A daily look at the relevant information security news from overnight.

Episode 181 - 24 October 2019

Maxthon major vuln - https://www.zdnet.com/article/bug-that-grants-admin-rights-to-malware-found-in-maxthon-chinas-favorite-browser/

Discord curruption - https://www.bleepingcomputer.com/news/security/discord-turned-into-an-info-stealing-backdoor-by-new-malware/

Not in front of the robots honey - https://threatpost.com/bedside-hotel-robot-hacked-video/149491/

Phishing good in Kalispell - https://www.scmagazine.com/home/health-care/phishing-scam-behind-kalispell-regional-healthcare-data-breach/

CPDoS proof - https://www.zdnet.com/article/cpdos-attack-can-poison-cdns-to-deliver-error-pages-instead-of-legitimate-sites/

A daily look at the relevant information security news from overnight.

Episode 180 - 23 October 2019

MedusaLocker rears head - https://www.bleepingcomputer.com/news/security/medusalocker-ransomware-wants-its-share-of-your-money/

Home Group breach - https://www.infosecurity-magazine.com/news/home-group-data-breach/

Active Directory help - https://www.securityweek.com/new-azure-ad-feature-detects-unauthorized-access-attempts

Billtrust back up after attack - https://www.bleepingcomputer.com/news/security/billing-provider-billtrust-suffers-outage-after-malware-attack/

Remcos trojan upgrade - https://docs.google.com/document/d/1MNpTyoZ4Ka0cRMkofHpBIzCpuAniXD9XuRa7Xomf-3U/edit#

A daily look at the relevant information security news from overnight.

Episode 179 - 22 October 2019

Best Western leak - https://www.zdnet.com/article/autoclerk-database-leaked-customer-government-and-military-personal-records/

Trend Micro rund malware - https://www.theregister.co.uk/2019/10/21/flaw_trend_micro/

Gustuff new look - https://threatpost.com/gustuff-android-banker-switches-technical-approach/149403/

Winnti skip-2.0 - https://www.scmagazine.com/home/security-news/gaming/skip-2-0-backdoor-malware-provides-magic-password-to-access-mssql-accounts/

Alexa, what’s my password? - https://threatpost.com/new-way-found-to-use-alexa-google-to-voice-phish-and-eavesdrop-on-users/149352/

A daily look at the relevant information security news from overnight.

Episode 178 - 21 October 2019

Long term skim - https://www.zdnet.com/article/mission-health-store-hijack-went-undetected-for-years/

WordPress backdoor - https://www.bleepingcomputer.com/news/security/hackers-backdoor-sites-by-hiding-fake-wordpress-plugins/

STOP decryptor - https://www.zdnet.com/article/free-decrypter-released-for-stop-ransomware-todays-most-popular-ransomware-strain/

Spelevo delivers Maze - https://www.bleepingcomputer.com/news/security/maze-ransomware-now-delivered-by-spelevo-exploit-kit/

Rockin’ ransomware - https://www.infosecurity-magazine.com/news/italians-rocked-by-ransomware/

A daily look at the relevant information security news from overnight.

Episode 177 - 18 October 2019

The Dukes are back - https://www.bleepingcomputer.com/news/security/cozy-bear-russian-hackers-spotted-after-staying-undetected-for-years/

Samsung sucky bios - https://www.zdnet.com/article/samsung-admits-fingerprint-reader-flaw-promises-software-fix/

Cisco patches - https://threatpost.com/cisco-aironet-access-points-critical-flaws/149266/

UC Browser flaw - https://www.bleepingcomputer.com/news/security/500-million-uc-browser-android-users-exposed-to-mitm-attacks-again/

Stripe phishing - https://www.darkreading.com/endpoint/phishing-campaign-targets-stripe-credentials-financial-data/d/d-id/1336117

A daily look at the relevant information security news from overnight.

Episode 176 - 17 October 2019

Malware WAV - https://www.bleepingcomputer.com/news/security/attackers-hide-backdoors-and-cryptominers-in-wav-audio-files/

Android PoC - https://www.zdnet.com/article/security-researcher-publishes-proof-of-concept-code-for-recent-android-zero-day/

Big Oracle patch - https://www.scmagazine.com/home/security-news/vulnerabilities/oracle-patches-218-security-vulnerabilities/

WordPress patches - https://www.scmagazine.com/home/security-news/vulnerabilities/wordpress-patches-6-bugs/

Scum of the earth arrested - https://www.zdnet.com/article/us-south-korea-officials-trace-bitcoin-transactions-to-take-down-massive-child-porn-site/

A daily look at the relevant information security news from overnight.

Episode 175 - 16 October 2019

Stolen cards stolen - https://arstechnica.com/information-technology/2019/10/data-for-a-whopping-26-million-stolen-payment-cards-leaked-in-hack-of-fraud-bazaar/

Checkm8 scam - https://www.bleepingcomputer.com/news/security/scammers-use-fake-checkra1n-ios-jailbreak-in-click-fraud-campaign/

New TA505 campaign - https://www.bleepingcomputer.com/news/security/new-sdbot-remote-access-trojan-used-in-ta505-malspam-campaigns/

Docker spreads miner - https://thenextweb.com/security/2019/10/16/cryptojacking-worm-uses-docker-to-infect-over-2000-systems-to-secretly-mine-monero/

Rocke evolves - https://www.bleepingcomputer.com/news/security/chinese-hackers-use-new-cryptojacking-tactics-to-evade-detection/

A daily look at the relevant information security news from overnight.

Episode 174 - 15 October 2019

Pitney Bowes encrypted - https://www.zdnet.com/article/pitney-bowes-claims-customer-data-safe-following-malware-attack/

Alphabroder down - https://www.asicentral.com/news/newsletters/promogram/october-2019/alphabroder-suffers-ransomware-attack/

Ransomware hits M6 - https://www.zdnet.com/article/m6-one-of-frances-biggest-tv-channels-hit-by-ransomware/


Sudo no-no - https://thehackernews.com/2019/10/linux-sudo-run-as-root-flaw.html

Winnti updates attack - https://www.bleepingcomputer.com/news/security/winnti-group-uses-new-portreuse-malware-against-asian-manufacturer/

A daily look at the relevant information security news from overnight.

Episode 173 - 14 October 2019


Nitro PDF flaw - https://www.bleepingcomputer.com/news/security/nitro-pdf-pro-to-get-micropatches-for-7-potential-rce-bugs/

Fin7 active - https://threatpost.com/fin7-retools/149117/

Hookers hacked - https://www.technadu.com/hookers-nl-forum-hacked-250000-users-exposed/82246/

Leafy data smoked - https://www.technadu.com/cannabis-news-website-leafly-exposes-customer-information/82326/

Faux Crypto platform - https://www.bleepingcomputer.com/news/security/attackers-create-elaborate-crypto-trading-scheme-to-install-malware/

A daily look at the relevant information security news from overnight.

Episode 172 - 11 October 2019


Nemty decryptor - https://www.bleepingcomputer.com/news/security/nemty-ransomware-decryptor-released-recover-files-for-free/

Apple zero-day - https://www.scmagazine.com/home/security-news/ransomware/bitpaymer-ransomware-attackers-exploit-apple-flaw-to-bypass-detection/

iTerm2 critical - https://www.zdnet.com/article/patch-now-mac-users-critical-7-year-old-flaw-in-open-source-macos-app-iterm2/

Attor attack - https://threatpost.com/sophisticated-spy-kit-russians-gsm-plugin/149095/

Cyberoam vulnerability - https://techcrunch.com/2019/10/10/cyberoam-firewall-network-hackers/