Security Weekly News (Video)

Welcome to the Security Weekly News Wrap up for the Week of 19 - January - 2020. Bezos got hacked? Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SWNEpisode6

This week, Clearview app lets strangers find your information through Facial Recognition, Travelex begins reboot as VPN bug persists, ADP users hit by Phishing Scam, Exposed Telnet ports lead to over 500,000 IoT devices credentials stolen, and over 1000 local governments reported they were hit by ransomware in 2019! In the Expert Commentary, we welcome Jason Wood of Paladin Security, to talk about how the FBI is to inform election officials about hacking attempts! Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SWNEpisode5

Highlights from the Security Weekly shows this week, including dealing with personalities and compliance, Windows 10 exploits, alert fatigue in your SoC, security for startups, Windows 10 exploits, Tik Tok backdoors, lottery hacke, 5G (in)security and more! Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SWNEpisode4

This week on Security Weekly News, Dr. Doug White covers the following stories: Tesla Goes Pwn2Own Again This Year, GRU "hacks" a Ukranian Gas Company at the Heart of Scandals in DC, Is Iran Shutting Down Social Media to Prevent Protests?, The US Government Issues Phones to the Poor Which Contain Chinese Malware. Oh, and the phones were Chinese too, Cloudflare Expands Into VPN and Firewalling, Microsoft has Officially Ended Support for Win 7 and Server 2008, A Nasty Bug in Firefox, Citrix Exploits are Being Well... Exploited, Can We Just Go Ahead and Read the Patterns in Encryption?, Cisco Data Center Vulnerabilities, More Lawsuits in Georgia, The Return of Emotet, Never Give the Victim a Break if You Want Them to Pay, and Is the US Better Than Anyone in the World at Cyber? In the expert commentary segment, Jason Wood covers the State of 5G Security. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SWNEpisode3

Welcome to the first-ever Security Weekly News Wrap up for the week of January 5th, 2020. We have a massive amount of content here on Security Weekly every week and I am going to try and sum it all up for you so you can just hit the high points for the week. So, stick around, and we'll cover all the shows and all the top stories of the week. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SWNEpisode2

Happy New Year and welcome to the first episode ever of Security Weekly News. It's another year of malware, exploits, and fun here on the Security Weekly Network. Ransomware, TikTok, World War III, & in the Expert Commentary, we welcome Jason Wood of Paladin Security, to talk about Iranian Cyber Threats: Practical Advice for Security Professionals! Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SWNEpisode1

This week, Montana TV stations hit by cyber attack, Ransomware crisis in US schools, a deep dive into Phobos Ransomware, Cybersecurity salary survey reveals variance across industries and geolocations in 2020, and Ring smart camera claims they were not hacked!! In the expert commentary, we welcome Paul Asadoorian, CTO and Founder of Security Weekly, to discuss why you should be careful who you do business with! Visit http://hacknaked.tv to get all the latest episodes! Show Notes: https://wiki.securityweekly.com/HNNEpisode246

This week, How Panasonic is using internet honeypots to improve IoT device security, A new Windows 10 ransomware threat?, 'Hackable' karaoke and walkie talkie toys found by Which?, Linux Bug Opens Most VPNs to Hijacking, New Office 365 Feature Provides Detailed Information on Email Attack Campaigns, and Google Confirms Critical Android 8, 9 And 10 Permanent Denial Of Service Threat! In the expert commentary, we welcome Tyler Robinson, Managing Director of Network Operations at Nisos, Inc, to discuss Sophos Uncovering New Version of Snatch Ransomware! Visit http://hacknaked.tv to get all the latest episodes! Show Notes: https://wiki.securityweekly.com/HNNEpisode245

This week, Microsoft OAuth Flaw Opens Azure Accounts to Takeover, Vulnerabilities Disclosed in Kaspersky, Trend Micro Products, Critical Code Execution Vulnerability Found in GoAhead Web Server, and StrandHogg Vulnerability Allows Malware to Pose as Legitimate Android Apps! In the expert commentary, we welcome back Adam Gordon from ITPro.TV, to discuss DevSecOps and the Culture Clash in Organizations! All that and more, on this episode of Hack Naked News! To learn more about ITPro.TV, visit: https://securityweekly.com/itpro Visit http://hacknaked.tv to get all the latest episodes! Show Notes: https://wiki.securityweekly.com/HNNEpisode244

This week, PoC exploit code for Apache Solr RCE flaw is available online, Some Fortinet products used hardcoded keys and weak encryption for communications, Critical Flaws in VNC Threaten Industrial Environments, Twitter allows users to use 2FA without a phone number, and Smash-and-grab car thieves use Bluetooth to target cars containing tech gadgets! In the expert commentary, we welcome back Jason Wood from Paladin Security, to discuss an Iranian hacking crew that is targeting industrial control systems! Visit http://hacknaked.tv to get all the latest episodes! Show Notes: https://wiki.securityweekly.com/HNNEpisode243

This week, Vulnerabilities in Android Camera Apps Exposed Millions of Users to Spying, what to do if surveillance has you worried, GitHub launches Security Lab to boost open source security, Disney+ Credentials Land in Dark Web Hours After Service Launch, and 146 security flaws uncovered in pre-installed Android apps! In the expert commentary, we welcome Bob Erdman, Sr. Manager of Product Management at Core Security, a HelpSystems Company, to talk about Effective Phishing Campaigns! Visit http://hacknaked.tv to get all the latest episodes! Show Notes: https://wiki.securityweekly.com/HNNEpisode242

This week, BlueKeep freakout had little impact on patching, Experts warn of spike in TCP DDoS reflection attacks targeting Amazon and others, Nvidia patches graphics products and GeForce Experience update tool, hackers breach ZoneAlarm's forum site, and how Apple is to fix Siri bug that exposed parts of encrypted emails! In the expert commentary, we welcome Dan DeCloss, Founder and CEO of PlexTrac, to talk about the latest breaches and the importance of pentesting! Visit http://hacknaked.tv to get all the latest episodes! Show Notes: https://wiki.securityweekly.com/HNNEpisode241

This week, aggressive IoT malware that's forcing Wi-Fi routers to join its botnet army, Google discloses Chrome Zero-Day exploited in the wild on Halloween, the first Bluekeep exploit found in the wild, and oC Exploits Published for Unpatched RCE Bugs in rConfig! In the expert commentary, we welcome Sean O'Brien, Founder and CEO of PrivacySafe, to talk about Siri, Alexa, and Google Assistant hacked via Laser Beam! To learn more about PrivacySafe, visit: https://securityweekly.com/privacysafe Visit http://hacknaked.tv to get all the latest episodes! Show Notes: https://wiki.securityweekly.com/HNNEpisode240

In the news, Adobe database exposes 7.5 million Creative Cloud users, HP team fixes nasty site-owning remote execution bug, Fancy Bear continues to target sporting and anti-doping organizations, and much more! Visit http://hacknaked.tv to get all the latest episodes! Show Notes: https://wiki.securityweekly.com/HNNEpisode239

Samsung Blames Galaxy S10, Note 10 Fingerprint Unlock Bug on Covers, Four-Year-Old Critical Linux Wi-Fi Bug Allows System Compromise, Popular VPN service NordVPN confirms data center breach, Researchers Turn Alexa and Google Home Into Credential Thieves, Microsoft Aims to Block Firmware Attacks with New Secured-Core PCs , US nuclear weapons command finally ditches 8-inch floppies, and much more! Jason Wood gives expert commentary on The Evolution False Flag Operations. Visit http://hacknaked.tv to get all the latest episodes! Show Notes: https://wiki.securityweekly.com/HNNEpisode238

This week, Signal rushes to patch serious eavesdropping vulnerability, Wi-Fi signal let researchers ID people through walls from their gait, the FBI warns about attacks that bypass MFA, Vulnerable Twitter API leaves tens of thousands of iOS apps open to attacks, and D-Link home routers open to remote takeover will remain unpatched! In the expert commentary, we welcome Justin Elze from TrustedSec, to talk about Red Teaming and Adversary Emulation! To learn more about TrustedSec, visit: https://securityweekly.com/trustedsec Visit http://hacknaked.tv to get all the latest episodes! Show Notes: https://wiki.securityweekly.com/HNNEpisode237

This week, 335 Million Malicious apps were installed on Google Play in September, a new bug found in NSAs Ghidra tool, a Medical Practice closed permanently after a Ransomware attack, researchers find a new hack to read content of password protected PDF files, and a billboard in Michigan was hacked to play Porn for drivers along I-75! In the expert commentary, we welcome Sean O'Brien, Founder and CEO of PrivacySafe, to talk about PrivacySafe - The Anti Cloud Appliance! To learn more about PrivacySafe, visit: https://securityweekly.com/privacysafe Visit http://hacknaked.tv to get all the latest episodes! Show Notes: https://wiki.securityweekly.com/HNNEpisode236

This week, Facebook suspends tens of thousands of apps from hundreds of developers, a Privilege Escalation flaw found in Forcepoint VPN Client for Windows, WannaCry and why it never went away, 0patch Promises Support for Windows 7 Beyond January 2020, and how the FBI arrests more than 200 hackers in different countries! In the expert commentary, we welcome Grant Sewell, Director of IT Security at Safelite Autoglass, to talk about Risk-based security and identity controls, and the Use of Preempt Security's Platform! To learn more about Preempt, visit: https://securityweekly.com/preempt Full Show Notes: https://wiki.securityweekly.com/HNNEpisode235 Visit http://hacknaked.tv to get all the latest episodes!

This week, experts disclosed passcode bypass bug in iOS 13 a week before release, drone attacks hit two Saudi Arabia Aramco oil plants, Google fixes 2FA flaw in built-in security key, LastPass fixes bug that leaks credentials, AMD Radeon Driver flaw leads to VM escape, and how the Air Force will let hackers try to hijack an orbiting satellite! In the expert commentary, we welcome George Avetisov, CEO and Co-Founder at HYPR Corp., to talk about True Passwordless Security! To learn more about Hypr, visit: https://securityweekly.com/hypr Full Show Notes: https://wiki.securityweekly.com/HNNEpisode234 Visit http://hacknaked.tv to get all the latest episodes!

This week, 60,000 GPS trackers for people and pets are using the same password, YouTube fined $170m for covertly tracking kids online, a free working exploit for BlueKeep, WordPress 5.2.3 fixes new clutch of security vulnerabilities, critical Exim flaw opens millions of servers to Takeover, cyberattack Disrupted Firewalls at U.S. Power Utility, a Million-plus IoT Radios Open to Hijack via Telnet Backdoor, Vulnerabilities in D-Link, Comba Routers Can Leak Credentials, and vulnerabilities exposed 2 million Verizon customer contracts. In the expert commentary, Matt Alderman talks about the slew of ransomware attacks, and pay-offs, targeted at cities and municipalities earlier this year, is the tide starting to turn? Full Show Notes: https://wiki.securityweekly.com/HNNEpisode233 Visit http://hacknaked.tv to get all the latest episodes!

Armed with iOS 0days, hackers indiscriminately infected iPhones for two years, Google throws bug bounty bucks at mega-popular third-party apps, How MuleSoft patched a critical security flaw and avoided a disaster, Jack Dorsey's Twitter account got hacked, Attackers are exploiting vulnerable WP plugins to backdoor sites, and much more! We then talk with Larry Alston, who is the GM of Cloud at Tufin. He will be talking about developing and enforcing security policies in the cloud. To learn more about Tufin, visit: https://securityweekly.com/tufin Full Show Notes: https://wiki.securityweekly.com/HNNEpisode232 Visit http://hacknaked.tv to get all the latest episodes!

This week, a Hacker Finds Instagram Account Takeover Flaw Worth $10,000, a U.S. Judge orders Capital One hacker Paige Thompson to remain in prison, a Vast majority of newly registered domains are malicious, and why half of all social media logins are fraud! In the expert commentary, Jason Wood joins us to discuss Building Your First Incident Response Policy: A Practical Guide for Beginners! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode231 Visit http://hacknaked.tv to get all the latest episodes!

This week, 61 impacted versions of Apache Struts let off security advisories, a hacker publicly releases Jailbreak for iOS version 12.4, Chrome users ignoring warnings to change breached passwords, an unpatchable security flaw found in popular SoC boards, and a reward up to $30,000 for find vulns in Microsoft Edge dev and beta channels! In the expert commentary, we welcome Jason Wood, to discuss Ransomware and City Governments! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode230 Roman Sannikov, Recorded Future - https://www.youtube.com/watch?v=0kCZIX6a-6o Visit http://hacknaked.tv to get all the latest episodes!

This week, a rare steganography hack can compromise fully patched websites, the Louisiana governor declares state of emergency after a local ransomware outbreak, Apples shock Siri surveillance demands a swift response, Google found a way to remotely attack Apple iOS devices by sending a boobytrapped iMessage, and 100 million users data stolen in the Capital One breach! In the expert commentary, we welcome Jason Wood, to discuss how the US issues a hacking security alert for small planes! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode229 Visit http://hacknaked.tv to get all the latest episodes!

This week, a bug in NVIDIAs Tegra Chipset opens doors to Malicious Code Execution, hackers publish a list of phished Discord creds, Equifax to pay up to $700 Million in 2017 data breach settlement, several vulnerabilities found in Comodo Antivirus, and VLC player has a critical RCE flaw with no patch available! In the expert commentary, we welcome Jason Wood, to discuss why Corporate Mobile Security just isn't cutting it! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode228 Visit http://hacknaked.tv to get all the latest episodes!

Zoom RCE flaw affecting RingCentral and Zhumu, a researcher releases PoC code for critical Atlassian Crowd RCE flaw, thousands of legacy Lenovo storage devices exposed millions of files, unusual Linux ransomware targets NAS servers, and how hacked hair straighteners can threaten your home! In the expert commentary, we welcome our CEO Matt Alderman, to discuss Facebook's $5 Billion dollar FTC fine! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode227 Visit http://hacknaked.tv to get all the latest episodes!

This week, US Cyber Command warns of Iran-linked hackers exploiting Outlook, New "WannaHydra" malware a triple threat to Android, British Airways slapped with record $230M fine, Apple Patches iMessage Bug That Bricks iPhones with Out-of-Date Software. Jason Wood joins us for expert commentary on Firms That Promised High-Tech Ransomware Solutions Almost Always Just Pay the Hackers! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode226 Visit http://hacknaked.tv to get all the latest episodes!

This week, A Crypto Flaw in Yubico Security Keys, Facebook's Lawyers say You Have No Right to Privacy, Two Cloud Services, PCM and Attunity, Have Breaches, and Two Florida Cities Pay Over $1M in Ransomware Attacks in Less Than a Week! Jason Wood joins us for expert commentary on Trump Officials Weighing a Crackdown on End-to-End Encryption! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode225 Visit http://hacknaked.tv to get all the latest episodes!

This week, cryptomining malware that launches Linux VMs on Windows and macOS, Oracle patches another actively-exploded WebLogic 0-day, LokiBot and NanoCore malware distributed in ISO image files, and an anonymous hacker that was exposed after dropping a USB drive while throwing a Molotov cocktail! In the expert commentary, we welcome Tyler Hudak, Practice Lead of Incident Response to talk about TrickBot! Learn more about TrustedSec, visit: https://securityweekly.com/trustedsec Full Show Notes: https://wiki.securityweekly.com/HNNEpisode224 Visit http://hacknaked.tv to get all the latest episodes!

This week, prevent the impact of a Linux worm, Yubico recalls FIPS Yubikey tokens after flaw discovered, how fraudulent domains hide in plain site, Samsung reminds rabble to scan smart TV's for viruses and makes them forget, and the scraping of millions of Venmo transactions in a privacy warning to consumers! In the expert commentary, we welcome Sagi Bar-Zvi, Strategic pre-Sales Manager from Tufin to talk about Using Automation to Improve Your Overall Security Posture! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode223 Visit http://hacknaked.tv to get all the latest episodes!

This week, a botnet that's targeting 1.5 million RDP servers worldwide, VLC Player gets patched for two highly severe bugs, thousands of images stolen from US border hack, Troy Hunt looks to sell I Been Pwnd, and a near-ubiquitous critical Microsoft RCE bugs affect all versions of Windows! In the expert commentary, we welcome back Jason Wood from Paladin Security to talk about how the Evolution of Extortion Emails continues! All that and more, on this episode of Hack Naked News! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode222 Visit http://hacknaked.tv to get all the latest episodes!

This week, SUPRA Smart TV flaw lets attackers hijack screens with no video, 20,000 Linksys routers leak historic record of every device ever connected, a new attack creates ghost taps on Android smartphones, and an Australian teenager that hacked into Apple twice to get a job! In the expert commentary, we welcome Winn Schwartau from the Security Awareness Company to talk about Ethical Bias in Artificial Intelligence-Based Security Systems! All that and more, on this episode of Hack Naked News! To learn more about SAC, visit: https://securityweekly.com/sac Full Show Notes: https://wiki.securityweekly.com/HNNEpisode221 Visit http://hacknaked.tv to get all the latest episodes!

This week, Microsoft brings hardware-based isolation to Chrome & Firefox, the US border's license plate scanning technology hacked, Crooks leverage WordPress and Joomla sites for malicious redirects, the Chinese military wants to replace Windows OS in fear of US hacking, and how Google-protected mobile browsers were open to phishing for over a year! In the expert commentary, we welcome back Jason Wood from Paladin Security to talk about how almost 1 million are still vulnerable to the BlueKeep Vulnerability! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode220 Visit http://hacknaked.tv to get all the latest episodes!

This week, Unistellar attackers wiped over 12,000 MongoDB databases, a Slack bug that allows remote file hijacking, Baltimore ransomware nightmare could last weeks more, over 25,000 smart Linksys routers are leaking sensitive data, and Huawei's microchip vulnerability explained! In the expert commentary, we welcome Charles Thompson, Senior Director of Product Management at VIAVI to talk about Security Forensics! To learn more about VIAVI Solutions, visit: https://securityweekly.com/viavi Full Show Notes: https://wiki.securityweekly.com/HNNEpisode219 Visit http://hacknaked.tv to get all the latest episodes!

This week, hacking the unhackable eyeDisk USB stick, how to brick all Samsung mobile phones, how Twitter shared user location data through advertising, a 0-Day flaw used to install spyware on phones, and a Linux kernel flaw allows remote code execution! In the expert commentary, we welcome Marcin Szary, CTO at Secfense, to talk about Web Authentication! To learn more about Secfense, visit: https://securityweekly.com/secfense Full Show Notes: https://wiki.securityweekly.com/HNNEpisode218 Visit http://hacknaked.tv to get all the latest episodes!

This week, software flaw exposed most dell computers to remote hacking, Israel neutralizes cyber attack by blowing up a building with hackers, an expert that found hundreds of vulnerable Jenkins plugins, a bug in Mirai code allows crashing C2 servers, and how researchers discovered a highly stealthy Microsoft Exchange Backdoor! In the expert commentary, the return of Jason Wood from Paladin Security, joins us to talk about how Japan is developing a computer virus to fight cyber attacks! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode217 Visit http://hacknaked.tv to get all the latest episodes!

This week, how a politicians' kids accessed his laptop through facial recognition, critical flaws in WordPress and Qualcomm chips, how 2 million IoT security cameras and baby monitors are vulnerable to takeover, and how a new Emotet variant uses connected devices as proxy C2 servers! In the expert commentary, the return of Jason Wood from Paladin Security, joins us to talk about how Microsoft is telling IT admins to nix 'obsolete' password reset practices! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode216 Visit http://hacknaked.tv to get all the latest episodes!

This week, a weather channel that was knocked off air by a malicious attack, how bad bots make up 20 percent of web traffic, ransomware ravages municipalities nationwide, a flaw in Shopify API exposed revenue and traffic data of thousands of stores, and how attackers are weaponizing more vulnerabilities than ever before! In the expert commentary, we welcome Itai Tevet, CEO of Intezer, to talk about Linux threats, recent Mirai variants, and general code reuse in the cyber space! To learn more about Intezer, visit: https://securityweekly.com/intezer Full Show Notes: https://wiki.securityweekly.com/HNNEpisode215 Visit http://hacknaked.tv to get all the latest episodes!

This week, the Apache Tomcat Patches Important Remote Code Execution Flaw, New variants of Mirai botnet detected, targeting more IoT devices, Hackers used credentials of a Microsoft Support worker to access users' webmail, TicTocTrack Smartwatch Flaws Can Be Abused to Track Kids, Ecuador suffered 40 Million Cyber attacks after the Julian Assange arrest, Security weakness in popular VPN clients, and Open Source Tool From FireEye Automates Analysis of Flash Files! In the expert commentary, Jason Wood talks about The Impact of Cyber Warfare! All that and more, on this episode of Hack Naked News! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode214

In-Depth Analysis of JS Sniffers Uncovers New Families of Credit Card-Skimming Code, Nvidia Fixes 8 High-Severity Flaws Allowing DoS, Code Execution, Computer virus alters cancer scan images, A Serious Apache server bug gives root to baddies in shared host environments, Cybercrime Groups Are Still Rampant on Facebook, 90% of OT organizations are cyberattack victims, Tenable Discloses Verizon Fios Router Vulnerabilities, and Samsung Galaxy S10 Fingerprint Sensor Duped With 3D Print! Neil Butchart the SVP at Ekran, comes on the show to talk about "Is the industry broken?" Full Show Notes: https://wiki.securityweekly.com/HNNEpisode213 Visit http://hacknaked.tv to get all the latest episodes!

Asus pushes patch after hackers used updates to send malware, Microsoft Announces Windows Defender ATP Antivirus for Mac, Researchers find 36 new security flaws in LTE protocol, New Settings Let Hackers Easily Pentest Facebook and Instagram Mobile Apps, and how Researchers can get a free Tesla for spotting infotainment system bug! Sven Morgenroth from Netsparker joins us for expert commentary to discuss how Facebook stored hundreds of Millions of user passwords in plain text! To learn more about Netsparker, visit: https://securityweekly.com/netsparker Full Show Notes: https://wiki.securityweekly.com/HNNEpisode212 Visit http://hacknaked.tv to get all the latest episodes!

Zero-Days in Counter Strike client could be used to build a major botnet, huge aluminum plants hit by 'severe' ransomware attack, Myspace loses 50 million songs in server migration, wifi signals can reveal your password, and PuTTY in your hands: an SSH client gets patched after RSA key exchange memory vulnerability was spotted! Ralf Hund from VMRay joins us for expert commentary to discuss the Evolution of GandCrab! To learn more about VMRay, visit: https://securityweekly.com/vmray Full Show Notes: https://wiki.securityweekly.com/HNNEpisode211

Severe RCE vulnerability affected popular StackStorm Automation software, Crowdfense is willing to pay $3 Million for iOS and Android Zero-Days, Equifax neglected cyber security prior to breach, Google launches new Cloud Security services, and an unprotected MongoDB instance exposes 800 million emails! Jason Wood from Paladin Security joins us for expert commentary on how a researcher claims an Iranian APT is behind a 6TB Data Heist at Citrix! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode210 Visit http://hacknaked.tv to get all the latest episodes!

Google ditches passwords in latest Android devices, ICANN calls for wholesale DNSSEC deployment, Flaws in 4G and 5G allow snooping on calls, pinpointing device location, TurboTax Hit with credential stuffing attack, and much more! To GET A FREE 14-DAY TRIAL of Acunetix, visit: https://securityweekly.com/acunetix Full Show Notes: https://wiki.securityweekly.com/HNNEpisode209 Visit http://hacknaked.tv to get all the latest episodes!

This week, Google Paid Out $3.4 Million for Vulnerabilities Reported in 2018, Hackers Target WordPress Sites via WP Cost Estimation Plugin, Facebook paid $25,000 for CSRF exploit that leads to Account Takeover, and PoC Exploit Code for Recent Container Escape Flaw in runc Published Online! Jason Wood from Paladin Security joins us for expert commentary on ...! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode208 Visit http://hacknaked.tv to get all the latest episodes!

This week, your Lenovo X is watching you & sharing information, a client-side DNS attack emerges from academic research, a macOS vulnerability leaks safari data, hackers hit VFEmail & wipe US servers and backups, and a check-in system flaw puts major airlines at risk! Jason Wood from Paladin Security joins us for expert commentary on how Fraudsters are scamming teenage 'money mules' on Instagram and Snapchat! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode207 Visit http://hacknaked.tv to get all the latest episodes!

This week, RDP Servers Can Hack Client Devices, Roughly 500,000 Ubiquiti devices may be affected by a flaw already exploited in the wild, Crypto exchange in limbo after the founder dies with password, Home DNA kit company says its working with the FBI, Outlaw Shellbot infects Linux servers to mine for Monero, Apple's Siri Shortcuts feature vulnerable to abuse, researchers warn, Code Execution Flaw Found in LibreOffice and OpenOffice, Google's new Chrome extension warns you about stolen passwords, Mitigations against Mimikatz Style Attacks, and Google Patches Critical .PNG Image Bug. David Pearson from Awake Security joins us for the expert commentary on the recent news around Japan performing an IoT pentest on their public IPs! To learn more about Awake Security, visit: https://securityweekly.com/awake Full Show Notes: https://wiki.securityweekly.com/HNNEpisode206 Visit http://hacknaked.tv to get all the latest episodes!

This week, a tool that finds vulnerable robots on the internet, a new exploit that threatens over 9,000 Cisco Routers, apple turns of group FaceTime after an eavesdropping bug, wordpress sites under attack via Zero-Day in abandoned plugin, and OpenBMC caught with 'pantsdown' over a new security flaw! Jason Wood from Paladin Security joins us for expert commentary on Abusing Exchange: One API call away from Domain Admin! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode205 Visit http://hacknaked.tv to get all the latest episodes!

A flaw in MySQL could allow rogue servers to steal files, a state agency exposes 3TB of data including FBI info, how cybercriminals clean their dirty money, a critical RCE flaw in Linux APT allows remote attackers to hack systems, and how to protect against a new breed of cyber attack! Jason Wood from Paladin Security joins us for expert commentary on how Attackers used a LinkedIn job ad and Skype call to breach a bank's defense! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode204 Visit http://hacknaked.tv to get all the latest episodes!

US Government Shutdown leaves dozens of .Gov sites vulnerable, Firefox 69 to disable Adobe Flash, an Unpatched vCard flaw could leave your PCs open to attackers, Tesla's contest Pwn2Own could win you a Model 3, and how building site cranes are easier to hack than garage door openers! Jason Wood from Paladin Security joins us for expert commentary on how the Boston Hospital Attacker was sentenced to 10 years in prison! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode203 Visit http://hacknaked.tv to get all the latest episodes!