Millions of SMS Messages were exposed in a leak, a New Always-On VPN from Google Fi is now available, and hacking an ATM in 20 minutes or less? Totally possible! All that coming up now on ThreatWire. #threatwire #hak5

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆Our Site → https://www.hak5.org Shop → https://www.hakshop.com Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1 Support → https://www.patreon.com/threatwire Contact Us → http://www.twitter.com/hak5 Threat Wire RSS → https://shannonmorse.podbean.com/feed/ Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999 

Host: Shannon Morse → https://www.twitter.com/snubs Host: Darren Kitchen → https://www.twitter.com/hak5darren Host: Mubix → http://www.twitter.com/mubix -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Links:https://techcrunch.com/2018/11/15/millions-sms-text-messages-leaked-two-factor-codes/https://arstechnica.com/information-technology/2018/11/millions-of-sms-texts-in-unsecured-database-expose-2fa-codes-and-reset-links/https://www.cnet.com/news/text-message-database-reportedly-leaked-password-resets/

https://www.zdnet.com/article/most-atms-can-be-hacked-in-under-20-minutes/https://www.ptsecurity.com/upload/corporate/ww-en/analytics/ATM-Vulnerabilities-2018-eng.pdf

https://www.blog.google/products/project-fi/project-fis-enhanced-network-brings-faster-more-secure-connections/https://arstechnica.com/gadgets/2018/11/google-adds-always-on-vpn-to-its-project-fi-cellular-service/https://lifehacker.com/enable-project-fis-new-vpn-to-hide-your-mobile-browsing-1830441006

 

Photo credit:https://libreshot.com/wp-content/uploads/2017/09/young-tourist-woman-atm.jpg

USPS helps identity thieves steal your mail, a DJI vulnerability is listed as high risk, and Will Election Security Ever Improve?! All that coming up now on ThreatWire. #threatwire #hak5

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆Our Site → https://www.hak5.org Shop → https://www.hakshop.com Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1 Support → https://www.patreon.com/threatwire Contact Us → http://www.twitter.com/hak5 Threat Wire RSS → https://shannonmorse.podbean.com/feed/ Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999 

Host: Shannon Morse → https://www.twitter.com/snubs Host: Darren Kitchen → https://www.twitter.com/hak5darren Host: Mubix → http://www.twitter.com/mubix -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Links:

USPS Informed Deliveryhttps://mashable.com/article/usps-informed-delivery-fraud/#nC9QnarFVgqL https://krebsonsecurity.com/2018/11/u-s-secret-service-warns-id-thieves-are-abusing-uspss-mail-scanning-service/ https://krebsonsecurity.com/2017/10/usps-informed-delivery-is-stalkers-dream/ 

DJI Flaw:https://www.cnet.com/news/dji-fixes-vulnerability-that-let-potential-hackers-spy-on-drones/ https://www.wired.com/story/dji-drones-bugs-exposed-users-data/ https://threatpost.com/dji-patches-forum-bug-that-allowed-drone-account-takeovers/138922/ https://thehackernews.com/2018/11/dji-drone-hack_8.html https://blog.checkpoint.com/2018/11/08/the-spy-drone-in-your-cloud/ 

Voting Security:https://motherboard.vice.com/en_us/article/kzvejx/voting-machine-manual-instructed-election-officials-to-use-weak-passwords https://www.bostonglobe.com/metro/2018/11/04/hackers-targeting-election-networks-across-country-lead-midterms/d0EzG4Cmh2jeMqllhXo4WP/story.html https://www.dhs.gov/news/2018/11/05/joint-statement-election-day-preparations https://www.dni.gov/index.php/newsroom/press-releases/item/1915-joint-statement-from-the-odni-doj-fbi-and-dhs-combating-foreign-influence-in-u-s-elections https://arstechnica.com/tech-policy/2018/11/are-elections-fixed-no-but-neither-is-election-security/ 

Photo credit:https://upload.wikimedia.org/wikipedia/commons/2/2f/DJI_Mavic_Pro.jpg

A Privilege Escalation Flaw Hits Linux, you can now bypass DRM, legally, and Triton Malware is Tied To the Russian Government! All that coming up now on ThreatWire.

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆Our Site → https://www.hak5.org Shop → https://www.hakshop.com Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1 Support → https://www.patreon.com/threatwire Contact Us → http://www.twitter.com/hak5 Threat Wire RSS → https://shannonmorse.podbean.com/feed/ Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999 

Host: Shannon Morse → https://www.twitter.com/snubs Host: Darren Kitchen → https://www.twitter.com/hak5darren Host: Mubix → http://www.twitter.com/mubix -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Linux Privilege Escalation Flaw;https://thehackernews.com/2018/10/privilege-escalation-linux.htmlhttps://www.zdnet.com/article/new-security-flaw-impacts-most-linux-and-bsd-distros/https://lists.x.org/archives/xorg-announce/2018-October/002927.htmlhttps://www.securepatterns.com/2018/10/cve-2018-14665-xorg-x-server.htmlhttps://twitter.com/hackerfantastic/status/1055568290112831490/photo/1

DRM:https://www.federalregister.gov/documents/2018/10/26/2018-23241/exemption-to-prohibition-on-circumvention-of-copyright-protection-systems-for-access-controlhttps://www.zdnet.com/article/need-to-fix-an-iphone-or-android-device-you-can-now-break-drm-under-new-us-rules/https://motherboard.vice.com/en_us/article/xw9bwd/1201-exemptions-right-to-repairhttps://boingboing.net/2018/10/25/use-exemptions.html

Russia Tied to Infrastructure Attack:https://www.fireeye.com/blog/threat-research/2018/10/triton-attribution-russian-government-owned-lab-most-likely-built-tools.htmlhttps://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.htmlhttps://www.cyberscoop.com/trisis-ics-malware-saudi-arabia/https://arstechnica.com/information-technology/2018/10/russia-was-likely-behind-dangerous-critical-infrastructure-attack-report-says/https://thehackernews.com/2018/10/russia-triton-ics-malware.htmlhttps://www.wired.com/story/triton-malware-russia-industrial-controls/https://motherboard.vice.com/en_us/article/9k74az/triton-malware-russian-government-saudi-arabia-petrol-plant

Photo credit:https://cdn2.macworld.co.uk/cmsdata/features/3427174/iPhone_5S_JAILBREAK.jpg

Private Data from an Adult Site is Exposed, TLS 1.0 & 1.1 will be Deprecated In 2020, and an IoT Operating System is found Vulnerable to Hacks! All that coming up now on ThreatWire.

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆Shop → http://www.hakshop.com Subscribe → http://www.youtube.com/hak5 RSS Feeds → https://www.hak5.org/subscribe Support → http://www.patreon.com/threatwire Amazon Associates → https://amzn.to/2pHgf8T 

Our Site → http://www.hak5.org Contact Us → http://www.twitter.com/hak5 Threat Wire RSS → https://shannonmorse.podbean.com/feed/ Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999  

Help us with Translations! → http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ 

For Business Inquiries, please use our contact forms → https://www.hak5.org/contact 

Producer: Shannon Morse → https://www.youtube.com/channel/UCefsgN8xeWIp658QvOl73qA Editor: Colleen CavoloHost: Shannon Morse → https://www.twitter.com/snubs Host: Darren Kitchen → https://www.twitter.com/hak5darren Host: Mubix → http://www.twitter.com/mubix -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Links:Adult Site Data Exposed:https://twitter.com/haveibeenpwned/status/1053745264090116102https://twitter.com/troyhunt/status/1053751051352969219https://arstechnica.com/information-technology/2018/10/hack-on-8-adult-websites-exposes-oodles-of-intimate-user-data/ https://twitter.com/hashcat/status/1053016015871852546https://haveibeenpwned.com/PwnedWebsites#WifeLovers

TLS 1.0 and 1.1 Deprecated:https://arstechnica.com/gadgets/2018/10/browser-vendors-unite-to-end-support-for-20-year-old-tls-1-0/https://webkit.org/blog/8462/deprecation-of-legacy-tls-1-0-and-1-1-versions/https://security.googleblog.com/2018/10/modernizing-transport-security.htmlhttps://blogs.windows.com/msedgedev/2018/10/15/modernizing-tls-edge-ie11/#sqWRkguy62CtVDut.97https://tools.ietf.org/html/draft-ietf-tls-oldversions-deprecate-00https://blog.mozilla.org/security/2018/10/15/removing-old-versions-of-tls/

IoT OS Vulnerable:https://thehackernews.com/2018/10/amazon-freertos-iot-os.html

https://aws.amazon.com/freertos/https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/https://github.com/aws/amazon-freertos/blob/master/CHANGELOG.md

Photo credit:https://upload.wikimedia.org/wikipedia/commons/e/eb/Placing_a_wedding_ring.jpg

Fact or Fiction? It’s Bloomberg Vs Big Tech! The Facebook Vulnerability Affects 30 Million (Not 50 million!), and Google+ Says Goodbye! All that coming up now on ThreatWire.

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆Shop → http://www.hakshop.com Subscribe → http://www.youtube.com/hak5 RSS Feeds → https://www.hak5.org/subscribe Support → http://www.patreon.com/threatwire Amazon Associates → https://amzn.to/2pHgf8T 

Our Site → http://www.hak5.org Contact Us → http://www.twitter.com/hak5 Threat Wire RSS → https://shannonmorse.podbean.com/feed/ Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999 

Help us with Translations! → http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ 

For Business Inquiries, please use our contact forms → https://www.hak5.org/contact 

Producer: Shannon Morse → https://www.youtube.com/channel/UCefsgN8xeWIp658QvOl73qA Editor: Perrin MHost: Shannon Morse → https://www.twitter.com/snubs Host: Darren Kitchen → https://www.twitter.com/hak5darren Host: Mubix → http://www.twitter.com/mubix -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Links:Facebook update:https://newsroom.fb.com/news/2018/10/update-on-security-issue/  https://arstechnica.com/information-technology/2018/10/facebook-hackers-stole-locations-and-other-private-data-for-millions-of-users/ https://www.cnet.com/news/facebook-e-mails-phone-numbers-and-other-personal-information-accessed-during-breach/ https://www.cnet.com/news/in-facebooks-massive-breach-the-hackers-friends-were-the-first-victims/ https://www.securityweek.com/facebook-says-hackers-accessed-data-29-million-users https://www.zdnet.com/article/facebook-downgrades-breach-count-from-50-million-to-30-million-users/ 

Bloomberg Microchips:https://www.bloomberg.com/businessweek https://arstechnica.com/gadgets/2018/10/bloomberg-super-micro-motherboards-used-by-apple-amazon-contained-chinese-spy-chips/ https://www.bloomberg.com/news/articles/2018-10-04/the-big-hack-amazon-apple-supermicro-and-beijing-respond https://motherboard.vice.com/en_us/article/qv9npv/bloomberg-china-supermicro-apple-hack https://techcrunch.com/2018/10/04/bloomberg-spy-chip-murky-world-national-security-reporting/ https://arstechnica.com/information-technology/2018/10/supermicro-boards-were-so-bug-ridden-why-would-hackers-ever-need-implants/ https://blog.rapid7.com/2013/07/02/a-penetration-testers-guide-to-ipmi/ https://krebsonsecurity.com/2018/10/supply-chain-security-is-the-whole-enchilada-but-whos-willing-to-pay-for-it/ 

Google+ via Joel: https://www.wsj.com/articles/google-exposed-user-data-feared-repercussions-of-disclosing-to-public-1539017194  https://motherboard.vice.com/en_us/article/qv9xmb/google-plus-is-shutting-down-after-security-bug-exposed-user-info https://www.blog.google/technology/safety-security/project-strobe/ https://www.cnet.com/news/senate-seeks-internal-memo-on-google-vulnerability/ https://www.usatoday.com/story/tech/2018/09/28/google-ceo-sundar-pichai-testify-before-congress-conservative-bias-charges/1457087002/ https://threatpost.com/google-privacy-snafu-leaves-a-cloud-over-the-tech-landscape/138098/ 

 

Photo credit:https://www.extremetech.com/wp-content/uploads/2014/02/EM8R5.jpg

Linux Vulnerabilities were Found, Current Voting Machines were also found to be Vulnerable to hacks, and Facebook was Hacked! All that coming up now on ThreatWire.

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆Shop → http://www.hakshop.comSubscribe → http://www.youtube.com/hak5RSS Feeds → https://www.hak5.org/subscribeSupport → http://www.patreon.com/threatwireAmazon Associates → https://amzn.to/2pHgf8T

Our Site → http://www.hak5.orgContact Us → http://www.twitter.com/hak5Threat Wire RSS → https://shannonmorse.podbean.com/feed/Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Help us with Translations! → http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ

For Business Inquiries, please use our contact forms → https://www.hak5.org/contact

Producer: Shannon Morse → https://www.youtube.com/channel/UCefsgN8xeWIp658QvOl73qAEditor: Colleen CavoloHost: Shannon Morse → https://www.twitter.com/snubsHost: Darren Kitchen → https://www.twitter.com/hak5darrenHost: Mubix → http://www.twitter.com/mubix-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Linux Flaws:https://threatpost.com/local-privilege-escalation-flaw-in-linux-kernel-allows-root-access/137748/https://www.qualys.com/2018/09/25/cve-2018-14634/mutagen-astronomy-integer-overflow-linux-create_elf_tables-cve-2018-14634.txthttps://access.redhat.com/security/cve/cve-2018-14634https://access.redhat.com/security/cve/cve-2018-17182https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/mm/vmacache.c?id=7a9cdebdcc17e426fb5287e4a82db1dfe86339b2https://thehackernews.com/2018/09/linux-kernel-exploit.htmlhttps://threatpost.com/another-linux-kernel-bug-surfaces-allowing-root-access/137800/

Voting:https://defcon.org/images/defcon-26/DEF%20CON%2026%20voting%20village%20report.pdfhttps://arstechnica.com/information-technology/2018/09/e-voting-researchers-warn-of-hack-that-could-flip-the-electoral-college/https://www.cnet.com/news/half-of-us-states-using-voting-machines-with-a-known-vulnerability-says-report/https://www.cnet.com/news/campaign-2018-voting-machines-are-vulnerable-to-hacking/

Facebook:https://newsroom.fb.com/news/2018/09/security-update/https://threatpost.com/facebook-data-breach-impacts-almost-50-million-accounts/137801/https://www.businessinsider.com/facebook-hack-how-to-check-if-you-were-affected-2018-9https://krebsonsecurity.com/2018/09/facebook-security-bug-affects-90m-users/https://motherboard.vice.com/en_us/article/mbw3zb/facebook-hacked-50-million-users-affectedhttps://thehackernews.com/2018/09/facebook-account-hacked.html

Photo credit:https://c1.staticflickr.com/1/813/26405895567_3ba098e250_b.jpg

Newegg gets hit by the British Airways attackers, a Twitter bug sent direct messages to developers, and the three men behind Mirai don’t receive jail time. All that coming up now on ThreatWire.

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆Shop → http://www.hakshop.comSubscribe → http://www.youtube.com/hak5RSS Feeds → https://www.hak5.org/subscribeSupport → http://www.patreon.com/threatwireAmazon Associates → https://amzn.to/2pHgf8T

Our Site → http://www.hak5.orgContact Us → http://www.twitter.com/hak5Threat Wire RSS → https://shannonmorse.podbean.com/feed/Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Help us with Translations! → http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ

For Business Inquiries, please use our contact forms → https://www.hak5.org/contact

Producer: Shannon Morse → https://www.youtube.com/channel/UCefsgN8xeWIp658QvOl73qAEditor: Perrin MHost: Shannon Morse → https://www.twitter.com/snubsHost: Darren Kitchen → https://www.twitter.com/hak5darrenHost: Mubix → http://www.twitter.com/mubix-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Links:Newegg:https://arstechnica.com/information-technology/2018/09/newegg-hit-by-credit-card-stealing-code-injected-into-shopping-code/https://www.cnet.com/news/newegg-data-breach-exposed-customer-credit-card-info-says-report/https://twitter.com/Newegg/status/1042466284577779712?ref_src=twsrc%5Etfwhttps://kb.newegg.com/knowledge-base/2018-data-security-update-faq/?cm_mmc=snc-twitter-_-kb-faq-_-na-_-nahttps://www.riskiq.com/blog/labs/magecart-newegg/https://www.volexity.com/blog/2018/09/19/magecart-strikes-again-newegg/

Twitter:https://help.twitter.com/en/account-activity-apihttps://developer.twitter.com/en/products/accounts-and-users/account-activity-api.htmlhttps://blog.twitter.com/developer/en_us/topics/tools/2018/details-for-developers-on-Account-Activity-API-bug.htmlhttps://www.cnet.com/news/twitter-may-have-sent-your-private-dms-to-the-wrong-people-but-probably-not/https://threatpost.com/twitter-flaw-exposed-direct-messages-to-external-developers/137608/https://techcrunch.com/2018/09/21/twitter-bug-sent-user-direct-messages-to-developers-for-over-a-year/

Mirai:https://www.justice.gov/usao-ak/pr/hackers-cooperation-fbi-leads-substantial-assistance-other-complex-cybercrimehttps://krebsonsecurity.com/2018/09/mirai-botnet-authors-avoid-jail-time/https://www.cnet.com/news/hackers-behind-mirai-botnet-could-be-sentenced-to-working-for-the-fbi/https://thehackernews.com/2018/09/mirai-botnet-fbi-cybercrime.html

Photo credit:https://c1.staticflickr.com/1/967/41911616902_13d3d1007a_b.jpg

Cold boot attacks are back, British Airways got their Website Hacked, and the GCHQ Data Collection Standards are deemed Illegal. All that coming up now on ThreatWire.

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆Shop → http://www.hakshop.comSubscribe → http://www.youtube.com/hak5RSS Feeds → https://www.hak5.org/subscribeSupport → http://www.patreon.com/threatwireAmazon Associates → https://amzn.to/2pHgf8T

Our Site → http://www.hak5.orgContact Us → http://www.twitter.com/hak5Threat Wire RSS → https://shannonmorse.podbean.com/feed/Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Help us with Translations! → http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ

For Business Inquiries, please use our contact forms → https://www.hak5.org/contact

Producer: Shannon Morse → https://www.youtube.com/channel/UCefsgN8xeWIp658QvOl73qAEditor: Perrin MHost: Shannon Morse → https://www.twitter.com/snubsHost: Darren Kitchen → https://www.twitter.com/hak5darrenHost: Mubix → http://www.twitter.com/mubix-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Links:Cold Boot:https://arstechnica.com/gadgets/2018/09/cold-boot-attacks-given-new-life-with-firmware-attack/https://blog.f-secure.com/cold-boot-attacks/https://techcrunch.com/2018/09/12/security-flaw-in-nearly-all-modern-pcs-and-macs-leaks-encrypted-data/https://www.cnet.com/news/almost-all-modern-computers-affected-by-cold-boot-attack-researchers-warn/https://www.wired.com/story/cold-boot-break-pc-encryption/https://thehackernews.com/2018/09/cold-boot-attack-encryption.html

British Airways:https://www.britishairways.com/en-us/information/incident/data-theft/latest-information#https://www.wired.com/story/british-airways-hack-details/https://arstechnica.com/information-technology/2018/09/british-airways-site-had-credit-card-skimming-code-injected/https://www.cnet.com/news/british-airways-data-breach-put-customers-financial-info-at-risk/

GCHQ:https://arstechnica.com/tech-policy/2018/09/bulk-interception-by-gchq-and-nsa-violated-human-rights-charter-european-court-rules/https://hudoc.echr.coe.int/eng-press#{%22itemid%22:[%22003-6187848-8026299%22]}https://www.theguardian.com/uk-news/2018/sep/13/gchq-data-collection-violated-human-rights-strasbourg-court-rules

Photo credit:https://www.goodfreephotos.com/albums/animals/mammals/a-pair-of-rams-in-the-winter.jpg

A Popular Anti-Adware App is Actually Spyware, the US Charges a North Korean hacker for the Sony Hack and WannaCry ransomware, and a Hacker Behind DDoS attempts Pleads Guilty to Bomb Threats. All that coming up now on ThreatWire.

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆Shop → http://www.hakshop.comSubscribe → http://www.youtube.com/hak5RSS Feeds → https://www.hak5.org/subscribeSupport → http://www.patreon.com/threatwireAmazon Associates → https://amzn.to/2pHgf8T

Our Site → http://www.hak5.orgContact Us → http://www.twitter.com/hak5Threat Wire RSS → https://shannonmorse.podbean.com/feed/Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Help us with Translations! → http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ

For Business Inquiries, please use our contact forms → https://www.hak5.org/contact

Producer: Shannon Morse → https://www.youtube.com/channel/UCefsgN8xeWIp658QvOl73qAEditor: Perrin MHost: Shannon Morse → https://www.twitter.com/snubsHost: Darren Kitchen → https://www.twitter.com/hak5darrenHost: Mubix → http://www.twitter.com/mubix-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Links:Adware Doctor:https://twitter.com/privacyis1st/status/1031428304543395840https://www.youtube.com/watch?v=nZ7CVIy5Tq8&feature=youtu.behttps://thehackernews.com/2018/09/mac-adware-removal-tool.htmlhttps://www.wired.com/story/adware-doctor-mac-app-store-spyware/https://objective-see.com/blog/blog_0x37.htmlhttps://www.securityweek.com/mac-apps-apples-app-store-steal-user-data-researchers-sayhttps://threatpost.com/apple-finally-boots-sneaky-adware-doctor-app-from-mac-app-store/137319/https://threatpost.com/top-macos-app-exfiltrates-browser-histories-behind-users-backs/137247/https://motherboard.vice.com/en_us/article/wjye8x/mac-anti-adware-doctor-app-steals-browsing-history

North Korean Charged:https://www.justice.gov/opa/press-release/file/1092091/downloadhttps://www.wired.com/story/doj-north-korea-hacker-sony-wannacry-complaint/https://arstechnica.com/information-technology/2018/09/us-indicts-north-korean-agents-for-wannacry-sony-attacks/https://www.zdnet.com/article/how-us-authorities-tracked-down-the-north-korean-hacker-behind-wannacry/https://thehackernews.com/2018/09/wannacry-north-korea-hacks.htmlhttps://www.cnet.com/news/justice-department-charges-north-korean-hacker-linked-to-wannacry-2014-sony-hack/https://motherboard.vice.com/en_us/article/j5nyyx/doj-charge-north-korea-wannacry-sony-hack

ProtonMail:https://krebsonsecurity.com/2018/09/leader-of-ddos-for-hire-gang-pleads-guilty-to-bomb-threats/https://www.zdnet.com/article/hacker-uses-protonmail-vpn-hacker-ddoses-protonmail-hacker-gets-arrested/https://protonmail.com/blog/apophis-squad-arrest/https://www.zdnet.com/article/popular-vpns-contain-code-execution-security-flaws-despite-patches/https://www.securityweek.com/vpn-firms-release-new-patches-privilege-escalation-flawhttps://blog.talosintelligence.com/2018/09/vulnerability-spotlight-Multi-provider-VPN-Client-Privilege-Escalation.html

 

Photo credit:https://cdn.pixabay.com/photo/2016/01/20/09/03/north-korea-1151137_960_720.jpg

Fortnite rewards for security while having security issues of their own, 2 million are affected in a t-mobile hack, and a New Apache Struts Flaw Affects Web Servers. All that coming up now on ThreatWire.

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆Shop → http://www.hakshop.comSubscribe → http://www.youtube.com/hak5RSS Feeds → https://www.hak5.org/subscribeSupport → http://www.patreon.com/threatwireAmazon Associates → https://amzn.to/2pHgf8T

Our Site → http://www.hak5.orgContact Us → http://www.twitter.com/hak5Threat Wire RSS → https://shannonmorse.podbean.com/feed/Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Help us with Translations! → http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ

For Business Inquiries, please use our contact forms → https://www.hak5.org/contact

Producer: Shannon Morse → https://www.youtube.com/channel/UCefsgN8xeWIp658QvOl73qAEditor: Colleen C.Host: Shannon Morse → https://www.twitter.com/snubsHost: Darren Kitchen → https://www.twitter.com/hak5darrenHost: Mubix → http://www.twitter.com/mubix-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Links:Fortnite:https://www.epicgames.com/fortnite/en-US/news/2fahttps://www.cnet.com/news/fortnite-has-a-giveaway-if-you-enable-two-factor-authentication/https://www.businessinsider.com/fortnite-two-factor-authentication-2018-8https://duo.com/blog/state-of-the-auth-experiences-and-perceptions-of-multi-factor-authenticationhttps://www.cnet.com/news/want-fortnite-for-android-you-wont-get-it-from-the-google-play-store/https://thehackernews.com/2018/08/fortnite-android-app-apk.htmlhttps://threatpost.com/fortnite-android-app-falls-victim-to-man-in-the-disk-flaw/136931/

T-Mobile (Via Joel on Discord):https://www.t-mobile.com/customers/6305378821https://thehackernews.com/2018/08/t-mobile-hack-breach.htmlhttps://www.cnet.com/news/t-mobile-hack-may-have-exposed-2-million-customers-data/https://www.zdnet.com/article/international-hackers-help-themselves-to-data-belonging-to-2-million-t-mobile-customers/https://threatpost.com/t-mobile-alerts-2-3-million-customers-of-data-breach-tied-to-leaky-api/136896/https://motherboard.vice.com/en_us/article/a3qpk5/t-mobile-hack-data-breach-api-customer-data

Apache Struts Flaw:https://lgtm.com/blog/apache_struts_CVE-2018-11776https://semmle.com/news/apache-struts-CVE-2018-11776https://cwiki.apache.org/confluence/display/WW/S2-057https://thehackernews.com/2018/08/apache-struts-vulnerability.htmlhttps://krebsonsecurity.com/2018/08/experts-urge-rapid-patching-of-struts-bug/https://www.recordedfuture.com/apache-struts-vulnerability-github/https://github.com/jas502n/St2-057

 

Photo credit:https://cdn2.unrealengine.com/Fortnite%2Fblog%2F2FA%2FBR05_News_Header_16_9_Boogiedown-Emote-1920x1080-38794c76e4c4264bb61c601db0dbb88f78e5e533.jpg