steganography hack can compromise fully patched websites, the Louisiana governor declares state of emergency after a local ransomware outbreak, Google found a way to remotely attack Apple iOS devices by sending a boobytrapped iMessage, and 100 million users data stolen in the Capital One breach! In the expert commentary, we welcome Jason Wood, to discuss how the U.S. issues a hacking security alert for small planes!
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode229
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, a bug in NVIDIAs Tegra Chipset opens doors to Malicious Code Execution, hackers publish a list of phished Discord creds, Equifax to pay up to $700 Million in 2017 data breach settlement, several vulnerabilities found in Comodo Antivirus, and VLC player has a critical RCE flaw with no patch available! In the expert commentary, we welcome Jason Wood, to discuss why Corporate Mobile Security just isn't cutting it!
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode228
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, the Zoom RCE flaw is affecting RingCentral and Zhumu, a researcher releases PoC code for critical Atlassian Crowd RCE flaw, thousands of legacy Lenovo storage devices exposed millions of files, unusual Linux ransomware targets NAS servers, and how hacked hair straighteners can threaten your home! In the expert commentary, we welcome our CEO Matt Alderman, to discuss Facebook's $5 Billion dollar FTC fine!
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode227
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, US Cyber Command warns of Iran-linked hackers exploiting Outlook, New "WannaHydra" malware a triple threat to Android, British Airways slapped with record $230M fine, Apple Patches iMessage Bug That Bricks iPhones with Out-of-Date Software, and more! Jason Wood joins us for expert commentary on Firms That Promised High-Tech Ransomware Solutions Almost Always Just Pay the Hackers!
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode226
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, A Crypto Flaw in Yubico Security Keys, Facebook's Lawyers say You Have No Right to Privacy, Two Cloud Services, PCM and Attunity, Have Breaches, and Two Florida Cities Pay Over $1M in Ransomware Attacks in Less Than a Week! Jason Wood joins us for expert commentary on Trump Officials Weighing a Crackdown on End-to-End Encryption!
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode225
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, cryptomining malware that launches Linux VMs on Windows and macOS, Oracle patches another actively-exploded WebLogic 0-day, LokiBot and NanoCore malware distributed in ISO image files, and an anonymous hacker that was exposed after dropping a USB drive while throwing a Molotov cocktail! In the expert commentary, we welcome Tyler Hudak, Practice Lead of Incident Response to talk about TrickBot malware!
Learn more about TrustedSec, visit: https://securityweekly.com/trustedsec
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode224
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, prevent the impact of a Linux worm, Yubico recalls FIPS Yubikey tokens after flaw discovered, how fraudulent domains hide in plain site, Samsung reminds rabble to scan smart TV's for viruses and makes them forget, and the scraping of millions of Venmo transactions in a privacy warning to consumers! In the expert commentary, we welcome Sagi Bar-Zva, Strategic Pre-Sales Manager from Tufin to talk about Using Automation to Improve Your Overall Security Posture!
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode223
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, a botnet that's targeting 1.5 million RDP servers worldwide, VLC Player gets patched for two highly severe bugs, thousands of images stolen from US border hack, Troy Hunt looks to sell I Been Pwnd, and a near-ubiquitous critical Microsoft RCE bugs affect all versions of Windows! In the expert commentary, we welcome back Jason Wood from Paladin Security to talk about how the Evolution of Extortion Emails continues! All that and more, on this episode of Hack Naked News!
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode222
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, SUPRA Smart TV flaw lets attackers hijack screens with no video, 20,000 Linksys routers leak historic record of every device ever connected, a new attack creates ghost taps on Android smartphones, and an Australian teenager that hacked into Apple twice to get a job! In the expert commentary, we welcome Winn Schwartau from the Security Awareness Company to talk about Ethical Bias in Artificial Intelligence-Based Security Systems!
To learn more about SAC, visit: https://securityweekly.com/sac
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode221
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Microsoft brings hardware-based isolation to Chrome & Firefox, the U.S. border's license plate scanning technology hacked, crooks leverage WordPress and Joomla sites for malicious redirects, the Chinese military wants to replace Windows OS in fear of U.S. hacking, and how Google-protected mobile browsers were open to phishing for over a year! In the expert commentary, we welcome back Jason Wood from Paladin Security to talk about how almost one million are still vulnerable to the BlueKeep Vulnerability!
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode220
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Unistellar attackers wiped over 12,000 MongoDB databases, a Slack bug that allows remote file hijacking, Baltimore ransomware nightmare could last weeks more, over 25,000 smart Linksys routers are leaking sensitive data, and Huawei's microchip vulnerability explained! In the expert commentary, we welcome Charles Thompson, Senior Director of Product Management at VIAVI to talk about Security Forensics!
To learn more about VIAVI Solutions, visit: https://securityweekly.com/viavi
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode219
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, hacking the unhackable eyeDisk USB stick, how to brick all Samsung mobile phones, how Twitter shared user location data through advertising, a 0-Day flaw used to install spyware on phones, and a Linux kernel flaw allows remote code execution! In the expert commentary, we welcome Marcin Szary, CTO at Secfense, to talk about Web Authentication!
To learn more about Secfense, visit: https://securityweekly.com/secfense
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode218
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, software flaw exposed most dell computers to remote hacking, Israel neutralizes cyber attack by blowing up a building with hackers, an expert that found hundreds of vulnerable Jenkins plugins, a bug in Mirai code allows crashing C2 servers, and how researchers discovered a highly stealthy Microsoft Exchange Backdoor! In the expert commentary, the return of Jason Wood from Paladin Security, joins us to talk about how Japan is developing a computer virus to fight cyber attacks!
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode217
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, how a politicians' kids accessed his laptop through facial recognition, critical flaws in WordPress and Qualcomm chips, how 2 million IoT security cameras and baby monitors are vulnerable to takeover, and how a new Emotet variant uses connected devices as proxy C2 servers! In the expert commentary, the return of Jason Wood from Paladin Security, joins us to talk about how Microsoft is telling IT admins to nix 'obsolete' password reset practices!
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode216
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, a weather channel that was knocked off air by a malicious attack, how bad bots make up 20 percent of web traffic, ransomware ravages municipalities nationwide, a flaw in Shopify API exposed revenue and traffic data of thousands of stores, and how attackers are weaponizing more vulnerabilities than ever before! In the expert commentary, we welcome Itai Tevet, CEO of Intezer, to talk about Linus threats, recent Mirai variants, and general code reuse in the cyber space!
To learn more about Intezer, visit: https://securityweekly.com/intezer
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode215
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly