A daily look at the relevant information security news from overnight.

Episode 131 - 14 August 2019

HTTP/2s - https://www.bleepingcomputer.com/news/security/new-http-2-flaws-expose-unpatched-web-servers-to-dos-attacks/

Facebook eavesdropping - https://www.bloomberg.com/news/articles/2019-08-13/facebook-paid-hundreds-of-contractors-to-transcribe-users-audio

Troldesh rising - https://www.technadu.com/troldesh-ransomware-infecting-victims-compromised-websites/76628/

HVACking - https://www.bleepingcomputer.com/news/security/hvacking-remotely-exploiting-bugs-in-building-control-systems/

Dating apps exposing - https://www.zdnet.com/article/four-major-dating-apps-expose-precise-locations-of-10-million-users/

A daily look at the relevant information security news from overnight.

Episode 130 - 13 August 2019

Cloud Atlas morphing - https://www.zdnet.com/article/cloud-atlas-threat-group-updates-weaponry-with-polymorphic-malware/

Multiple drivers flawed - https://www.securityweek.com/vulnerabilities-device-drivers-20-vendors-expose-pcs-persistent-malware

SQLite vuln - https://www.zdnet.com/article/clever-attack-uses-sqlite-databases-to-hack-other-apps-malware-servers/

4G full of flaws - https://www.bleepingcomputer.com/news/security/4g-router-vulnerabilities-let-attackers-take-full-control/

Phone charger hack - https://techcrunch.com/2019/08/12/iphone-charging-cable-hack-computer-def-con/

A daily look at the relevant information security news from overnight.

Episode 129 - 12 August 2019

BIG-IP load imbalance - https://www.helpnetsecurity.com/2019/08/09/vulnerable-load-balancers/

Clicker with 100M downloads - https://www.bleepingcomputer.com/news/security/android-apps-with-over-100m-installs-contain-a-clicker-trojan/

“Smart lock” NOT - https://threatpost.com/hack-of-high-end-hotel-smart-locks-shows-iot-security-fail/147178/

KDE vuln resolved - https://www.bleepingcomputer.com/news/security/kde-vulnerability-fixed-by-removing-shell-command-support/

Saefco trojan - https://www.zdnet.com/article/new-saefko-trojan-focuses-on-stealing-your-credit-card-details/

A daily look at the relevant information security news from overnight.

Episode 128 - 09 August 2019

WhatsApp exploit - https://www.zdnet.com/article/whatsapp-vulnerabilities-puts-words-in-your-mouth-lets-hackers-tamper-with-text/

Avaya VoIP bug - https://threatpost.com/critical-rce-bug-avaya-voip-phones/147122/

Ursnif macro - https://www.zdnet.com/article/phishing-watch-out-for-this-new-version-of-trojan-malware-that-spreads-through-malicious-word-documents/

LEE leaves the door open - https://www.technadu.com/leadership-for-educational-equity-leaks-data-3-7-million-members/76286/

Baseball Hall of Shame - https://www.bleepingcomputer.com/news/security/national-baseball-hall-of-fame-hit-by-payment-card-stealing-attack/

A daily look at the relevant information security news from overnight.

Episode 127 - 08 August 2019

Smominru expands - https://threatpost.com/smominru-cryptominer-scrapes-credentials-half-million-machines/147038/

Clipsa the brute - https://www.zdnet.com/article/new-windows-malware-can-also-brute-force-wordpress-websites/

LokiBot adds steganography - https://www.bleepingcomputer.com/news/security/lokibot-uses-image-files-to-hide-code-for-unpacking-routine/

State Farm brute = https://www.zdnet.com/article/state-farm-says-hackers-confirmed-valid-usernames-and-passwords-in-credentials-stuffing-attack/

Leapfrog too chatty - https://www.digitaltrends.com/news/leapfrog-flaw-could-have-exposed-childrens-info-and-location/

A daily look at the relevant information security news from overnight.

Episode 126 - 07 August 2019

Cisco switch bugs - https://www.zdnet.com/article/security-bugs-in-popular-cisco-switch-brand-allow-hackers-to-take-over-devices/

EchoBot gettin busy - https://www.bleepingcomputer.com/news/security/new-echobot-botnet-variant-uses-over-50-exploits-to-propagate/

KDE vuln disclosed - https://www.zdnet.com/article/unpatched-kde-vulnerability-disclosed-on-twitter/

Mass spoofing threat - https://threatpost.com/mass-spoofing-campaign-walmart/146994/

CafePress pwned - https://www.theregister.co.uk/2019/08/05/cafebreach_breach_23m_user_records/

A daily look at the relevant information security news from overnight.

Episode 125 - 06 August 2019

MegaCortex v2 - https://www.zdnet.com/article/megacortex-ransomware-slams-eu-firms-with-demands-of-up-to-5-8-million/

Snapdragon vulns - https://www.bleepingcomputer.com/news/security/qualpwn-bugs-in-snapdragon-soc-can-attack-android-over-the-air/

Dragonblood expands - https://www.technadu.com/two-dragonblood-vulnerabilities-wpa3-wi-fi-standard/75933/

StockX covered breach - https://techcrunch.com/2019/08/03/stockx-hacked-millions-records/

Strontium hits IoT - https://www.bleepingcomputer.com/news/security/russian-apt-abuses-iot-devices-to-infiltrate-corporate-targets/

A daily look at the relevant information security news from overnight.

Episode 124 - 05 August 2019

GermanWiper - https://www.zdnet.com/article/germanwiper-ransomware-hits-germany-hard-destroys-files-asks-for-ransom/

SystemBC stealthy - https://threatpost.com/systembc-proxy-malware-socks5-stealth/146879/

LookBack RAT - https://www.bleepingcomputer.com/news/security/phishing-attacks-target-us-utilities-with-remote-access-trojan/

NVIDIA patches - https://www.bleepingcomputer.com/news/security/nvidia-patches-high-severity-flaws-in-windows-gpu-display-driver/

Beware free antivirus - https://threatpost.com/critical-bug-android-antivirus/146927/

A daily look at the relevant information security news from overnight.

Episode 123 - 02 August 2019

Mirai goes Tor - https://www.zdnet.com/article/new-mirai-botnet-lurks-in-the-tor-network-to-stay-under-the-radar/

Amavaldo campaigns - https://www.scmagazine.com/home/security-news/cybercrime/fiendish-amavaldo-banking-trojan-strikes-in-mexico-after-targeting-brazilians/

Rocke miner - https://www.theregister.co.uk/2019/08/01/palo_alto_networks_rocke_malware/

Adware abuses reputation - https://www.bleepingcomputer.com/news/security/dealply-adware-abuses-microsoft-smartscreen-to-boost-av-evasion/

Korean card sale - https://www.zdnet.com/article/breach-alert-in-south-korea-after-1m-card-details-were-put-up-for-sale-online/

A daily look at the relevant information security news from overnight.

Episode 122 - 01 August 2019

Pearson data breach - https://www.wsj.com/articles/pearson-hack-exposed-details-on-thousands-of-u-s-students-11564619001?mod=rsswn

New Malvertising - https://threatpost.com/malvertising-ad-blockers-mac-malware/146861/

Limit bypassed - https://www.helpnetsecurity.com/2019/07/31/visa-contactless-cards-flaws/

DHS small aircraft warning - https://www.zdnet.com/article/dhs-warns-about-can-bus-vulnerabilities-in-small-aircraft/

Honda endpoints exposed - https://techcrunch.com/2019/07/31/security-lapse-exposed-weak-points-on-hondas-internal-network/