The boys are back with another session of the Hackle Box. This month features in-depth discussion on four vulnerabilities/exploits that have gained the attention of Oscar, Pinky, and Eric over the last month or so.

IDN Phishing — Outlook emails showing legitimate contact cards from lookalike domains
https://arstechnica.com/information-technology/2021/09/microsoft-outlook-shows-real-persons-contact-info-for-idn-phishing-emails/

Razer Mouse Bug — The bug allows admin privileges in Windows 10
https://www.bleepingcomputer.com/news/security/razer-bug-lets-you-become-a-windows-10-admin-by-plugging-in-a-mouse/

T-Mobile Breach — 48 million social security numbers accessed from a pool of 50 million affected customers
https://www.zdnet.com/article/t-mobile-hack-everything-you-need-to-know/

Hacking the Hackers — New exploit available for download lets hackers crash Cobalt Strike team servers
https://arstechnica.com/gadgets/2021/08/critical-cobalt-strike-bug-leaves-botnet-servers-vulnerable-to-takedown/

As always, the session ends with the Hacker Tip of the Month from Eric and the Phishing Report with Pinky.

Give this session a watch or listen, and feel free to send any comments, questions, or topic suggestions to [email protected].

And please like and subscribe!