A daily look at the relevant information security news from overnight.

Episode 141 - 28 August 2019

WS-DD can launch DDoS - https://www.zdnet.com/article/protocol-used-by-630000-devices-can-be-abused-for-devastating-ddos-attacks/

New APT LYCEUM - https://threatpost.com/oil-and-gas-firms-targeted-by-new-lyceum-threat-group/147705/

Trojan dropper app - https://www.bleepingcomputer.com/news/security/trojan-dropper-malware-found-in-android-app-with-100m-downloads/

Retadup taken down - https://www.zdnet.com/article/avast-and-french-police-take-over-malware-botnet-and-disinfect-850000-computers/

Gartner exposes 1TB - https://www.technadu.com/gartner-exposes-1tb-data-belonging-to-subsidiary/77903/

A daily look at the relevant information security news from overnight.

Episode 140 - 27 August 2019

Enterprise network attacks - https://www.zdnet.com/article/hackers-mount-attacks-on-webmin-servers-pulse-secure-and-fortinet-vpns/

Nemty arrives - https://www.bleepingcomputer.com/news/security/new-nemty-ransomware-may-spread-via-compromised-rdp-connections/

Hostinger breached - https://techcrunch.com/2019/08/25/web-host-hostinger-data-breach/

Quasar phishing - https://www.bleepingcomputer.com/news/security/phishing-campaign-delivers-quasar-rat-payloads-via-fake-resumes/

Clickjacking plagues advertisers - https://www.zdnet.com/article/clickjacking-scripts-found-on-613-popular-sites-academics-say/

A daily look at the relevant information security news from overnight.

Episode 139 - 26 August 2019

Emotet back in operation - https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/

Lenovo bug - https://threatpost.com/bug-found-in-pre-installed-software/147657/

New Asruex strain - https://www.zdnet.com/article/asruex-trojan-exploits-old-office-adobe-bugs-to-backdoor-your-system/

MasterCard breach - https://www.bleepingcomputer.com/news/security/mastercard-reports-data-breach-to-german-and-belgian-dpas/

Hy-Vee records sale - https://www.zdnet.com/article/data-stolen-from-hy-vee-customers-offered-for-sale-on-jokers-stash-dark-web-trading-post/

A daily look at the relevant information security news from overnight.

Episode 138 - 23 August 2019

Squid buggy buffer - https://www.bleepingcomputer.com/news/security/unpatched-squid-servers-exposed-to-dos-code-execution-attacks/

Google Play spyware - https://www.zdnet.com/article/open-source-spyware-makes-it-on-the-google-play-store/

Portland schools BEC - https://www.bleepingcomputer.com/news/security/portland-public-schools-recovers-29-million-lost-in-bec-scam/

Neutrino trojan back - https://fossbytes.com/nasty-botnet-neutrino-caught-hacking-other-hackers-web-shells/

Free antivirus vuln - https://www.technadu.com/bitdefender-antivirus-free-2020-vulnerable-privilege-escalation-attacks/77440/

A daily look at the relevant information security news from overnight.

Episode 137 - 22 August 2019

CIsco critical flaws - https://threatpost.com/cisco-patches-six-critical-bugs/147585/

China targets research - https://www.zdnet.com/article/cancer-research-organizations-become-the-new-focus-of-chinese-hacking-groups/

Phishing with Microsoft - https://www.bleepingcomputer.com/news/security/phishing-attacks-scrape-branded-microsoft-365-login-pages/

Another Steam zero day - https://threatpost.com/researcher-discloses-second-steam-zero-day-after-valve-bug-bounty-ban/147593/

Free RAT - https://www.zdnet.com/article/cybersecurity-this-trojan-malware-being-offered-for-free-could-cause-hacking-spike/

A daily look at the relevant information security news from overnight.

Episode 136 - 21 August 2019

Remote desktop bug expands - https://www.bleepingcomputer.com/news/security/microsoft-patches-vulnerable-android-remote-desktop-app/

Buggy Nest - https://threatpost.com/google-nest-security-cam-takeover/147477/

MoviePass leaks - https://techcrunch.com/2019/08/20/moviepass-thousands-data-exposed-leak/

Apple un-fixes iOS - https://threatpost.com/apple-ios-patch-blunder-iphones-jailbreaks/147519/

Kubernetes flaw - https://www.bleepingcomputer.com/news/security/severe-flaws-in-kubernetes-expose-all-servers-to-dos-attacks/

A daily look at the relevant information security news from overnight.

Episode 135 - 20 August 2019

NordVPN trojan - https://www.bleepingcomputer.com/news/security/hackers-use-fake-nordvpn-website-to-deliver-banking-trojan/

Webmin backdoor - https://www.zdnet.com/article/backdoor-found-in-webmin-a-popular-web-based-utility-for-managing-unix-servers/

Adwind hitting utilities - https://www.bleepingcomputer.com/news/security/adwind-remote-access-trojan-hits-utilities-sector/

Segmented routers leak - https://www.bleepingcomputer.com/news/security/router-network-isolation-broken-by-covert-data-exfiltration/

Ransomware hits Texas - https://threatpost.com/coordinated-ransomware-attack-hits-23-texas-government-agencies/147457/

A daily look at the relevant information security news from overnight.

Episode 134 - 19 August 2019

Phishing 404 - https://www.bleepingcomputer.com/news/security/microsoft-warns-of-phishing-attacks-using-custom-404-pages/

8 million adware downloads - https://techcrunch.com/2019/08/16/android-users-tricked-adware-apps/

BIRD breach - https://www.forbes.com/sites/daveywinder/2019/08/16/european-central-bank-breach-ecb-confirms-hack-and-shuts-down-website/#74b7720594bd

Mozilla free password - https://www.bleepingcomputer.com/news/security/mozilla-firefox-bug-let-third-parties-access-saved-passwords/

Hy-Vee PoS breach - https://www.zdnet.com/article/hy-vee-issues-warning-to-customers-after-discovering-point-of-sale-breach/

A daily look at the relevant information security news from overnight.

Episode 133 - 16 August 2019

DanaBot on the move - https://www.zdnet.com/article/danabot-banking-trojan-jumps-from-australia-to-german-targets/

Choice Hotel breach - https://www.infosecurity-magazine.com/news/choice-hotels-breach-hackers/

Voicemail phish - https://www.bleepingcomputer.com/news/security/microsoft-voicemail-notifications-used-as-bait-in-phishing-campaign/

Trend Micro password flaw - https://www.zdnet.com/article/trend-micro-fixes-hijack-security-flaw-in-password-manager/

Apache versions oops - https://threatpost.com/apache-security-advisories-red-flags-wrong-versions-in-patching-gaffe/147388/

A daily look at the relevant information security news from overnight.

Episode 132 - 15 August 2019

All Windows vuln - https://threatpost.com/20-year-old-bug-legacy-microsoft-windows-users/147336/

Miner on Task - https://www.zdnet.com/article/this-new-cryptojacking-malware-uses-a-sneaky-trick-to-remain-hidden/

Intel patches - https://www.bleepingcomputer.com/news/security/intel-updates-nuc-firmware-to-patch-high-severity-bug/

Biometrics leak - https://www.zdnet.com/article/major-biometrics-data-leak-impacts-police-banks-enterprise-companies/

Phishing with Google - https://www.bleepingcomputer.com/news/security/phishing-campaign-uses-google-drive-to-bypass-email-gateways/