A daily look at the relevant information security news from overnight.

Episode 161 - 26 September 2019

Magecart hits routers - https://threatpost.com/magecart-group-targets-routers-behind-public-wi-fi-networks/148662/

vBulletin zero-day - https://www.scmagazine.com/web-services-security-e-commerce-security/reports-actively-exploited-zero-day-found-in-vbulletin-forum-software/

Chinese attacking Windows - https://threatpost.com/narrator-windows-utility-trojanized-to-gain-full-system-control/148654/

Liberia Porrua exposed - https://www.technadu.com/mexican-bookstore-libreria-porrua-exposes-data-million-customers/80932/

Heyyo exposed - https://www.zdnet.com/article/heyyo-dating-app-leaked-users-personal-data-photos-location-data-more/

Adobe patches ColdFusion - https://www.bleepingcomputer.com/news/security/adobe-fixes-critical-security-vulnerabilities-in-coldfusion/

A daily look at the relevant information security news from overnight.

Episode 160 - 25 September 2019

APT10 after utilities - https://www.zdnet.com/article/17-us-utility-firms-targeted-by-mysterious-state-sponsored-group/

New Fancy Bear attack - https://threatpost.com/zebrocy-retools-political-attacks/148593/

U.S. vets sammed - https://www.bleepingcomputer.com/news/security/fake-employment-site-created-to-target-veterans-with-malware/

Wyoming hospital ransomware - https://www.darkreading.com/attacks-breaches/wyoming-hospital-the-latest-to-be-hit-with-ransomware-attack/d/d-id/1335895

Apple open access - https://techcrunch.com/2019/09/24/apple-bug-full-access-keyboards/

A daily look at the relevant information security news from overnight.

Episode 159 - 24 September 2019

YouTube hack - https://www.forbes.com/sites/daveywinder/2019/09/23/youtube-security-warning-issued-for-23-million-creators-as-massive-hack-attack-confirmed/#635c899b6b4f

Kuwait shipping attacks - https://www.zdnet.com/article/hackers-target-transportation-and-shipping-industries-in-new-trojan-malware-campaign/

Microsoft urgent patches - https://threatpost.com/microsoft-internet-explorer-zero-day-flaw-addressed-in-out-of-band-security-update/148584/

Indian banks hit - https://www.zdnet.com/article/new-north-korean-malware-targeting-atms-spotted-in-india/

Apps nasty adverts - https://www.bleepingcomputer.com/news/security/malicious-android-apps-evade-google-play-protect-via-remote-commands/

A daily look at the relevant information security news from overnight.

Episode 158 - 23 September 2019

Magecart hits hotels - https://www.zdnet.com/article/magecart-strikes-again-hotel-booking-websites-come-under-fire/

Verlo Mattress soft - https://threatpost.com/mattress-company-leaks-data-records-of-387k-customers/148530/

Forcepoint VPN fix - https://www.bleepingcomputer.com/news/security/forcepoint-fixes-privilege-escalation-bug-in-windows-vpn-client/

Mac stock malware - https://www.scmagazine.com/home/security-news/cybercrime/tricks-of-the-trade-mac-malware-impersonates-trading-app/

Facebook slaps apps - https://techcrunch.com/2019/09/20/facebook-suspends-apps-hoarding-data/

A daily look at the relevant information security news from overnight.

Episode 157 - 20 September 2019

Open Harbor - https://www.zdnet.com/article/patch-now-1300-harbor-cloud-registries-open-to-attack/

Click2Gov breach - https://www.bankinfosecurity.com/eight-us-cities-see-payment-data-card-stolen-a-13127

Celeb Insta-hack - https://www.bleepingcomputer.com/news/security/celebrity-instagram-accounts-being-hacked-to-push-scams/

Thinkful oops - https://techcrunch.com/2019/09/19/thinkful-data-breach-chegg-acquisition/

WeWork WiFi wide open - https://gizmodo.com/wework-is-exposing-an-astronomical-amount-of-data-on-po-1838254217

A daily look at the relevant information security news from overnight.

Episode 156 - 19 September 2019

IT supply chain hack - https://www.bleepingcomputer.com/news/security/new-tortoiseshell-group-hacks-11-it-providers-to-reach-their-customers/

Scotiabank leaks - https://www.theregister.co.uk/2019/09/18/scotiabank_code_github_leak/

Phishing page emails - https://www.bleepingcomputer.com/news/security/microsoft-phishing-page-sends-stolen-logins-using-javascript/

IRS Amadey botnet - https://threatpost.com/irs-emails-botnet-recruitment/148473/

Windows Defender failing - https://www.zdnet.com/article/windows-defender-malware-scans-are-failing-after-a-few-seconds/

A daily look at the relevant information security news from overnight.

Episode 155 - 18 September 2019

Lion Air exposed - https://www.bleepingcomputer.com/news/security/millions-of-lion-air-passenger-records-exposed-and-exchanged-on-forums/

Gootkit exposed - https://www.zdnet.com/article/gootkit-malware-crew-left-their-database-exposed-online-without-a-password/

Radeon VM flaw - https://threatpost.com/amd-radeon-cards-vmware-workstations/148406/

Linux kernel miner - https://www.zdnet.com/article/skidmap-malware-buries-into-the-kernel-to-hide-cryptocurrency-mining/

Legit certs for sale - https://threatpost.com/threat-actor-buys-digital-certs-spreads-malware/148345/

TFlower ransomware - https://www.bleepingcomputer.com/news/security/tflower-ransomware-the-latest-attack-targeting-businesses/

A daily look at the relevant information security news from overnight.

Episode 154 - 17 September 2019

Emotet awakes - https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Ordinypt wiper - https://www.bleepingcomputer.com/news/security/destructive-ordinypt-malware-hitting-germany-in-new-spam-campaign/

Lumin PDF users exposed - https://www.zdnet.com/article/data-of-24-3-million-lumin-pdf-users-shared-on-hacking-forum/

Insecure home routers - https://threatpost.com/asus-lenovo-routers-remotely-exploitable-bugs/148361/

Nemty get an upgrade - https://www.technadu.com/nemty-ransomware-evolving-kill-processes-services/80180/

A daily look at the relevant information security news from overnight.

Episode 153 - 16 September 2019

Entercom issues - https://www.bleepingcomputer.com/news/security/giant-entercom-radio-network-deals-with-ransomware-like-incident/

Phishing with Asteroth - https://threatpost.com/astaroth-spy-trojan-facebook-youtube/148327/

LastPass leaky - https://www.zdnet.com/article/lastpass-bug-leaks-credentials-from-previous-site/

North Korean spear phishing - https://threatpost.com/north-korean-spear-phishing-attack-us/148299/

Insta user access - https://www.darkreading.com/risk-management/instagram-bug-put-user-account-details-phone-numbers-at-risk/d/d-id/1335797

A daily look at the relevant information security news from overnight.

Episode 152 - 13 September 2019

SMS tracker - https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

RAT sandwich - https://www.bleepingcomputer.com/news/security/new-wiryjmper-dropper-hides-netwire-rat-payloads-in-plain-sight/

Dealer Leads exposed - https://threatpost.com/198m-car-buyer-records-exposed-online/148231/

UNICEF oops - https://www.infosecurity-magazine.com/news/unicef-leaks-data-of-online/

Garmin skimmed - https://www.bleepingcomputer.com/news/security/garmin-sa-shopping-portal-breach-leads-to-theft-of-payment-data/