Security Weekly News (Audio)

This week, Doug White brings the Security Weekly News update for the week of January 20, 2020, to discuss the top news stories of the week, across all of the Security Weekly Network shows! Show Notes: https://wiki.securityweekly.com/SWNEpisode6 Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, Clearview app lets strangers find your information through Facial Recognition, Travelex begins reboot as VPN bug persists, ADP users hit by Phishing Scam, Exposed Telnet ports lead to over 500,000 IoT devices credentials stolen, and over 1000 local governments reported they were hit by ransomware in 2019! In the Expert Commentary, we welcome Jason Wood of Paladin Security, to talk about how the FBI is to inform election officials about hacking attempts! Show Notes: https://wiki.securityweekly.com/SWNEpisode5 Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Highlights from the Security Weekly shows this week, including dealing with personalities and compliance, Windows 10 exploits, alert fatigue in your SoC, security for startups, Windows 10 exploits, Tik Tok backdoors, lottery hack, 5G (in)security and more! Show Notes: https://wiki.securityweekly.com/SWNEpisode4 Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, Tesla goes Pwn2Own again this year, GRU "hacks" a Ukranian gas company at the heart of scandals in DC, Microsoft has officially ended support for Windows 7 and Server 2008, and a nasty bug in Firefox, Citrix exploits are being well...exploited, and the return of Emotet! In the Expert Commentary, we welcome Jason Wood of Paladin Security, to talk about The State of 5G Security! Show Notes: https://wiki.securityweekly.com/SWNEpisode3 Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Welcome to the first-ever Security Weekly News Wrap up for the week of January 5th, 2020. We have a massive amount of content here on Security Weekly every week, and Doug White is here to try and sum it all up for you, so you can just hit the high points for the week. So, stick around, and we'll cover all the shows and all the top stories of the week! Show Notes: https://wiki.securityweekly.com/SWNEpisode2 Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Happy New Year and welcome to the first episode ever of Security Weekly News! It's another year of malware, exploits, and fun here on the Security Weekly Network, with your host, Doug White! Ransomware, TikTok, and in the Expert Commentary, we welcome Jason Wood of Paladin Security, to talk about Iranian Cyber Threats: Practical Advice for Security Professionals! Show Notes: https://wiki.securityweekly.com/SWNEpisode1 Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, Montana TV stations hit by cyber attack, Ransomware crisis in US schools, a deep dive into Phobos Ransomware, Cybersecurity salary survey reveals variance across industries and geolocations in 2020, and Ring smart camera claims they were not hacked!! In the expert commentary, we welcome Paul Asadoorian, CTO and Founder of Security Weekly, to discuss why you should be careful who you do business with! Show Notes: https://wiki.securityweekly.com/HNNEpisode246 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, How Panasonic is using internet honeypots to improve IoT device security, A new Windows 10 ransomware threat?, 'Hackable' karaoke and walkie talkie toys found by Which?, Linux Bug Opens Most VPNs to Hijacking, New Office 365 Feature Provides Detailed Information on Email Attack Campaigns, and Google Confirms Critical Android 8, 9 And 10 Permanent Denial Of Service Threat! In the expert commentary, we welcome Tyler Robinson, Managing Director of Network Operations at Nisos, Inc, to discuss Sophos Uncovering New Version of Snatch Ransomware! Show Notes: https://wiki.securityweekly.com/HNNEpisode245 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, Microsoft OAuth Flaw Opens Azure Accounts to Takeover, Vulnerabilities Disclosed in Kaspersky, Trend Micro Products, Critical Code Execution Vulnerability Found in GoAhead Web Server, and StrandHogg Vulnerability Allows Malware to Pose as Legitimate Android Apps! In the expert commentary, we welcome back Adam Gordon from ITPro.TV, to discuss DevSecOps and the Culture Clash in Organizations! Show Notes: https://wiki.securityweekly.com/HNNEpisode244 To learn more about ITPro.TV, visit: https://securityweekly.com/itpro Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, PoC exploit code for Apache Solr RCE flaw is available online, Some Fortinet products used hardcoded keys and weak encryption for communications, Critical Flaws in VNC Threaten Industrial Environments, Twitter allows users to use 2FA without a phone number, and Smash-and-grab car thieves use Bluetooth to target cars containing tech gadgets! In the expert commentary, we welcome back Jason Wood from Paladin Security, to discuss an Iranian hacking crew that is targeting Industrial Control Systems! Show Notes: https://wiki.securityweekly.com/HNNEpisode243 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, Vulnerabilities in Android Camera Apps Exposed Millions of Users to Spying, what to do if surveillance has you worried, GitHub launches Security Lab to boost open source security, Disney+ Credentials Land in Dark Web Hours After Service Launch, and 146 security flaws uncovered in pre-installed Android apps! In the expert commentary, we welcome Bob Erdman, Sr. Manager of Product Management at Core Security, a HelpSystems Company, to talk about Effective Phishing Campaigns! Show Notes: https://wiki.securityweekly.com/HNNEpisode242 To learn more about Core Security, a HelpSystems company, visit: https://securityweekly.com/helpsystems Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, BlueKeep freakout had little impact on patching, Experts warn of spike in TCP DDoS reflection attacks targeting Amazon and others, Nvidia patches graphics products and GeForce Experience update tool, hackers breach ZoneAlarm's forum site, and how Apple is to fix Siri bug that exposed parts of encrypted emails! In the expert commentary, we welcome Dan DeCloss, Founder and CEO of PlexTrac, to talk about Communicating Vulnerabilities! To learn more about PlexTrac, visit: https://securityweekly.com/plextrac Show Notes: https://wiki.securityweekly.com/HNNEpisode241 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, aggressive IoT malware that's forcing Wi-Fi routers to join its botnet army, Google discloses Chrome Zero-Day exploited in the wild on Halloween, the first Bluekeep exploit found in the wild, and oC Exploits Published for Unpatched RCE Bugs in rConfig! In the expert commentary, we welcome Sean O'Brien, Founder, and CEO of PrivacySafe, to talk about Siri, Alexa, and Google Assistant hacked via Laser Beam! Show Notes: https://wiki.securityweekly.com/HNNEpisode240 To learn more about PrivacySafe, visit: https://securityweekly.com/privacysafe Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, Adobe database exposes 7.5 million Creative Cloud users, PHP team fixes nasty site-owning remote execution bug, Trend Micro's antivirus tools will run malware if the filename is cmd.exe, and how the country of Georgia was hit by a massive cyber attack! In the expert commentary, we welcome Jason Wood, to discuss how Fancy Bear targets Sporting and Anti-Doping Orgs as the 2020 Olympics Loom! Show Notes: https://wiki.securityweekly.com/HNNEpisode239 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, researchers turn Alexa and Google Home into credential thieves, Microsoft aims to block firmware attacks with new secured-core PCs, the popular VPN service NordVPN confirms data center breach, a 4-year-old critical Linux Wi-Fi bug allows system compromise, and US nuclear weapons command finally ditches 8-inch floppies! In the expert commentary, we welcome Jason Wood, to discuss the Evolution of False Flag Operations! Show Notes: https://wiki.securityweekly.com/HNNEpisode238 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, Signal App rushes to patch serious eavesdropping vulnerability, Wi-Fi signal let researchers ID people through walls from their gait, the FBI warns about attacks that bypass MFA, Vulnerable Twitter API leaves tens of thousands of iOS apps open to attacks, and D-Link home routers open to remote takeover will remain unpatched! In the expert commentary, we welcome Justin Elze from TrustedSec, to talk about Red Teaming and Adversary Emulation! Show Notes: https://wiki.securityweekly.com/HNNEpisode237 To learn more about TrustedSec, visit: https://trustedsec.com/securityweekly Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, 335 Million Malicious apps were installed on Google Play in September, a new bug found in NSAs Ghidra tool, a Medical Practice closed permanently after a Ransomware attack, researchers find a new hack to read content of password-protected PDF files, and a billboard in Michigan was hacked to play Pornography for drivers along I-75! In the expert commentary, we welcome Sean O'Brien, Founder and CEO of PrivacySafe, to talk about PrivacySafe - The Anti Cloud Appliance! To learn more about PrivacySafe, visit: https://securityweekly.com/privacysafe Full Show Notes: https://wiki.securityweekly.com/HNNEpisode236 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, Facebook suspends tens of thousands of apps from hundreds of developers, a Privilege Escalation flaw found in Forcepoint VPN Client for Windows, WannaCry and why it never went away, 0patch promises support for Windows 7 beyond January 2020, and how the FBI arrests more than 200 hackers in different countries! In the expert commentary, we welcome Grant Sewell, Director of IT Security at Safelite Autoglass, to talk about Risk-based security and identity controls, and the Use of Preempt Security's Platform! To learn more about Preempt, visit: https://securityweekly.com/preempt Full Show Notes: https://wiki.securityweekly.com/HNNEpisode235 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, experts disclosed passcode bypass bug in iOS 13 a week before release, drone attacks hit two Saudi Arabia Aramco oil plants, Google fixes 2FA flaw in built-in security key, LastPass fixes bug that leaks credentials, AMD Radeon Driver flaw lead to VM escape, and how the Air Force will let hackers try to hijack an orbiting satellite! In the expert commentary, we welcome George Avetisov, CEO and Co-Founder at HYPR Corp., to talk about True Passwordless Security! To learn more about Hypr, visit: https://securityweekly.com/hypr Full Show Notes: https://wiki.securityweekly.com/HNNEpisode234 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, 60,000 GPS trackers for people and pets are using the same password, YouTube fined $170m for covertly tracking kids online, a free working exploit for BlueKeep, WordPress 5.2.3 fixes new clutch of security vulnerabilities, critical Exim flaw opens millions of servers to Takeover, cyberattack Disrupted Firewalls at U.S. Power Utility, a Million-plus IoT Radios Open to Hijack via Telnet Backdoor, Vulnerabilities in D-Link, Comba Routers Can Leak Credentials, and vulnerabilities exposed 2 million Verizon customer contracts. In the expert commentary, Matt Alderman talks about the slew of ransomware attacks, and pay-offs, targeted at cities and municipalities earlier this year, is the tide starting to turn? Full Show Notes: https://wiki.securityweekly.com/HNNEpisode233 Visit http://hacknaked.tv to get all the latest episodes!

This week, hackers indiscriminately infected iPhones for two years, Google throws bug bounty bucks at mega-popular third-party apps, how Jack Dorsey's Twitter account got hacked, and how attackers are exploiting vulnerable WordPress plugins to backdoor sites! In the Expert Commentary, Larry Alston of Tufin joins us to discuss Developing and Enforcing Security Policies in the Cloud! To learn more about Tufin, visit: https://securityweekly.com/tufin Full Show Notes: https://wiki.securityweekly.com/HNNEpisode232 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, a hacker finds Instagram Account Takeover Flaw worth $10,000, a U.S. Judge orders Capital One hacker Paige Thompson to remain in prison, a vast majority of newly registered domains are malicious, and why half of all Social Media logins are fraud! In the expert commentary, Jason Wood joins us to discuss Building Your First Incident Response Policy: A Practical Guide for Beginners! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode231 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, 61 impacted versions of Apache Struts let off security advisories, a hacker publicly releases Jailbreak for iOS version 12.4, Chrome users ignoring warnings to change breached passwords, an unpatchable security flaw found in popular SoC boards, and a reward up to $30,000 for find vulns in Microsoft Edge dev and beta channels! In the expert commentary, we welcome Jason Wood, to discuss Ransomware and City Governments! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode230 Roman Sannikov, Recorded Future - https://www.youtube.com/watch?v=0kCZIX6a-6o Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, a rare steganography hack can compromise fully patched websites, the Louisiana governor declares state of emergency after a local ransomware outbreak, Google found a way to remotely attack Apple iOS devices by sending a boobytrapped iMessage, and 100 million users data stolen in the Capital One breach! In the expert commentary, we welcome Jason Wood, to discuss how the U.S. issues a hacking security alert for small planes! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode229 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, a bug in NVIDIAs Tegra Chipset opens doors to Malicious Code Execution, hackers publish a list of phished Discord creds, Equifax to pay up to $700 Million in 2017 data breach settlement, several vulnerabilities found in Comodo Antivirus, and VLC player has a critical RCE flaw with no patch available! In the expert commentary, we welcome Jason Wood, to discuss why Corporate Mobile Security just isn't cutting it! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode228 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, the Zoom RCE flaw is affecting RingCentral and Zhumu, a researcher releases PoC code for critical Atlassian Crowd RCE flaw, thousands of legacy Lenovo storage devices exposed millions of files, unusual Linux ransomware targets NAS servers, and how hacked hair straighteners can threaten your home! In the expert commentary, we welcome our CEO Matt Alderman, to discuss Facebook's $5 Billion dollar FTC fine! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode227 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, US Cyber Command warns of Iran-linked hackers exploiting Outlook, New "WannaHydra" malware a triple threat to Android, British Airways slapped with record $230M fine, Apple Patches iMessage Bug That Bricks iPhones with Out-of-Date Software, and more! Jason Wood joins us for expert commentary on Firms That Promised High-Tech Ransomware Solutions Almost Always Just Pay the Hackers! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode226 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, A Crypto Flaw in Yubico Security Keys, Facebook's Lawyers say You Have No Right to Privacy, Two Cloud Services, PCM and Attunity, Have Breaches, and Two Florida Cities Pay Over $1M in Ransomware Attacks in Less Than a Week! Jason Wood joins us for expert commentary on Trump Officials Weighing a Crackdown on End-to-End Encryption! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode225 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, cryptomining malware that launches Linux VMs on Windows and macOS, Oracle patches another actively-exploded WebLogic 0-day, LokiBot and NanoCore malware distributed in ISO image files, and an anonymous hacker that was exposed after dropping a USB drive while throwing a Molotov cocktail! In the expert commentary, we welcome Tyler Hudak, Practice Lead of Incident Response to talk about TrickBot malware! Learn more about TrustedSec, visit: https://securityweekly.com/trustedsec Full Show Notes: https://wiki.securityweekly.com/HNNEpisode224 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, prevent the impact of a Linux worm, Yubico recalls FIPS Yubikey tokens after flaw discovered, how fraudulent domains hide in plain site, Samsung reminds rabble to scan smart TV's for viruses and makes them forget, and the scraping of millions of Venmo transactions in a privacy warning to consumers! In the expert commentary, we welcome Sagi Bar-Zva, Strategic Pre-Sales Manager from Tufin to talk about Using Automation to Improve Your Overall Security Posture! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode223 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, a botnet that's targeting 1.5 million RDP servers worldwide, VLC Player gets patched for two highly severe bugs, thousands of images stolen from US border hack, Troy Hunt looks to sell I Been Pwnd, and a near-ubiquitous critical Microsoft RCE bugs affect all versions of Windows! In the expert commentary, we welcome back Jason Wood from Paladin Security to talk about how the Evolution of Extortion Emails continues! All that and more, on this episode of Hack Naked News! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode222 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, SUPRA Smart TV flaw lets attackers hijack screens with no video, 20,000 Linksys routers leak historic record of every device ever connected, a new attack creates ghost taps on Android smartphones, and an Australian teenager that hacked into Apple twice to get a job! In the expert commentary, we welcome Winn Schwartau from the Security Awareness Company to talk about Ethical Bias in Artificial Intelligence-Based Security Systems! To learn more about SAC, visit: https://securityweekly.com/sac Full Show Notes: https://wiki.securityweekly.com/HNNEpisode221 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, Microsoft brings hardware-based isolation to Chrome & Firefox, the U.S. border's license plate scanning technology hacked, crooks leverage WordPress and Joomla sites for malicious redirects, the Chinese military wants to replace Windows OS in fear of U.S. hacking, and how Google-protected mobile browsers were open to phishing for over a year! In the expert commentary, we welcome back Jason Wood from Paladin Security to talk about how almost one million are still vulnerable to the BlueKeep Vulnerability! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode220 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, Unistellar attackers wiped over 12,000 MongoDB databases, a Slack bug that allows remote file hijacking, Baltimore ransomware nightmare could last weeks more, over 25,000 smart Linksys routers are leaking sensitive data, and Huawei's microchip vulnerability explained! In the expert commentary, we welcome Charles Thompson, Senior Director of Product Management at VIAVI to talk about Security Forensics! To learn more about VIAVI Solutions, visit: https://securityweekly.com/viavi Full Show Notes: https://wiki.securityweekly.com/HNNEpisode219 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, hacking the unhackable eyeDisk USB stick, how to brick all Samsung mobile phones, how Twitter shared user location data through advertising, a 0-Day flaw used to install spyware on phones, and a Linux kernel flaw allows remote code execution! In the expert commentary, we welcome Marcin Szary, CTO at Secfense, to talk about Web Authentication! To learn more about Secfense, visit: https://securityweekly.com/secfense Full Show Notes: https://wiki.securityweekly.com/HNNEpisode218 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, software flaw exposed most dell computers to remote hacking, Israel neutralizes cyber attack by blowing up a building with hackers, an expert that found hundreds of vulnerable Jenkins plugins, a bug in Mirai code allows crashing C2 servers, and how researchers discovered a highly stealthy Microsoft Exchange Backdoor! In the expert commentary, the return of Jason Wood from Paladin Security, joins us to talk about how Japan is developing a computer virus to fight cyber attacks! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode217 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, how a politicians' kids accessed his laptop through facial recognition, critical flaws in WordPress and Qualcomm chips, how 2 million IoT security cameras and baby monitors are vulnerable to takeover, and how a new Emotet variant uses connected devices as proxy C2 servers! In the expert commentary, the return of Jason Wood from Paladin Security, joins us to talk about how Microsoft is telling IT admins to nix 'obsolete' password reset practices! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode216 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, a weather channel that was knocked off air by a malicious attack, how bad bots make up 20 percent of web traffic, ransomware ravages municipalities nationwide, a flaw in Shopify API exposed revenue and traffic data of thousands of stores, and how attackers are weaponizing more vulnerabilities than ever before! In the expert commentary, we welcome Itai Tevet, CEO of Intezer, to talk about Linus threats, recent Mirai variants, and general code reuse in the cyber space! To learn more about Intezer, visit: https://securityweekly.com/intezer Full Show Notes: https://wiki.securityweekly.com/HNNEpisode215 Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, the Apache Tomcat Patches Important Remote Code Execution Flaw, New variants of Mirai botnet detected, targeting more IoT devices, Hackers used credentials of a Microsoft Support worker to access users' webmail, TicTocTrack Smartwatch Flaws Can Be Abused to Track Kids, Ecuador suffered 40 Million Cyber attacks after the Julian Assange arrest, Security weakness in popular VPN clients, and Open Source Tool From FireEye Automates Analysis of Flash Files! In the expert commentary, Jason Wood talks about The Impact of Cyber Warfare! All that and more, on this episode of Hack Naked News! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode214

In-Depth Analysis of JS Sniffers Uncovers New Families of Credit Card-Skimming Code, Nvidia Fixes 8 High-Severity Flaws Allowing DoS, Code Execution, Computer virus alters cancer scan images, A Serious Apache server bug gives root to baddies in shared host environments, Cybercrime Groups Are Still Rampant on Facebook, 90% of OT organizations are cyberattack victims, Tenable Discloses Verizon Fios Router Vulnerabilities, and Samsung Galaxy S10 Fingerprint Sensor Duped With 3D Print! Neil Butchart the SVP at Ekran, comes on the show to talk about "Is the industry broken?" To learn more about Ekran, visit: https://securityweekly.com/ekran Full Show Notes: https://wiki.securityweekly.com/HNNEpisode213

This week, Asus pushes patch after hackers used updates to send malware, Microsoft announces Windows Defender ATP Antivirus for Mac, researchers find 36 new security flaws in LTE protocol, new settings let hackers easily pentest Facebook and Instagram Mobile Apps, and how researchers can get a free Tesla for spotting infotainment system bug! Sven Morgenroth from Netsparker joins us for expert commentary to discuss how Facebook stored hundreds of Millions of user passwords in plain text! To learn more about Netsparker, visit: https://securityweekly.com/netsparker Full Show Notes: https://wiki.securityweekly.com/HNNEpisode212 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, Zero-Days in Counter Strike client could be used to build a major botnet, huge aluminum plants hit by 'severe' ransomware attack, Myspace loses 50 million songs in server migration, wifi signals can reveal your password, and PuTTY in your hands: an SSH client gets patched after RSA key exchange memory vulnerability was spotted! Ralf Hund from VMRay joins us for expert commentary to discuss the Evolution of GandCrab! To learn more about VMRay, visit: https://securityweekly.com/vmray Full Show Notes: https://wiki.securityweekly.com/HNNEpisode211 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, a Severe RCE vulnerability affected popular StackStorm Automation software, Crowdfense is willing to pay $3 Million for iOS and Android Zero-Days, Equifax neglected cyber security prior to breach, Google launches new Cloud Security services, and an unprotected MongoDB instance exposes 800 million emails! Jason Wood from Paladin Security joins us for expert commentary on how a researcher claims an Iranian APT is behind a 6TB Data Heist at Citrix! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode210 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, millions of utility customers passwords stored in plain text, Google ditches passwords in latest android devices, online validation services vulnerable to digital signature spoofing attacks, flaws in 4G and 5G allow snooping on calls, and TurboTax hit with credential stuffing attack and tax returns were compromised! Nicholas Sciberras from Acunetix joins us for expert commentary on how hackers created social media work after a bug report was ignored! To GET A FREE 14-DAY TRIAL of Acunetix, visit: https://securityweekly.com/acunetix Full Show Notes: https://wiki.securityweekly.com/HNNEpisode209 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, Google paid out $3.4 million for vulnerabilities reported in 2018, hackers target WordPress sites via WP cost estimation plugin, Facebook paid $25,000 for CSRF exploit that leads to Account Takeover, and PoC Exploit Code for recent container escape flaw in runc published online! Jason Wood from Paladin Security joins us for expert commentary on Apple being sued over their two factor authentication! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode208 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, your Lenovo X is watching you & sharing information, a client-side DNS attack emerges from academic research, a macOS vulnerability leaks safari data, hackers hit VFEmail & wipe US servers and backups, and a check-in system flaw puts major airlines at risk! Jason Wood from Paladin Security joins us for expert commentary on how fraudsters are scamming teenage 'money mules' on Instagram and Snapchat! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode207 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, roughly 500,000 Ubiquiti devices may be affected by a flaw already exploited in the wild, Outlaw Shellbot infects Linux servers to mine for Monero, Apple's Siri shortcuts feature vulnerable to abuse, Google's new Chrome extension warns you about stolen passwords, and Google patches critical .png image bug! David Pearson from Awake Security joins us for expert commentary on recent news around Japan performing an IoT pentest on their public IPs! To learn more about Awake Security, visit: https://securityweekly.com/awake Full Show Notes: https://wiki.securityweekly.com/HNNEpisode206 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, a tool that finds vulnerable robots on the Internet, a new exploit that threatens over 9,000 Cisco routers, apple turns of group FaceTime after an eavesdropping bug, wordpress sites under attack via Zero-Day in abandoned plugin, and OpenBMC caught with 'pantsdown' over a new security flaw! Jason Wood from Paladin Security joins us for expert commentary on Abusing Exchange: One API call away from Domain Admin! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode205 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, a flaw in MySQL could allow rogue servers to steal files, a state agency exposes 3TB of data including FBI info, how cybercriminals clean their dirty money, a critical RCE flaw in Linux APT allows remote attackers to hack systems, and how to protect against a new breed of cyber attack! Jason Wood from Paladin Security joins us for expert commentary on how attackers used a LinkedIn job ad and Skype call to breach a bank's defense! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode204 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, US Government shutdown leaves dozens of .gov sites vulnerable, Firefox 69 to disable Adobe Flash, an unpatched vCard flaw could leave your PCs open to attackers, Tesla's contest Pwn2Own could win you a Model 3, and how building site cranes are easier to hack than garage door openers! Jason Wood from Paladin Security joins us for expert commentary on how the Boston Hospital Attacker was sentenced to 10 years in prison, and more on this episode of Hack Naked News! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode203 Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly