Shannon Morse

Threat Wire

Threat Wire

Description

Threat Wire by Hak5 is a quick weekly dose of news about security, privacy, and what is threatening the freedom of our Internet.

Categories

Technology

Episodes

Jailbreaking Teslas - ThreatWire

Feb 25, 2020 11:05

Description:

Ring Increases App Security, Rental cars and Teslas are being hacked, and MGM Resorts was hacked! All that coming up now on ThreatWire. #threatwire #hak5   Links: Support me on alternative platforms! https://snubsie.com/support   Shop ThreatWire Merch! - https://snubsie.com/shop   USE CODE “MOVING2020” for 25% OFF ANYTHING IN THE STORE! GOOD TIL 3/4/2020   https://www.youtube.com/shannonmorse --  subscribe to my new channel!   ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire    Links: Ring Makes 2FA Mandatory: https://blog.ring.com/2020/02/18/extra-layers-of-security-and-control/ https://thehackernews.com/2020/02/ring-cameras-cybersecurity.html https://www.zdnet.com/article/ring-to-enable-2fa-for-all-user-accounts-after-recent-hacks/ https://www.blog.google/products/google-nest/security-nest-accounts-safer-internet-day/ https://www.theverge.com/2020/2/11/21133264/google-nest-2fa-force-two-factor-authentication https://www.cnet.com/news/amazons-ring-to-tighten-privacy-after-accusations-it-shares-data-with-facebook/   Car Hacking: https://owner.ford.com/fordpass.html https://arstechnica.com/information-technology/2020/02/rental-car-agency-continues-to-give-remote-control-long-after-cars-are-returned/ https://krebsonsecurity.com/2020/02/when-your-used-car-is-a-little-too-mobile/ https://www.vice.com/en_us/article/y3mb3w/people-are-jailbreaking-used-teslas-to-get-the-features-they-expect https://jalopnik.com/tesla-remotely-removes-autopilot-features-from-customer-1841472617 https://www.scribd.com/document/425591536/TN-18-00-001-Unsupported-Vehicle-Policy   MGM Grand Breach https://threatpost.com/mgm-grand-breach-leaked-details-of-10-6-million-guests-last-summer/153054/ https://www.zdnet.com/article/exclusive-details-of-10-6-million-of-mgm-hotel-guests-posted-on-a-hacking-forum/       Photo credit: https://st.motortrend.com/uploads/sites/5/2017/07/Tesla-Model-3-lead-.jpg     -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ Our Site → https://www.hak5.org Shop →  https://www.hakshop.com Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1 Support → https://www.patreon.com/threatwire Contact Us → http://www.twitter.com/hak5 Threat Wire RSS → https://shannonmorse.podbean.com/feed/ Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999   Host: Shannon Morse → https://www.twitter.com/snubs Host: Darren Kitchen → https://www.twitter.com/hak5darren Host: Mubix → http://www.twitter.com/mubix -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Hacking Philips Hue Lights To Hack Whole Networks - ThreatWire

Feb 12, 2020 08:00

Description:

Four hackers have been charged for the equifax data breach, Philips Hues could be used to hack your network, and changing screen brightness to steal data! All that coming up now on ThreatWire. #threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support

Shop ThreatWire Merch! - https://snubsie.com/shop

USE CODE MOVING2020 FOR 25% OFF ALL ORDERS! VALID 2-11-20 THROUGH 3-4-2020

https://www.youtube.com/shannonmorse -- subscribe to my new channel!

ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire

Links:
https://www.justice.gov/opa/press-release/file/1246891/download
https://www.theverge.com/2020/2/10/21131362/doj-justice-barr-china-equifax-breach
https://www.cyberscoop.com/equifax-hack-china-pla-department-of-justice/
https://www.vice.com/en_us/article/dygdpy/doj-charges-china-with-hacking-equifax-thats-no-reason-to-forgive-equifax

https://blog.checkpoint.com/2020/02/05/the-dark-side-of-smart-lighting-check-point-research-shows-how-business-and-home-networks-can-be-hacked-from-a-lightbulb/
https://www.theverge.com/2020/2/5/21123491/philips-hue-bulb-hack-hub-firmware-patch-update
https://thehackernews.com/2020/02/philips-smart-light-bulb-hacking.html
https://www.theverge.com/2020/2/5/21124023/philips-hue-firmware-how-to-check-updates-network-vulnerability

https://thehackernews.com/2020/02/hacking-air-gapped-computers.html
https://cyber.bgu.ac.il/advanced-cyber/airgap
https://arxiv.org/pdf/2002.01078.pdf


Photo credit:
https://static.bhphoto.com/images/images2500x2500/1545213052_1446192.jpg


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Ring Android App Shares Data With Facebook - ThreatWire

Feb 4, 2020 10:47

Description:

The Wawa Breach Affects 30 Million, Avast Caught Selling User Data, Ring App Shares Data With Facebook ! All that coming up now on ThreatWire. #threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support

Shop ThreatWire Merch! - https://snubsie.com/shop

https://www.youtube.com/shannonmorse -- subscribe to my new channel!

ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire

Links:
https://thehackernews.com/2019/12/wawa-store-hacking.html
https://www.wawa.com/alerts/data-security
https://thehackernews.com/2020/01/wawa-credit-card-breach.html
https://s3.amazonaws.com/wawa-kentico-prod/wawa/media/misc/jan-28-2020-wawa-press-release-update-to-dec-19-data-security-announcement.pdf
https://threatpost.com/wawa-breach-30-million-customers/152328/
https://www.zdnet.com/article/wawa-card-breach-may-rank-as-one-of-the-biggest-of-all-times/
https://www.cisomag.com/wawa-faces-class-action-lawsuit-after-reporting-data-breach/

https://www.pcmag.com/news/mozilla-removes-avast-and-avg-firefox-extensions
https://www.pcmag.com/news/the-cost-of-avasts-free-antivirus-companies-can-spy-on-your-clicks
https://www.vice.com/en_us/article/qjdkq7/avast-antivirus-sells-user-browsing-data-investigation
https://www.theverge.com/2020/1/27/21083809/avast-avg-jumpshot-antivirus-data-tracking-all-clicks
https://twitter.com/RonWyden/status/1204494997560680450
https://blog.avast.com/a-message-from-ceo-ondrej-vlcek
https://www.pcmag.com/news/avast-to-end-browser-data-harvesting-terminates-jumpshot

https://www.eff.org/deeplinks/2020/01/ring-doorbell-app-packed-third-party-trackers
https://threatpost.com/ring-sharing-user-data-facebook-data-miners/152300/
https://www.zdnet.com/article/ring-app-for-android-full-to-the-brim-with-third-party-trackers-report/

Photo credit:
https://cdn.pocket-lint.com/r/s/1200x630/assets/images/142320-smart-home-review-ring-video-doorbell-2-image1-uar8mu7stn.jpg

 


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Honeypot ICS Network Tricks CyberCriminals - ThreatWire

Jan 28, 2020 10:03

Description:

Microsoft has a security blunder, a honeypot network tricks cybercriminals, and Jeff Bezos’ phone was hacked! All that coming up now on ThreatWire. #threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support

Shop ThreatWire Merch! - https://snubsie.com/shop

https://www.youtube.com/shannonmorse -- subscribe to my new channel!

ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire

Links:

Microsoft’s Security Blunder via Joel:
https://msrc-blog.microsoft.com/2020/01/22/access-misconfiguration-for-customer-support-database/
https://www.engadget.com/2020/01/22/microsoft-database-exposure/
https://www.zdnet.com/article/microsoft-discloses-security-breach-of-customer-support-database/
https://www.cnet.com/news/microsoft-fixes-error-that-exposed-customer-database/
https://thehackernews.com/2020/01/microsoft-customer-support.html

Mock ICS:
https://documents.trendmicro.com/assets/white_papers/wp-caught-in-the-act-running-a-realistic-factory-honeypot-to-capture-real-threats.pdf
https://www.cyberscoop.com/trend-micro-honeypot-ransomware-factory-s4/
https://www.zdnet.com/article/ransomware-snooping-and-attempted-shutdowns-the-state-of-this-honeypot-shows-what-hackers-do-to-systems-left-unprotected-online/
https://threatpost.com/fake-smart-factory-honeypot-highlights-new-attack-threats/152170/

Bezos:
https://www.theguardian.com/technology/2020/jan/21/amazon-boss-jeff-bezoss-phone-hacked-by-saudi-crown-prince
https://arstechnica.com/information-technology/2020/01/report-bezos-phone-uploaded-gbs-of-personal-data-after-getting-saudi-princes-whatsapp-message/
https://www.theverge.com/2020/1/21/21075968/amazon-jeff-bezos-hacked-saudi-arabia-crown-prince-whatsapp-message
https://www.cnet.com/news/in-bezos-phone-hack-un-wants-answers-on-saudi-princes-alleged-role/
https://www.wyden.senate.gov/imo/media/doc/012220%20Wyden%20Jeff%20Bezos%20Saudi%20Hacking%20Letter.pdf
https://www.vice.com/en_us/article/v74v34/saudi-arabia-hacked-jeff-bezos-phone-technical-report
https://assets.documentcloud.org/documents/6668313/FTI-Report-into-Jeff-Bezos-Phone-Hack.pdf
https://www.cyberscoop.com/jeff-bezos-mbs-hack-fti-report-questions/


Photo credit:
https://pxhere.com/en/photo/186658


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Citrix Patches Major Vulnerability; Windows Patches NSA Reported Bug - ThreatWire

Jan 21, 2020 09:51

Description:

A critical flaw in Citrix is finally patched, the NSA reports a major windows bug, and half a million usernames and passwords were leaked! All that coming up now on ThreatWire. #threatwire #hak5

I'm Moving!! https://twitter.com/Snubs/status/1218286909966909445

Support me on alternative platforms! https://snubsie.com/support

Shop ThreatWire Merch! - https://snubsie.com/shop

https://www.youtube.com/shannonmorse -- subscribe to my new channel!

ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire

Links:
Citrix:
https://www.cyberscoop.com/citrix-adc-vulnerability-positive-technologies/
https://support.citrix.com/article/CTX267027
https://www.cyberscoop.com/citrix-vulnerability-patch-exploit/
https://thehackernews.com/2020/01/citrix-adc-gateway-exploit.html
https://github.com/trustedsec/cve-2019-19781
https://github.com/projectzeroindia/CVE-2019-19781
https://arstechnica.com/information-technology/2020/01/unpatched-citrix-vulnerability-now-exploited-patch-weeks-away/
https://www.us-cert.gov/ncas/current-activity/2020/01/13/cisa-releases-test-citrix-adc-and-gateway-vulnerability
https://www.zdnet.com/article/a-hacker-is-patching-citrix-servers-to-maintain-exclusive-access/
https://www.fireeye.com/blog/threat-research/2020/01/vigilante-deploying-mitigation-for-citrix-netscaler-vulnerability-while-maintaining-backdoor.html
https://support.citrix.com/article/CTX267027

NSA Windows:
https://media.defense.gov/2020/Jan/14/2002234275/-1/-1/0/CSA-WINDOWS-10-CRYPT-LIB-20190114.PDF
https://thehackernews.com/2020/01/warning-quickly-patch-new-critical.html
https://www.cnet.com/news/major-windows-10-security-flaw-reported-nsa-same-day-windows-7-support-ended/
https://www.cyberscoop.com/windows-10-vulnerability-nsa-public-disclosure/
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601
https://arstechnica.com/information-technology/2020/01/researcher-develops-working-exploit-for-critical-windows-10-vulnerability/
https://github.com/ollypwn/cve-2020-0601
https://threatpost.com/poc-exploits-published-for-microsoft-crypto-bug/151931/
https://threatpost.com/microsoft-patches-crypto-bug/151842/

Via EmeryLee
PW Leak:
https://www.zdnet.com/article/hacker-leaks-passwords-for-more-than-500000-servers-routers-and-iot-devices/

 

Photo credit:
https://live.staticflickr.com/3894/15207079997_ce6972329a_b.jpg


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

SHA-1 Is Terrible, Cable Modems Haunted By Flaw, SIM Swapping Gets Worse - ThreatWire

Jan 14, 2020 10:11

Description:

A major vulnerability affects modems, SIM swapping is still a huge threat, and SHA1 Still Sucks! All that coming up now on ThreatWire. #threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support

Shop ThreatWire Merch! - https://snubsie.com/shop

https://www.youtube.com/shannonmorse -- subscribe to my new channel!

ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire

Links:
Cable Haunt:
https://threatpost.com/cable-haunt-remote-code-execution/151756/
https://www.zdnet.com/article/hundreds-of-millions-of-cable-modems-are-vulnerable-to-new-cable-haunt-vulnerability/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19494
https://cablehaunt.com/
https://github.com/Lyrebirds/sagemcom-fast-3890-exploit

SIM Swapping:
https://www.zdnet.com/article/academic-research-finds-five-us-telcos-vulnerable-to-sim-swapping-attacks/
https://www.issms2fasecure.com/assets/sim_swaps-01-10-2020.pdf
https://www.issms2fasecure.com/dataset
https://www.vice.com/en_us/article/5dmbjx/how-hackers-are-breaking-into-att-tmobile-sprint-to-sim-swap-yeh
https://www.vice.com/en_us/article/k7e8xx/sim-swapping-indictments-pile-up-as-congress-begs-the-fcc-to-do-more

SHA1:
https://en.wikipedia.org/wiki/SHA-1
https://arstechnica.com/information-technology/2020/01/pgp-keys-software-security-and-much-more-threatened-by-new-sha1-exploit/
https://eprint.iacr.org/2020/014.pdf


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

The Biggest Hacks of the Decade - 2010 to 2019 - ThreatWire

Dec 31, 2019 10:20

Description:

The biggest hacks of this decade! Coming up now on ThreatWire. #threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support

https://www.youtube.com/shannonmorse -- subscribe to my new channel!

ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire

Shop ThreatWire Merch!
https://snubsie.com/shop

Links:
Target: https://www.nbcnews.com/business/business-news/target-settles-2013-hacked-customer-data-breach-18-5-million-n764031
Ebay: https://www.washingtonpost.com/news/the-switch/wp/2014/05/21/ebay-asks-145-million-users-to-change-passwords-after-data-breach/
Marriott: https://www.cnn.com/2018/11/30/tech/marriott-hotels-hacked/index.html
Prism: https://www.theverge.com/2013/7/17/4517480/nsa-spying-prism-surveillance-cheat-sheet
Facebook: https://www.cnn.com/2019/04/03/tech/facebook-records-exposed-amazon/index.html and https://www.businessinsider.com/facebook-ftc-record-penalty-mark-zuckerberg-2019-5
Capital One: https://www.nytimes.com/2019/07/29/business/capital-one-data-breach-hacked.html
AdultFriendFinder: https://www.csoonline.com/article/3139311/412-million-friendfinder-accounts-exposed-by-hackers.html
Equifax: https://money.cnn.com/2017/09/07/technology/business/equifax-data-breach/index.html?iid=EL
First American Financial Corp: https://krebsonsecurity.com/2019/05/first-american-financial-corp-leaked-hundreds-of-millions-of-title-insurance-records/
Yahoo!: https://money.cnn.com/2017/10/03/technology/business/yahoo-breach-3-billion-accounts/index.html

 

Photo credit:
https://storage.needpix.com/rsynced_images/happy-new-year-1063797_1280.jpg

 

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

10 Biggest Hacks of 2019 - ThreatWire

Dec 24, 2019 09:15

Description:

The top 10 biggest hacks of 2019! Coming up now on ThreatWire. #threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support

https://www.youtube.com/shannonmorse -- subscribe to my new channel!

ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire

Shop ThreatWire Merch!
https://snubsie.com/shop

Links:
https://www.zdnet.com/article/adobe-left-7-5-million-creative-cloud-user-records-exposed-online/
https://techcrunch.com/2019/08/31/china-google-iphone-uyghur/
https://www.zdnet.com/article/australian-tech-unicorn-canva-suffers-security-breach/
https://www.bloomberg.com/news/articles/2019-06-17/american-medical-collection-agency-parent-files-for-bankruptcy
https://www.upguard.com/breaches/facebook-user-data-leak
https://www.dailymail.co.uk/sciencetech/article-6864029/Biggest-breach-recorded-982-MILLION-peoples-personal-information-exposed.html
https://www.troyhunt.com/the-773-million-record-collection-1-data-reach/
https://www.theregister.co.uk/2019/02/11/620_million_hacked_accounts_dark_web/
https://www.nytimes.com/2019/07/29/business/capital-one-data-breach-hacked.html
https://krebsonsecurity.com/2019/05/first-american-financial-corp-leaked-hundreds-of-millions-of-title-insurance-records/

Photo credit:
https://storage.needpix.com/rsynced_images/fireworks-1924627_1280.jpg


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Intel CPUs Attacked by Plundervolt - ThreatWire

Dec 17, 2019 09:58

Description:

Hackers are targeting fuel pump card processors, Plundervolt charges towards Intel CPUs, and Amazon security cameras come with security woes! All that coming up now on ThreatWire. #threatwire #hak5


Links:
Support me on alternative platforms! https://snubsie.com/support

https://www.youtube.com/shannonmorse -- subscribe to my new channel!

ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire

NEW!!! Shop ThreatWire Merch!
https://snubsie.com/shop

Links:
FIN8 Fuel Pumps:
https://threatpost.com/fin8-targets-card-data-fuel-pumps/151105/
https://www.zdnet.com/article/visa-warns-of-pos-malware-incidents-at-gas-pumps-across-north-america/
https://www.documentcloud.org/documents/6575126-Visa-Security-Alert-CYBERCRIME-GROUPS-TARGETING.html

PlunderVolt:
https://plundervolt.com/
https://threatpost.com/intel-cpus-plundervolt-attack/151006/
https://arstechnica.com/information-technology/2019/12/scientists-pluck-crypto-keys-from-intels-sgx-by-tweaking-cpu-voltage/
https://www.zdnet.com/article/new-plundervolt-attack-impacts-intel-cpus/
https://github.com/KitMurdock/plundervolt

Amazon Cameras:
https://www.cnet.com/news/set-up-two-factor-authentication-to-keep-your-ring-camera-from-getting-hacked/
https://www.vice.com/en_us/article/3a88k5/how-hackers-are-breaking-into-ring-cameras
https://www.vice.com/en_us/article/z3bbq4/podcast-livestreams-hacked-ring-cameras-nulledcast
https://threatpost.com/amazon-blink-smart-camera-flaws/150962/
https://www.cyberscoop.com/blink-amazon-camera-tenable-iot-flaws/

Photo credit:
https://cdn.pixabay.com/photo/2017/08/09/15/03/pirate-flag-2614801_960_720.jpg

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Hijacking VPNs on Linux Distros - ThreatWire

Dec 11, 2019 10:22

Description:

Apple iphones need location data for file sharing, VPN hijacking on Linux distros could be a thing, and new mac malware is suspected of stealing cryptocurrency! All that coming up now on ThreatWire. #threatwire #hak5

Links:

Support me on alternative platforms! https://snubsie.com/support

https://www.youtube.com/shannonmorse -- subscribe to my new channel!

ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire

Shop ThreatWire Merch!
https://snubsie.com/shop

Special Thanks to Mr. Twinkle Twinkie for designing the ThreatWire Totem Board! https://twitter.com/mrtwinkletwink

Links:
https://krebsonsecurity.com/2019/12/the-iphone-11-pros-location-data-puzzler/
https://www.cnet.com/news/iphone-11-pro-discovered-to-still-seek-user-location-data-despite-settings/
https://www.cnet.com/news/apple-iphone-feature-needs-your-location-even-when-you-dont-share-it/
https://discussions.apple.com/thread/250665845
https://krebsonsecurity.com/2019/12/apple-explains-mysterious-iphone-11-location-requests/
https://techcrunch.com/2019/12/05/apple-ultra-wideband-newer-iphones-location/
https://www.theverge.com/2019/12/5/20997338/apple-ultra-wideband-u1-chip-iphone-11-pro-location-data-request-privacy-issue

https://seclists.org/oss-sec/2019/q4/122
https://www.zdnet.com/article/new-vulnerability-lets-attackers-sniff-or-hijack-vpn-connections/
https://threatpost.com/linux-bug-vpns-hijacking/150891/
https://thehackernews.com/2019/12/linux-vpn-hacking.html

https://objective-see.com/blog/blog_0x51.html
https://arstechnica.com/information-technology/2019/12/north-koreas-lazarus-hackers-up-their-game-with-fileless-mac-malware/

Photo credit:
https://www.firstcomputerspatna.com/wp-content/uploads/2018/09/unix.jpg
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

StrandHogg Gets an Android StrongHold - ThreatWire

Dec 3, 2019 11:01

Description:

MixCloud got hacked, a bulk SMS messaging service got hacked, and Androids are vulnerable to a new flaw! All that coming up now on ThreatWire. #threatwire #hak5

Support me on alternative platforms! https://snubsie.com/support

https://www.youtube.com/shannonmorse -- subscribe to my new channel!

ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire

Shop ThreatWire Merch!
https://snubsie.com/shop

Special Thanks to Mr. Twinkle Twinkie for designing the ThreatWire Totem Board! https://twitter.com/mrtwinkletwink

Links:
Mixcloud data breach:
https://www.vice.com/en_us/article/7x5g4q/mixcloud-investigating-data-breach-allegedly-impacting-21-million-users
https://www.zdnet.com/article/data-of-21-million-mixcloud-users-put-up-for-sale-on-the-dark-web/
https://blog.mixcloud.com/2019/11/30/mixcloud-security-notice/

Android vuln:
https://thehackernews.com/2019/12/strandhogg-android-vulnerability.html
https://www.zdnet.com/article/android-new-strandhogg-vulnerability-is-being-exploited-in-the-wild/
https://promon.co/security-news/strandhogg/
https://www.androidcookbook.info/android-1-6-sdk/the-allowtaskreparenting-attribute.html

TrueDialog Database:
https://threatpost.com/insecure-database-exposes-millions-of-private-sms-messages/150706/
https://www.vpnmentor.com/blog/report-truedialog-leak/?=truedialog-exposed-data

Photo credit:
StrandHogg
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Android Pixel, Samsung Cameras Vulnerable to Hijacking! - ThreatWire

Nov 26, 2019 09:31

Description:

T-Mobile and OnePlus both suffer data breaches, and android cameras can be hijacked! All that coming up now on ThreatWire. #threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support

https://www.youtube.com/shannonmorse -- subscribe to my new channel!

ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire

Links:
https://www.oneplus.com/uk/support/faq22119102
https://forums.oneplus.com/threads/security-notification.1144088/
https://www.cyberscoop.com/oneplus-breach-phone-hack/
https://www.zdnet.com/article/smartphone-maker-oneplus-discloses-data-breach/
https://www.zdnet.com/article/oneplus-confirms-hack-exposed-credit-cards-of-phone-buyers/
https://thehackernews.com/2019/11/oneplus-store-data-breach.html

https://www.checkmarx.com/blog/how-attackers-could-hijack-your-android-camera
https://www.cyberscoop.com/voice-assistant-flaws-checkmarx-google-assistant-samsung-bixby/
https://www.zdnet.com/article/android-vulnerability-lets-rogue-apps-take-photos-record-video-even-if-your-phone-is-locked/
https://threatpost.com/google-android-camera-hijack-hack/150409/
https://arstechnica.com/information-technology/2019/11/google-samsung-fix-android-spying-flaw-other-makers-may-still-be-vulnerable/
https://thehackernews.com/2019/11/android-camera-hacking.html

https://www.t-mobile.com/customers/6305378822
https://thehackernews.com/2019/11/t-mobile-prepaid-data-breach.html
https://www.zdnet.com/article/t-mobile-discloses-security-breach-impacting-prepaid-customers/
https://techcrunch.com/2019/11/22/more-than-1-million-t-mobile-customers-exposed-by-breach/
https://www.cnet.com/news/t-mobile-customers-personal-information-exposed-in-hack/


Photo credit:
https://live.staticflickr.com/5617/30120254046_2fa846e859_b.jpg

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Google Gets Access to Medical Data - ThreatWire

Nov 19, 2019 10:08

Description:

Border searches are deemed unconstitutional, Microsoft promises privacy under a new California law, Google sweeps up tons of medical data! All that coming up now on ThreatWire. #threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support

https://www.youtube.com/shannonmorse -- subscribe to my new channel!

ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire

Links:
https://www.zdnet.com/article/thousands-of-hacked-disney-accounts-are-already-for-sale-on-hacking-forums/
https://twitter.com/Snubs/status/1196525111794225152
https://www.zdnet.com/article/attackers-using-whatsapp-vulnerability-triggered-by-video-files-can-remotely-execute-code/

Border Searches Deemed Unconstitutional
https://www.eff.org/document/alasaad-v-nielsen-summary-judgment-order
https://www.eff.org/press/releases/federal-court-rules-suspicionless-searches-travelers-phones-and-laptops
https://www.cnet.com/news/us-border-search-of-suspicionless-travelers-devices-is-unconstitutional-court-finds/
https://www.zdnet.com/article/clampdown-on-us-border-device-searches-not-such-a-big-deal/
https://www.zdnet.com/article/us-court-rules-travellers-phones-and-laptops-cannot-be-searched-without-reasonable-suspicion/
https://www.theverge.com/2019/11/12/20961727/border-officials-court-ruling-aclu-laptop-phone-searches

CA Law Sweeps Across US
https://threatpost.com/ccpas-domino-effect-us-privacy-regulation/150246/
https://blogs.microsoft.com/on-the-issues/2019/11/11/microsoft-california-privacy-rights/
https://www.theverge.com/2019/11/11/20960113/microsoft-ccpa-privacy-law-california-congress-regulation
https://www.cnet.com/news/microsoft-to-employ-californias-digital-privacy-law-nationwide/
https://www.cyberscoop.com/microsoft-ccpa-california-privacy/

Google + medical:
https://www.wsj.com/articles/google-s-secret-project-nightingale-gathers-personal-health-data-on-millions-of-americans-11573496790?shareToken=st98ed7303aedb45d281bc0bda02eb90b4
https://arstechnica.com/science/2019/11/would-you-trust-google-with-your-medical-records-it-might-already-have-them/
https://threatpost.com/googles-plan-to-crunch-health-data-on-millions-of-patients-draws-fire/150172/
https://arstechnica.com/tech-policy/2019/11/google-you-can-trust-us-with-the-medical-data-you-didnt-know-we-already-had/
https://cloud.google.com/blog/topics/inside-google-cloud/our-partnership-with-ascension
https://www.zdnet.com/article/googles-plan-to-collect-health-data-on-millions-of-americans-faces-federal-inquiry/
https://www.wsj.com/articles/behind-googles-project-nightingale-a-health-data-gold-mine-of-50-million-patients-11573571867


Photo credit:
https://cdn.pixabay.com/photo/2018/03/21/11/34/eye-3246419_960_720.jpg


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Hacking Smart Speakers With Lasers - ThreatWire

Nov 13, 2019 09:21

Description:

Ring doorbells were leaking customer wifi credentials, Apple has a plaintext email problem, and hacking IoT devices with lasers! All that coming up now on ThreatWire.
#threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support

https://www.youtube.com/shannonmorse -- subscribe to my new channel!

ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire

Links:
Ring doorbell:
https://www.bitdefender.com/files/News/CaseStudies/study/294/Bitdefender-WhitePaper-RDoor-CREA3949-en-EN-GenericUse.pdf
https://thehackernews.com/2019/11/ring-doorbell-wifi-password.html
https://arstechnica.com/information-technology/2019/11/ring-patches-total-lack-of-password-security-during-setup/
https://threatpost.com/amazon-fixes-ring-video-doorbell-flaw-that-leaked-wi-fi-credentials/150029/
https://www.zdnet.com/article/amazon-fixes-ring-video-doorbell-wi-fi-security-vulnerability/
https://www.cyberscoop.com/ring-doorbell-wi-fi-flaw/

MacOS Email:
https://medium.com/@boberito/apple-mail-stores-encrypted-emails-in-plain-text-database-fix-included-3c2369ce26d4
https://threatpost.com/encrypted-emails-on-macos-found-stored-in-unprotected-way/150065/
https://www.zdnet.com/article/apple-mail-on-macos-leaves-parts-of-encrypted-emails-in-plaintext/
https://www.cyberscoop.com/apple-mail-vulnerability-encryption-macos/
https://www.theverge.com/2019/11/8/20954130/apple-mail-encrypted-unencrypted-email-macos-siri-text

Lasers:
https://lightcommands.com/20191104-Light-Commands.pdf
https://www.cnet.com/news/lasers-can-seemingly-hack-alexa-google-home-and-siri/
https://thehackernews.com/2019/11/hacking-voice-assistant-laser.html
https://www.vice.com/en_us/article/3kxwvy/alexa-siri-and-google-assistant-can-be-hacked-remotely-with-lasers


Photo credit:
https://i.imgur.com/a164sdY.jpg

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

BlueKeep Attacks Surfacing; Persistent Malware on Android - ThreatWire

Nov 5, 2019 09:01

Description:

A hacking group was actively stealing SMS messages, BlueKeep updates, and persistent malware hits android users! All that coming up now on ThreatWire.
#threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support

https://www.youtube.com/shannonmorse -- subscribe to my new channel!

ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire

Links:
Hacking Telecom
https://thehackernews.com/2019/10/sms-spying-malware.html
https://arstechnica.com/information-technology/2019/10/researchers-unearth-malware-that-siphoned-sms-texts-out-of-telcos-network/
https://threatpost.com/china-hackers-spy-texts-messagetap-malware/149761/
https://www.zdnet.com/article/chinese-hackers-developed-malware-to-steal-sms-messages-from-telcos-network/
https://www.cyberscoop.com/chinese-hacking-group-breached-telecom-monitor-targets-texts-phone-metadata/
https://content.fireeye.com/apt-41/rpt-apt41/

BlueKeep
https://www.wired.com/story/microsoft-bluekeep-patched-too-slow/
https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
https://www.zdnet.com/article/bluekeep-attacks-are-happening-but-its-not-a-worm/
https://thehackernews.com/2019/11/bluekeep-rdp-vulnerability.html
https://www.wired.com/story/bluekeep-hacking-cryptocurrency-mining/

Patreon choice: 45k Androids infected w/ malware
https://www.symantec.com/blogs/threat-intelligence/xhelper-android-malware
https://blog.malwarebytes.com/android/2019/08/mobile-menace-monday-android-trojan-raises-xhelper/
https://thehackernews.com/2019/10/remove-xhelper-android-malware.html
https://threatpost.com/android-malware-45k-devices-mystery/149654/

Photo credit:
https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/weaponized-bluekeep-exploit-released-showcase_image-1-a-13051.jpg


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Adobe Creative Cloud Exposes Data for 7 Million+ Users - ThreatWire

Oct 29, 2019 06:55

Description:

Should Amazon be blamed for the capital one data breach? Adobe Creative Cloud Users Data was Exposed, And a remote code execution attack is being used in the wild! All that coming up now on ThreatWire.
#threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support

https://www.youtube.com/shannonmorse -- subscribe to my new channel!

ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire

Links:
Chosen by patrons AWS Capital One Breach:
https://www.cyberscoop.com/warren-wyden-aws-capital-one-breach/
https://www.cnet.com/news/warren-and-wyden-call-for-ftc-investigation-on-amazon-over-capital-one-breach/

Adobe:
https://www.comparitech.com/blog/information-security/7-million-adobe-creative-cloud-accounts-exposed-to-the-public/
https://theblog.adobe.com/security-update/
https://threatpost.com/adobe-creative-cloud-users-exposed-hackers/149563/
https://thehackernews.com/2019/10/adobe-database-leaked.html

PHP Flaw:
https://thehackernews.com/2019/10/nginx-php-fpm-hacking.html
https://github.com/neex/phuip-fpizdam
https://www.zdnet.com/article/nasty-php7-remote-code-execution-bug-exploited-in-the-wild/


Photo credit:
https://blogs.adobe.com/creativecloud/files/2012/05/CC-image.jpeg


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

NordVPN Was Hacked, Google Pixel 4 Face Unlock to Receive Update - ThreatWire

Oct 22, 2019 09:49

Description:

Smartphone biometrics have flaws, Wyden wants tech companies to mind their own business, and NordVPN had a data breach! All that coming up now on ThreatWire.
#threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support

https://www.youtube.com/shannonmorse -- subscribe to my new channel!

ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire

Links:
https://news.samsung.com/global/statement-on-fingerprint-recognition-issue
https://www.thesun.co.uk/tech/10127908/samsung-galaxy-s10-screen-protector-ebay/
https://www.vice.com/en_us/article/59nqdb/samsung-galaxy-s10-vault-like-security-beaten-by-a-dollar3-screen-protector
https://www.reuters.com/article/us-samsung-elec-smartphone/samsung-to-patch-galaxy-s10-fingerprint-problem-idUSKBN1WW0Q5
https://www.cnet.com/news/samsung-promises-to-fix-galaxy-s10-fingerprint-unlock-bug/
https://www.zdnet.com/article/google-pixel-4s-face-unlock-works-even-if-you-have-your-eyes-closed/
https://www.cnet.com/news/pixel-4-face-unlock-works-even-when-your-eyes-are-closed-unconscious-dead-google-patch-months-away/
https://www.zdnet.com/article/facial-recognition-doesnt-work-as-intended-on-42-of-110-tested-smartphones/
https://www.zdnet.com/article/google-to-roll-out-update-in-the-coming-months-to-fix-pixel-4-face-unlock-bypass/
https://www.theverge.com/2019/10/20/20924143/google-pixel-4-face-unlock-eyes-security-update-coming-months
https://www.cyberscoop.com/samsung-fingerprint-flaw-google-pixel-biometric-security/

https://www.theverge.com/2019/10/17/20917988/ron-wyden-facebook-privacy-data-regulation-do-not-track
https://www.zdnet.com/article/us-senator-introduces-privacy-bill-that-would-jail-ceos-for-user-privacy-violations/
https://threatpost.com/execs-jail-time-privacy-violations/149334/
https://www.cnet.com/news/senator-proposes-data-privacy-bill-with-serious-punishments/

https://nordvpn.com/blog/official-response-datacenter-breach/
https://www.zdnet.com/article/nordvpn-confirms-data-center-breach/
https://techcrunch.com/2019/10/21/nordvpn-confirms-it-was-hacked/
https://www.cnet.com/news/popular-vpn-service-nordvpn-confirms-datacenter-breach/

 

Photo credit:
Google

 

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Android Zero Day Actively Exploited In the Wild! - ThreatWire

Oct 8, 2019 10:20

Description:

Governments want Facebook to delay further encryption, Signal fixes a snooping exploit, and An Android Zero Day is being used in the wild! All that coming up now on ThreatWire.
#threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support

https://www.youtube.com/shannonmorse -- subscribe to my new channel!

ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire

Links:
https://www.buzzfeednews.com/article/ryanmac/bill-barr-facebook-letter-halt-encryption
https://www.facebook.com/notes/mark-zuckerberg/a-privacy-focused-vision-for-social-networking/10156700570096634/
https://www.cnet.com/news/the-uss-renewed-calls-for-backdoor-access-to-encryption-has-all-the-same-flaws/
https://www.cyberscoop.com/facebook-encryption-william-barr-letter/
https://threatpost.com/ag-barr-facebook-dont-encrypt-messaging/148913/
https://www.cnet.com/news/governments-call-on-facebook-to-pause-encryption-efforts/

https://www.zdnet.com/article/signal-fixes-facetime-like-eavesdropping-bug/
https://bugs.chromium.org/p/project-zero/issues/detail?id=1943
https://www.vice.com/en_us/article/3kx7n8/signal-bug-could-have-let-hackers-listen-to-android-users-via-microphone
https://thehackernews.com/2019/10/signal-messenger-bug.html

https://bugs.chromium.org/p/project-zero/issues/detail?id=1942
https://www.zdnet.com/article/google-finds-android-zero-day-impacting-pixel-samsung-huawei-xiaomi-devices/
https://thehackernews.com/2019/10/android-kernel-vulnerability.html
https://threatpost.com/google-warns-of-zero-day/148924/
https://www.cnet.com/news/android-exploit-leaves-some-pixel-galaxy-phones-vulnerable-to-hacks/
https://arstechnica.com/information-technology/2019/10/attackers-exploit-0day-vulnerability-that-gives-full-control-of-android-phones/

 

Photo credit:
https://i.gadgets360cdn.com/large/google_android_reuters_1557489952979.JPG?output-quality=80

 

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Jailbreak Your iPhone! DoorDash Gets Hacked, and an Update to SIM Jacker - ThreatWire

Oct 1, 2019 08:57

Description:

DoorDash is hacked, you can now permanently jailbreak your iphone, and an update on SIM Card vulnerabilities (yes, there’s more than one!)! All that coming up now on ThreatWire.
#threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support

*** FREE Texas Cyber Summit Ticket! ***
https://twitter.com/Snubs/status/1175559698772185088

https://www.youtube.com/shannonmorse -- subscribe to my new channel!

ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire

Links:

DoorDash:

https://blog.doordash.com/important-security-notice-about-your-doordash-account-ddd90ddf5996
https://www.zdnet.com/article/personal-info-on-nearly-5m-doordash-users-merchants-drivers-exposed/
https://www.vice.com/en_us/article/pa97g7/xnore-copy9-stalkerware-data-breach-thousands-victims
https://arstechnica.com/information-technology/2019/09/doordash-hack-spills-loads-of-data-for-4-9-million-people/
https://www.businessinsider.com/doordash-data-breach-hack-how-to-check-if-youre-affected-2019-9

iPhone Jailbreak:

https://twitter.com/axi0mX/status/1177542201670168576
https://arstechnica.com/information-technology/2019/09/unpatchable-bug-in-millions-of-ios-devices-exploited-developer-claims/
https://threatpost.com/ios-exploit-checkm8-could-allow-permanent-iphone-jailbreaks/148762/
https://www.wired.com/story/ios-exploit-jailbreak-iphone-ipad/
https://github.com/axi0mX/ipwndfu

Simjacker:

https://www.vice.com/en_us/article/qvgzqw/researchers-think-they-know-how-many-phones-are-vulnerable-to-simjacker-attacks
https://srlabs.de/bites/sim_attacks_demystified/
https://thehackernews.com/2019/09/dynamic-sim-toolkit-vulnerability.html
https://www.zdnet.com/article/new-sim-card-attack-disclosed-similar-to-simjacker/

 

Photo credit:
https://www.phonedog.com/sites/phonedog.com/files/styles/blog_entry/public/iphonexhandsonangle_1.jpg?itok=m2qX9CbA


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

“Hey, Google!” Gets Increased Privacy Amid Backlash - ThreatWire

Sep 24, 2019 09:02

Description:

Google Assistant gets new audio privacy updates, cookie stuffing ad blockers get caught, and Click2Gov is hacked… again! All that coming up now on ThreatWire. #threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support

https://www.youtube.com/shannonmorse -- subscribe to my new channel!

ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire

Links:
Google Assistant Privacy updates
https://www.blog.google/products/assistant/doing-more-protect-your-privacy-assistant/
https://www.wired.com/story/google-assistant-human-transcription-privacy/
https://www.theverge.com/2019/9/23/20878710/google-assistant-audio-recording-policy-hotword-human-review
https://threatpost.com/google-assistant-audio-privacy-controls-updated-after-outcry/148563/
https://www.zdnet.com/article/google-revamps-privacy-policy-to-give-users-more-control-over-assistant-voice-recordings/


AdBlockers Caught in Ad Fraud Scheme
https://www.zdnet.com/article/google-removes-two-chrome-ad-blocker-extensions-caught-cookie-stuffing/
https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm
https://chrome.google.com/webstore/search/adblock
https://thehackernews.com/2019/09/browser-chrome-extension-adblock.html
https://adguard.com/en/blog/fake-ad-blockers-part-2.html
https://www.eff.org/deeplinks/2019/07/googles-plans-chrome-extensions-wont-really-help-security


Click2Gov hacked
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
https://geminiadvisory.io/second-wave-of-click2gov-breaches-hits-united-states/
https://threatpost.com/payment-card-breach-hits-8-cities-using-vulnerable-bill-portal/148521/
https://www.zdnet.com/article/two-years-later-hackers-are-still-breaching-local-government-payment-portals/
https://www.databreaches.net/eight-cities-impacted-in-second-wave-of-click2gov-breaches-gemini-advisory/

 


Photo credit:
https://www.pexels.com/photo/round-grey-speaker-on-brown-board-1072851/

 

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

SIM Jacking Can Steal Device Data - ThreatWire

Sep 17, 2019 09:03

Description:

A vpn for firefox users, SIM Jacking can steal device data, and DNS over HTTPS will go live in October! All that coming up now on ThreatWire. #threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support

https://www.youtube.com/shannonmorse -- subscribe to my new channel!

ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire

Links:

https://blog.mozilla.org/blog/2019/09/03/todays-firefox-blocks-third-party-tracking-cookies-and-cryptomining-by-default/
https://www.theverge.com/2019/9/3/20848629/firefox-69-block-third-party-tracker-default-enhanced-tracking-protection-android-windows-mac-os
https://private-network.firefox.com
https://thehackernews.com/2019/09/firefox-privacy-vpn-service.html
https://www.cnet.com/news/mozilla-tests-firefox-vpn-service-to-help-protect-your-privacy/
https://www.theverge.com/2019/9/11/20861381/firefox-testing-vpn-mozilla-private-network-test-pilot-program

https://simjacker.com
https://thehackernews.com/2019/09/simjacker-mobile-hacking.html
https://threatpost.com/1b-mobile-users-vulnerable-to-ongoing-simjacker-surveillance-attack/148277/
https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
https://www.cyberscoop.com/simjacker-mobile-phone-vulnerability/

https://blog.chromium.org/2019/09/experimenting-with-same-provider-dns.html
https://www.chromium.org/developers/dns-over-https
https://thehackernews.com/2019/09/chrome-dns-over-https.html
https://www.zdnet.com/article/google-to-run-dns-over-https-doh-experiment-in-chrome/


Photo credit:
https://zdnet1.cbsistatic.com/hub/i/r/2019/09/12/729cfdfd-7784-460e-a37e-054d376095a0/resize/1200x675/999c5c4ca4cbb71f31e78bf628943f67/simjacker-attack.png

 


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Website Visitors Pwned for Years; Google Expands Bug Bounty - ThreatWire

Sep 3, 2019 09:09

Description:

Ransomware targets dental data backups, malicious websites were hacking iphones for years, and Google expands their android app bug bounty program! All that coming up now on ThreatWire. #threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support

https://www.youtube.com/shannonmorse -- subscribe to my new channel!

ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire

Links:

Dental ransomware:
https://thehackernews.com/2019/08/dds-safe-dental-ransomware-attack.html
https://www.dentalrecord.com/assets/images/UpdateDDSSafe7.pdf
https://www.facebook.com/pg/percsoft/posts/?ref=page_internal
https://krebsonsecurity.com/2019/08/ransomware-bites-dental-data-backup-firm/
https://www.zdnet.com/article/ransomware-hits-hundreds-of-dentist-offices-in-the-us/


Huge iPhone hack:
https://googleprojectzero.blogspot.com/2019/08/a-very-deep-dive-into-ios-exploit.html
https://www.forbes.com/sites/thomasbrewster/2019/09/01/iphone-hackers-caught-by-google-also-targeted-android-and-microsoft-windows-say-sources/#59e834c64adf
https://www.vice.com/en_us/article/bjwne5/malicious-websites-hacked-iphones-for-years
https://www.cyberscoop.com/iphone-hack-google-project-zero/
https://www.cnet.com/news/google-says-iphone-security-flaws-let-websites-hack-them-for-years/
https://support.apple.com/en-us/HT209520
https://techcrunch.com/2019/08/31/china-google-iphone-uyghur/
https://www.businessinsider.com/china-may-have-used-hacked-websites-to-target-uighur-muslims-2019-9
https://threatpost.com/iphone-zero-days-watering-hole-attacks/147891/


Google expands bug bounty to apps:
https://security.googleblog.com/2019/08/expanding-bug-bounties-on-google-play.html
https://threatpost.com/google-targets-data-abusing-apps-bug-bounty/147825/
https://thehackernews.com/2019/08/google-data-abuse-bug-bounty.html
https://www.zdnet.com/article/google-adds-all-android-apps-with-100m-installs-to-its-bug-bounty-program/
https://hackerone.com/ddp_reward_program
https://www.zdnet.com/article/google-launches-bounty-program-to-spot-misuses-of-google-api-chrome-and-android-user-data/

Photo credit:
https://live.staticflickr.com/3956/15707819731_fc5c9b4118_b.jpg

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Valve Apologizes to Banned Security Researcher - ThreatWire

Aug 27, 2019 08:26

Description:

A hacker is ordered to pay about 1 million pounds to his victims, Valve says it’s Sorry, and what is homomorphic encryption! All that coming up now on ThreatWire. #threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support

https://www.youtube.com/shannonmorse -- subscribe to my new channel!

ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire

Links:
Hacker must pay back 1 million euros:
https://www.theguardian.com/technology/2019/aug/23/bitcoin-seized-hacker-grant-west-uk-compensate-victims
https://thehackernews.com/2019/08/hacker-phishing-bitcoin.html
https://www.zdnet.com/article/police-to-sell-hackers-1-1-million-bitcoin-stash-to-compensate-victims/
http://news.met.police.uk/news/more-than-900000-pounds-confiscated-from-from-cyber-hacker-379015?hootPostID=11032480c2ac425d16457361a6932540


Valve:
https://threatpost.com/gamers-zero-day-steam-client-affects-windows/147225/
https://hackerone.com/valve
https://amonitoring.ru/article/onemore_steam_eop_0day/
https://threatpost.com/researcher-discloses-second-steam-zero-day-after-valve-bug-bounty-ban/147593/
https://www.zdnet.com/article/researcher-publishes-second-steam-zero-day-after-getting-banned-on-valves-bug-bounty-program/
https://twitter.com/enigma0x3/status/1160961861560479744
https://arstechnica.com/information-technology/2019/08/valve-says-turning-away-researcher-reporting-steam-vulnerability-was-a-mistake/
https://www.zdnet.com/article/valve-patches-recent-steam-zero-days-calls-turning-away-researcher-a-mistake/

Homomorphic encryption:
https://www.cyberscoop.com/homomorphic-encryption-nsa-silicon-valley-commercial/
https://www.microsoft.com/en-us/research/blog/the-microsoft-simple-encrypted-arithmetic-library-goes-open-source/
https://www.intel.ai/he-transformer-for-ngraph-enabling-deep-learning-on-encrypted-data/#gs.yi2ofi
https://www.theregister.co.uk/2018/03/08/ibm_faster_homomorphic_encryption/
https://www.cyberscoop.com/homomorphic-encryption-standards-intel-microsoft-google/
http://homomorphicencryption.org/aug-17-2019-homomorphicencryption-org-standards-meeting/#


Photo credit:
https://live.staticflickr.com/4907/46871748401_7cf44c81e0_b.jpg


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Bluetooth Is Vulnerable to the KNOB Attack - ThreatWire

Aug 20, 2019 09:39

Description:

All about warshipping, spying on bluetooth with the knob attack, and capital one wasn’t the only company hit! All that coming up now on ThreatWire. #threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support

https://www.youtube.com/shannonmorse -- subscribe to my new channel!

ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire

Links:

Warshipping:
https://arstechnica.com/information-technology/2019/08/hack-in-the-box-hacking-into-companies-with-warshipping/
https://securityintelligence.com/posts/package-delivery-cybercriminals-at-your-doorstep/

Bluetooth KNOB attack:
https://www.bleepingcomputer.com/news/security/new-bluetooth-knob-attack-lets-attackers-manipulate-traffic/
https://thehackernews.com/2019/08/bluetooth-knob-vulnerability.html
https://www.usenix.org/system/files/sec19-antonioli.pdf
https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/

Capital One updates:
https://arstechnica.com/tech-policy/2019/08/woman-accused-of-capital-one-hack-had-stolen-data-from-30-companies-authorities-say/
https://www.cyberscoop.com/paige-thompson-capital-one-30-companies/
https://www.scribd.com/document/421860692/Thompson-New-Memorandum
https://www.cnet.com/news/capital-one-hacking-suspect-hit-dozens-more-companies-prosecutors-say/
https://www.cyberscoop.com/capital-one-aws-companies-wyden-letter/
https://www.wyden.senate.gov/imo/media/doc/081319%20Amazon%20Letter%20to%20Sen%20Wyden%20RE%20Consumer%20Data.pdf

Photo credit:
https://cdn.pixabay.com/photo/2017/06/02/14/38/package-2366468_960_720.jpg

 

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

DEF CON 2019: How To Hack A Canon Camera - ThreatWire

Aug 14, 2019 08:17

Description:

A steam zero day was found, Hackers hack a canon camera during defcon, and Passwordless Logins Coming to Google! All that coming up now on ThreatWire. #threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support

https://www.youtube.com/shannonmorse -- subscribe to my new channel!

ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire

Links:
Via Justin and Dan188 on Patreon Steam Vulnerability:
https://www.bleepingcomputer.com/news/security/steam-zero-day-vulnerability-affects-over-100-million-users/
https://threatpost.com/gamers-zero-day-steam-client-affects-windows/147225/
https://amonitoring.ru/article/steamclient-0day/
https://twitter.com/enigma0x3/status/1159103239729471488

Canon DSLR Hacking:
https://thehackernews.com/2019/08/dslr-camera-hacking.html
https://asia.canon/en/support/security-advisory-ptp-communication-and-firmware-functions/notice
https://research.checkpoint.com/say-cheese-ransomware-ing-a-dslr-camera/
https://threatpost.com/hack-of-a-canon-eos-80d-dslr/147214/

Fingerprint on Android:
https://thehackernews.com/2019/08/android-local-user-verification.html
https://security.googleblog.com/2019/08/making-authentication-even-easier-with_12.html
https://arstechnica.com/information-technology/2019/08/google-lets-android-users-skip-the-password-when-logging-in/
https://www.cnet.com/news/google-now-offers-no-password-login-if-you-have-android-phone/

 

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Photo credit:
DEF CON duh

WPA3 Passwords Still Vulnerable To Hacks, Capital One Hack Breakdown - ThreatWire

Aug 6, 2019 11:04

Description:

Everything we know about the Capital One breach, WPA3 is still vulnerable to hacks, and US utility companies are targeted in attacks! All that coming up now on ThreatWire. #threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support

https://www.youtube.com/shannonmorse -- subscribe to my new channel!

ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire

Links:

Capital One
https://www.cyberscoop.com/capital-one-cybersecurity-data-breach-what-went-wrong/
https://www.prnewswire.com/news-releases/capital-one-announces-data-security-incident-300892738.html
https://krebsonsecurity.com/2019/08/what-we-can-learn-from-the-capital-one-hack/
https://www.capitalone.com/applications/responsible-disclosure/
https://www.justice.gov/usao-wdwa/press-release/file/1188626/download
https://techcrunch.com/2019/07/31/capital-one-breach-vodafone-ford-researchers/
https://www.scribd.com/document/420587413/GitHub-CapitalOne-Complaint
https://www.cyberscoop.com/capital-one-data-breach-credit-freeze-credit-cards/

WPA3 Hacking
https://www.zdnet.com/article/dragonblood-vulnerabilities-disclosed-in-wifi-wpa3-standard/
https://www.zdnet.com/article/new-dragonblood-vulnerabilities-found-in-wifi-wpa3-standard/
https://thehackernews.com/2019/08/hack-wpa3-wifi-password.html
https://wpa3.mathyvanhoef.com/#new
https://eprint.iacr.org/2019/383.pdf

US Utilities targeted in hack
https://www.proofpoint.com/us/threat-insight/post/lookback-malware-targets-united-states-utilities-sector-phishing-attacks
https://arstechnica.com/information-technology/2019/08/new-advanced-malware-possibly-nation-sponsored-is-targeting-us-utilities/
https://www.zdnet.com/article/suspected-state-sponsored-hacking-group-tried-to-break-into-us-utilities/
https://www.cyberscoop.com/apt-10-utilities-phishing-proofpoint/


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Photo credit:
https://upload.wikimedia.org/wikipedia/commons/0/03/Sympetrum_flaveolum_-_side_%28aka%29.jpg

Equifax Owes You Money! MalwareTech Goes Free & BlueKeep Is For Sale - ThreatWire

Jul 30, 2019 00:00

Description:

Equifax likely owes you money, MalwareTech is finally free, and a BlueKeep exploit goes on sale! All that coming up now on ThreatWire. #threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support

https://www.youtube.com/shannonmorse -- subscribe to my new channel!

ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire


Equifax
https://www.ftc.gov/news-events/press-releases/2019/07/equifax-pay-575-million-part-settlement-ftc-cfpb-states-related
https://thehackernews.com/2019/07/equifax-data-breach-fine.html
https://www.businessinsider.com/equifax-data-breach-settlement-how-to-claim-money-from-lawsuit-2019-7
https://www.ftc.gov/enforcement/cases-proceedings/refunds/equifax-data-breach-settlement
https://eligibility.equifaxbreachsettlement.com/en/eligibility
https://www.equifaxbreachsettlement.com/

No jail time for malwaretech
https://thehackernews.com/2019/07/marcus-hutchins-sentenced.html
https://www.vice.com/en_us/article/9kxewv/malwaretech-wannacry-ransomware-sentencing
https://www.cyberscoop.com/marcus-hutchins-sentenced-kronos-wannacry/
https://twitter.com/emptywheel/status/1154789624843329536
https://twitter.com/MalwareTechBlog/status/1154787474486517762
https://www.cyberscoop.com/teenage-hackers-police-britain-netherlands/
https://www.politie.nl/themas/hack_right.html?sid=8f4296ab-ea98-4a08-ab28-81ef1fcf8b7c

Bluekeep
https://thehackernews.com/2019/05/bluekeep-rdp-vulnerability.html
https://www.intezer.com/blog-watching-the-watchbog-new-bluekeep-scanner-and-linux-exploits/
https://thehackernews.com/2019/07/linux-malware-windows-bluekeep.html
https://www.vice.com/en_us/article/wjvvvb/cybersecurity-firm-drops-code-for-the-incredibly-dangerous-windows-bluekeep-vulnerability
https://twitter.com/Immunityinc/status/1153752470130221057
https://www.immunityinc.com/products/canvas/index.html
https://www.zdnet.com/article/us-company-selling-weaponized-bluekeep-exploit/

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Google Chrome Incognito Mode - Now With More Incognito! + FaceApp Scrutiny - ThreatWire

Jul 23, 2019 08:59

Description:

FaceApp answers questions about privacy concerns, Google blocks incognito mode detection, and Oakland bans facial recognition technology ! All that coming up now on ThreatWire. #threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support

https://www.youtube.com/shannonmorse -- subscribe to my new channel!

ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire

 


Links:

Incognito Mode:
https://www.blog.google/outreach-initiatives/google-news-initiative/protecting-private-browsing-chrome/
https://arstechnica.com/information-technology/2019/07/chrome-76-prevents-nyt-and-other-news-sites-from-detecting-incognito-mode/
https://www.zdnet.com/article/google-to-clamp-down-on-incognito-mode-detection/

FaceApp:
https://www.cnet.com/news/faceapp-says-its-not-uploading-all-your-photos/
https://www.cyberscoop.com/faceapp-privacy-russia-amazon-servers/
https://techcrunch.com/2019/07/17/faceapp-responds-to-privacy-concerns/
https://www.theverge.com/2019/7/17/20698393/faceapp-aging-russia-security-privacy-concerns-dnc-democrats-warning-campaign-election
https://twitter.com/frankthorp/status/1151619130983964672
https://arstechnica.com/tech-policy/2019/07/as-russian-faceapp-gobbles-up-user-photos-schumer-asks-fbi-to-investigate/

Facial Recognition Bans
https://www.cnet.com/news/facial-recognition-banned-in-another-city/
https://www.vice.com/en_us/article/zmpaex/oakland-becomes-third-us-city-to-ban-facial-recognition-xz
https://sanfrancisco.cbslocal.com/2019/07/16/oakland-officials-take-step-towards-banning-city-use-of-facial-recognition-tech/
https://www.banfacialrecognition.com/map/

 

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

 

Photo credit:

https://farm3.staticflickr.com/2809/33535666103_5438b71892_b.jpg

Big Problems for OpenPGP - ThreatWire

Jul 9, 2019 09:23

Description:

Border agents in china are installing malware on phones, GnuPG has a serious problem, and Amazon saves your voice recordings indefinitely! All that coming up now on ThreatWire. #threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support

https://www.youtube.com/shannonmorse -- subscribe to my new channel!

ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire

Links:
https://www.nytimes.com/2019/07/02/technology/china-xinjiang-app.html
https://www.vice.com/en_us/article/7xgame/at-chinese-border-tourists-forced-to-install-a-text-stealing-piece-of-malware
https://github.com/motherboardgithub/bxaq
https://www.cnet.com/news/china-is-reportedly-scanning-tourists-phones-with-malware/

https://threatpost.com/pgp-ecosystem-targeted-in-poisoning-attacks/146240/
https://www.vice.com/en_us/article/8xzj45/someone-is-spamming-and-breaking-a-core-component-of-pgps-ecosystem
https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f
https://dkg.fifthhorseman.net/blog/openpgp-certificate-flooding.html

https://www.cnet.com/news/alexa-privacy-concerns-prompt-senator-to-seek-answers-from-amazon-ceo-jeff-bezos/
https://www.cnet.com/news/amazon-alexa-keeps-your-data-with-no-expiration-date-and-shares-it-too/
https://www.theverge.com/2019/7/3/20681423/amazon-alexa-echo-chris-coons-data-transcripts-recording-privacy
https://www.cnet.com/how-to/you-can-finally-delete-most-of-your-amazon-echo-transcripts-heres-how/


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Cities Pay Up After Ransomware Attacks - ThreatWire

Jul 2, 2019 09:08

Description:

Ransomware-ridden Florida cities are paying up, insulin pumps are vulnerable to potentially deadly wireless hacks, and Chronicle joins Google cloud! All that coming up now on ThreatWire. #threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support

https://www.youtube.com/shannonmorse -- subscribe to my new channel!

Florida Ransomware:
https://www.cyberscoop.com/ransomware-lake-city-florida-payment/
https://www.cnet.com/news/another-florida-city-pays-hackers-over-ransomware-attack/
https://arstechnica.com/information-technology/2019/06/is-there-something-in-the-water-third-florida-city-hit-by-ransomware/
https://threatpost.com/second-florida-city-pays-hackers-500k-post-ransomware-attack/146018/
https://go.forrester.com/blogs/unconventional-wisdom-explore-paying-the-ransom-in-parallel-with-other-recovery-options/
https://www.zdnet.com/article/why-and-when-it-makes-sense-to-pay-the-ransom-in-ransomware-attacks/

Chronicle, Alphabet’s Security arm, joins Google Cloud:
https://cloud.google.com/blog/topics/inside-google-cloud/the-security-moonshot-joins-google-cloud
https://chronicle.security/
https://www.cyberscoop.com/alphabets-chronicle-uses-big-data-launch-threat-intel-platform/
https://www.businessinsider.com/alphabet-cybersecurity-company-chronicle-joins-google-cloud-2019-6
https://www.cyberscoop.com/chronicle-alphabets-push-into-security-will-join-google-cloud/

Insulin Pumps Flaw:
https://www.fda.gov/news-events/press-announcements/fda-warns-patients-and-health-care-providers-about-potential-cybersecurity-concerns-certain
https://threatpost.com/fda-warns-of-potentially-fatal-flaws-in-medtronic-insulin-pumps/146109/
https://www.medtronicdiabetes.com/customer-support/product-and-service-updates/notice11-letter
https://www.cyberscoop.com/fda-urges-patients-ditch-vulnerable-insulin-pumps-built-medtronic/
https://www.us-cert.gov/ics/advisories/icsma-19-178-01
https://info.medtronicdiabetes.com/legacyexchange


Photo credit:
https://media.defense.gov/2017/May/15/2001746883/-1/-1/0/170519-A-PO640-007.JPG


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Amazon Surveillance Delivery Drones; Patch Linux! - ThreatWire

Jun 25, 2019 08:13

Description:

Firefox, Linux, FreeBSD Vulnerabilities? Patch, now! And Amazon wants to make surveillance delivery drones! All that coming up now on ThreatWire. #threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support

https://www.youtube.com/shannonmorse -- subscribe to my new channel!

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Firefox Zero Day:
https://www.zdnet.com/article/mozilla-patches-firefox-zero-day-abused-in-the-wild/
https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/
https://www.zdnet.com/article/mozilla-fixes-second-firefox-zero-day-exploited-in-the-wild/
https://www.mozilla.org/en-US/security/advisories/mfsa2019-19/
https://www.zdnet.com/article/firefox-zero-day-was-used-in-attack-against-coinbase-employees-not-its-users/
https://twitter.com/SecurityGuyPhil/status/1141466335592869888
https://threatpost.com/mozilla-patches-firefox-critical-flaw-under-active-attack/145814/

Amazon Drones:
https://www.cnet.com/news/amazon-granted-patent-for-surveillance-drones-service/
https://www.zdnet.com/article/amazon-patent-suggests-surveillance-as-a-service-could-be-future-offering/
https://www.businessinsider.com/amazon-wins-patent-for-surveillance-drones-2019-6

Linux Vulns:
https://arstechnica.com/information-technology/2019/06/new-vulnerabilities-may-let-hackers-remotely-sack-linux-and-freebsd-systems/
https://threatpost.com/linux-kernel-bug-pcs-iot-offline/145797/
https://www.zdnet.com/article/netflix-to-linux-users-patch-sack-panic-kernel-bug-now-to-stop-remote-attacks/
https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md

 

RAMBleed Steals Crypto Keys; Yubikeys Recalled - ThreatWire

Jun 18, 2019 10:00

Description:

US Infrastructure is Targeted by attackers, RAMBleed can steal cryptokeys, and Yubikeys get recalled! All that coming up now on ThreatWire. #threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support

https://www.youtube.com/shannonmorse?sub_confirmation=1 -- subscribe to my new channel!

Hacking Power Grids:
https://dragos.com/blog/industry-news/threat-proliferation-in-ics-cybersecurity-xenotime-now-targeting-electric-sector-in-addition-to-oil-and-gas/
https://dragos.com/wp-content/uploads/TRISIS-01.pdf
https://www.zdnet.com/article/this-most-dangerous-hacking-group-is-now-probing-power-grids/
https://www.cyberscoop.com/trisis-xenotime-us-electric-sector/
https://www.wired.com/story/triton-hackers-scan-us-power-grid/
https://arstechnica.com/information-technology/2019/06/hackers-behind-dangerous-oil-and-gas-intrusions-are-probing-us-power-grids/

 

Yubikeys Vulnerable:
https://www.yubico.com/support/security-advisories/ysa-2019-02/
https://www.zdnet.com/article/yubico-to-replace-vulnerable-yubikey-fips-security-keys/
https://www.yubico.com/replaceorder/

 

RAMBleed, shoutout to CypherDragon:
https://access.redhat.com/articles/1377393
https://rambleed.com/
https://rambleed.com/docs/20190603-rambleed-web.pdf
https://arstechnica.com/information-technology/2019/06/researchers-use-rowhammer-bitflips-to-steal-2048-bit-crypto-key/
https://threatpost.com/rambleed-side-channel-privileged-memory/145629/
https://thehackernews.com/2019/06/rambleed-dram-attack.html

 


Photo credit:
https://live.staticflickr.com/6179/6173837649_2d77becc9b_b.jpg


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Ring Doorbells Create a Surveillance State - ThreatWire

Jun 11, 2019 09:58

Description:

A windows exploit bypasses a recent patch, Ring Doorbells are a surveillance state network?, and malicious adware was found in hundreds of Google Play apps! All that coming up now on ThreatWire.
#threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆


Windows Zero Day ByeBear Posted to Bypass Windows Patch
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0841
https://krbtgt.pw/dacl-permissions-overwrite-privilege-escalation-cve-2019-0841/
https://threatpost.com/sandboxescaper-byebear-windows-bypass/145470/
https://www.zdnet.com/article/windows-10-zero-day-details-published-on-github/
https://www.microsoft.com/en-us/msrc/bounty

Amazon Ring Doorbell used by police for surveillance network
https://blog.ring.com/2019/02/14/how-rings-neighbors-creates-safer-more-connected-communities/
https://www.theinformation.com/go/b7668a689a
https://www.cnet.com/features/amazons-helping-police-build-a-surveillance-network-with-ring-doorbells/
https://www.vice.com/en_us/article/evkgpw/smart-doorbell-company-ring-is-working-with-cops-to-report-suspicious-people-and-activities
https://www.businessinsider.com/amazon-ring-video-doorbell-footage-used-by-police-report-2019-6
https://www.cnet.com/news/these-laws-make-police-get-public-buy-in-on-surveillance-tools/
https://www.cnet.com/news/amazons-ring-takes-heat-for-considering-facial-recognition-for-its-video-doorbells/
https://www.vice.com/en_us/article/pajm5z/amazon-home-surveillance-company-ring-law-enforcement-advertisements

238 Google Play apps found with malicious code
https://arstechnica.com/information-technology/2019/06/238-google-play-apps-with-440-million-installs-made-phones-nearly-unusable/
https://threatpost.com/android-completely-obnoxious-pop-ups/145390/
https://blog.lookout.com/beitaplugin-adware
https://www.zdnet.com/article/440-million-android-users-installed-apps-with-an-aggressive-advertising-plugin/


Photo credit:
https://cdn.pocket-lint.com/r/s/1200x/assets/images/142320-smart-home-review-ring-video-doorbell-2-image1-uar8mu7stn.jpg

Apple Adds Privacy Updates to iOS 13 at WWDC - ThreatWire

Jun 4, 2019 08:39

Description:

Over 1 million PCs could be vulnerable to a windows worm, , 12 million patients were hit in the quest diagnostics data breach, and Apple is bringing Security at WWDC! All that coming up now on ThreatWire. #threatwire #hak5


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆


Links:
Support me on alternative platforms! https://snubsie.com/support

https://blogs.technet.microsoft.com/msrc/2019/05/14/prevent-a-worm-by-updating-remote-desktop-services-cve-2019-0708/
https://arstechnica.com/information-technology/2019/05/microsoft-warns-wormable-windows-bug-could-lead-to-another-wannacry/
https://thehackernews.com/2019/05/bluekeep-rdp-vulnerability.html
https://blogs.technet.microsoft.com/msrc/2019/05/30/a-reminder-to-update-your-systems-to-prevent-a-worm/
https://arstechnica.com/information-technology/2019/05/microsoft-says-its-confident-an-exploit-exists-for-wormable-bluekeep-flaw/
https://blog.erratasec.com/2019/05/almost-one-million-vulnerable-to.html
https://arstechnica.com/information-technology/2019/05/why-a-windows-flaw-patched-nine-days-ago-is-still-spooking-the-internet/
https://securityledger.com/2019/05/microsoft-bluekeep-flaw-threatens-medical-devices-iot/

http://newsroom.questdiagnostics.com/AMCADataSecurityIncident
https://www.huffpost.com/entry/quest-diagnostics-data-breach_n_5cf54eaae4b0e346ce8267f7?ncid=tweetlnkushpmg00000067
https://techcrunch.com/2019/06/03/quest-diagnostics-breach/
https://www.chicagotribune.com/business/ct-quest-data-hack-1214-biz-20161213-story.html
https://www.bloomberg.com/news/articles/2019-06-03/quest-says-millions-of-patient-records-exposed-in-billing-hack?utm_medium=social&cmpid=socialflow-twitter-business&utm_content=business&utm_source=twitter&utm_campaign=socialflow-organic

https://www.zdnet.com/article/wwdc-2019-apple-debuts-new-privacy-features-in-ios-13/
https://9to5mac.com/2019/06/03/apple-launches-sign-in-with-apple-button-for-apps-no-tracking-login/
https://www.zdnet.com/article/wwdc-2019-apple-announces-sign-in-with-apple-feature/
https://threatpost.com/wwdc-2019-apple-facebook-privacy/145290/

 

Photo credit:
Apple

Google Bluetooth Security Key Flawed; Intel CPU Insecure! - ThreatWire

May 21, 2019 10:21

Description:

Bluetooth Security Keys? Bad Idea. Planes could be crashed, Zombie’s are after your CPUs! All that coming up now on ThreatWire. #threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Titan Security Key Hacked:
https://security.googleblog.com/2019/05/titan-keys-update.html
https://arstechnica.com/information-technology/2019/05/google-warns-bluetooth-titan-security-keys-can-be-hijacked-by-nearby-hackers/
https://www.cnet.com/news/google-warns-titan-security-key-has-bluetooth-bug-that-leaves-it-vulnerable/
https://www.cyberscoop.com/google-replace-titan-keys-free-uncovering-bluetooth-flaw/
https://www.zdnet.com/article/google-to-replace-faulty-titan-security-keys/
https://www.wired.com/story/bluetooth-complex-security-risk/

Radio aircraft navigation landing system hacked:
https://aanjhan.com/assets/ils_usenix2019.pdf
https://arstechnica.com/information-technology/2019/05/the-radio-navigation-planes-use-to-land-safely-is-insecure-and-can-be-hacked/
https://securityledger.com/2019/05/researchers-hack-aircraft-landing-system-with-600-radios/

RIDL In Intel (Zombieland):
https://www.cyberscoop.com/intel-chip-flaws-zombieland-ridl-fallout/
https://arstechnica.com/gadgets/2019/05/new-speculative-execution-bug-leaks-data-from-intel-chips-internal-buffers/
https://thehackernews.com/2019/05/intel-processor-vulnerabilities.html
https://www.zdnet.com/article/patch-status-for-the-new-mds-attacks-against-intel-cpus/
https://zombieloadattack.com/zombieload.pdf
https://zombieloadattack.com/
https://www.zdnet.com/article/intel-cpus-impacted-by-new-zombieload-side-channel-attack/
https://www.zdnet.com/article/how-to-test-mds-zombieload-patch-status-on-windows-systems/

Additional resources:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html
https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf


Photo credit:
https://www.flickr.com/photos/grmisiti/8149613310

SIM Swapping Criminals Charged, ‘Unhackable’ USB Gets Hacked - ThreatWire

May 14, 2019 08:34

Description:

SIM Swapping Criminals Charged, over a hundred sites were found running malicious code, and an unhackable usb drive gets hacked! All that coming up now on ThreatWire. #threatwire #hak5

Support me on alternative platforms! https://snubsie.com/support


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆


SIM Swapping Hacks:
https://krebsonsecurity.com/2019/05/nine-charged-in-alleged-sim-swapping-ring/
https://thehackernews.com/2019/05/sim-swapping-hacking.html
https://www.justice.gov/usao-edmi/pr/nine-individuals-connected-hacking-group-charged-online-identity-theft-and-other
https://krebsonsecurity.com/wp-content/uploads/2019/05/ninesimswap.pdf
https://krebsonsecurity.com/wp-content/uploads/2019/05/josephwhitejack.pdf

100 Sites Hacked:
https://blog.netlab.360.com/ongoing-credit-card-data-leak/
https://urlscan.io/search/#domain%3Amagento-analytics.com
https://thehackernews.com/2019/05/magento-credit-card-hacking.html
https://arstechnica.com/information-technology/2019/05/more-than-100-commerce-sites-infected-with-code-that-steals-payment-card-data/
https://arstechnica.com/information-technology/2019/03/a-new-rash-of-highly-covert-card-skimming-malware-infects-ecommerce-sites/


Unhackable USB Key Gets Hacked:
https://www.kickstarter.com/projects/eyedisk/eyedisk-unhackable-usb-flash-drive/description
https://www.pentestpartners.com/security-blog/eyedisk-hacking-the-unhackable-again/
https://threatpost.com/unhackable-biometric-usb-passwords/144576/
https://www.zdnet.com/article/unhackable-biometric-drive-exposed-passwords-in-clear-text/


Photo credit:
https://www.publicdomainpictures.net/pictures/30000/nahled/various-sim-cards.jpg

 

Right To Repair? Consumers Will Hurt Themselves! - ThreatWire

May 7, 2019 08:00

Description:

Dell laptops can be hijacked, #RightToRepair dies due to lobbying, and Google turns on Auto-Delete! All that coming up now on ThreatWire. #threatwire #hak5

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Links:
Support me on alternative platforms! https://snubsie.com/support

Dell:
https://thehackernews.com/2019/05/dell-computer-hacking.html
https://threatpost.com/dell-flaws-security-support-tool/144295/
https://www.zdnet.com/article/dell-laptops-and-computers-vulnerable-to-remote-hijacks/

Right to repair killed
https://www.vice.com/en_us/article/gyawqy/right-to-repair-legislation-is-officially-being-considered-in-ontario-canada
https://motherboard.vice.com/en_us/article/9kxayy/right-to-repair-bill-killed-after-big-tech-lobbying-in-ontario
https://motherboard.vice.com/en_us/article/wjvdb4/apple-is-telling-lawmakers-people-will-hurt-themselves-if-they-try-to-fix-iphones

Google
https://www.blog.google/technology/safety-security/automatically-delete-data/
https://thehackernews.com/2019/05/google-web-location-history.html
https://www.apnews.com/828aefab64d4411bac257a07c1af0ecb
https://www.nytimes.com/interactive/2019/04/13/us/google-location-tracking-police.html
https://arstechnica.com/tech-policy/2019/05/google-unveils-auto-delete-for-location-web-activity-and-app-usage-data/


Photo credit:
https://upload.wikimedia.org/wikipedia/commons/4/43/Cell_Phone_Repair.jpg

Baby Monitors and GPS Tracker Apps - Hacked! - ThreatWire

Apr 30, 2019 09:55

Description:

GPS tracker apps get hacked, 2 million IoT devices are vulnerable to hacks, and we’ve got more Amazon Echo privacy concerns! All that coming up now on ThreatWire. #threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆


Millions of IoT Devices Exposed:
https://krebsonsecurity.com/2019/04/p2p-weakness-exposes-millions-of-iot-devices/
https://www.zdnet.com/article/over-two-million-iot-devices-vulnerable-because-of-p2p-component-flaws/
https://hacked.camera/

Amazon:
https://threatpost.com/amazon-employees-personal-alexa/144119/
https://www.cnet.com/how-to/how-to-use-an-alexa-smart-speaker-and-keep-your-privacy/
https://www.cnet.com/news/amazon-alexa-audio-reviewers-might-know-where-you-live/
https://www.bloomberg.com/news/articles/2019-04-24/amazon-s-alexa-reviewers-can-access-customers-home-addresses

Remotely killing cars with GPS apps:
https://motherboard.vice.com/en_us/article/zmpx4x/hacker-monitor-cars-kill-engine-gps-tracking-apps
http://www.protrack365.com/
http://www.itrack.top/

 

Photo credit:
https://www.flickr.com/photos/yourbestdigs/42463389831

Security Flaws Found in WPA3! Julian Assange of Wikileaks Arrested - ThreatWire

Apr 16, 2019 12:30

Description:

Julian Assange gets arrested, WPA3 has serious security holes, and amazon employees are listening to audio clips from echos! All that coming up now on ThreatWire. #threatwire #hak5

Links:
Support me on alternative platforms! https://snubsie.com/support

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Julian Assange Arrested
https://thehackernews.com/2019/04/wikileaks-julian-assange-arrested.html
https://www.zdnet.com/article/julian-assange-arrested-by-uk-police/
https://twitter.com/wikileaks/status/1113919962995884033
https://www.cnet.com/news/julian-assanges-defense-against-hacking-charges-and-where-it-falls-short/
https://motherboard.vice.com/en_us/article/mb8qyn/julian-assange-charged-with-hacking-conspiracy-not-publishing
https://www.cyberscoop.com/julian-assange-arrested-indictment/
https://gizmodo.com/chelsea-mannings-fbi-files-are-central-to-ongoing-crimi-1833897041


WPA3 Flaw:
https://papers.mathyvanhoef.com/dragonblood.pdf
https://thehackernews.com/2019/04/wpa3-hack-wifi-password.html
https://wpa3.mathyvanhoef.com/
https://arstechnica.com/information-technology/2019/04/serious-flaws-leave-wpa3-vulnerable-to-hacks-that-steal-wi-fi-passwords/
https://www.zdnet.com/article/dragonblood-vulnerabilities-disclosed-in-wifi-wpa3-standard/
https://www.wi-fi.org/news-events/newsroom/wi-fi-alliance-security-update-april-2019
https://www.wi-fi.org/security-update-april-2019


Amazon Echo:
https://www.bloomberg.com/technology
https://www.zdnet.com/article/amazon-employees-are-listening-in-to-your-conversations-with-alexa/
https://www.cnet.com/news/amazon-workers-eavesdrop-on-your-talks-with-alexa/
https://threatpost.com/amazon-auditors-listen-to-echo-recordings-report-says/143696/
https://motherboard.vice.com/en_us/article/ywyzm5/big-tech-lobbying-gutted-a-bill-that-would-ban-recording-you-without-consent
http://www.ilga.gov/legislation/101/SB/PDF/10100SB1719lv.pdf

 


Photo credit:
https://upload.wikimedia.org/wikipedia/commons/6/68/Damselfly_October_2007_Osaka_Japan.jpg

 

AirBnB Hidden Cameras, Facebook Still Horrible For Privacy - ThreatWire

Apr 9, 2019 08:04

Description:

Over half a Million Facebook user data Records were Exposed, how to scan wifi to find a hidden camera in an AirBnB, and facebook was asking for your email password! All that coming up now on ThreatWire. #threatwire #hak5

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Links:
Support me on alternative platforms! https://snubsie.com/support

Facebook data leak:
https://www.upguard.com/breaches/facebook-user-data-leak
https://www.cyberscoop.com/facebook-apps-3rd-party-data-exposures-upguard/
https://thehackernews.com/2019/04/facebook-app-database.html
https://threatpost.com/facebook-data-of-millions-exposed-in-leaky-datasets/143412/
https://www.bloomberg.com/news/articles/2019-04-03/millions-of-facebook-records-found-on-amazon-cloud-servers


Facebook Email Passwords:
https://www.thedailybeast.com/beyond-sketchy-facebook-demanding-some-new-users-email-passwords
https://twitter.com/originalesushi/status/1112496649891430401
https://krebsonsecurity.com/2019/03/facebook-stored-hundreds-of-millions-of-user-passwords-in-plain-text-for-years/
https://arstechnica.com/information-technology/2019/04/facebook-asked-some-users-for-their-email-passwords-because-why-not/


AirBnB Hidden Cameras:
https://arstechnica.com/information-technology/2019/04/airbnb-guest-found-hidden-surveillance-camera-by-scanning-wi-fi-network/
https://sixfortwelve.wordpress.com/2019/04/06/how-to-increase-your-chances-of-finding-a-hidden-camera/?fbclid=IwAR3dZpL-qQTcbA-VL9oTIiP3z4JGNWo04z9TXx89vOz3YIQD9i2bHUQ87sw
https://www.cnn.com/2019/04/05/europe/ireland-airbnb-hidden-camera-scli-intl/index.html
https://www.facebook.com/photo.php?fbid=10156325018207239&set=a.440220892238&type=3&theater
https://www.airbnb.com/help/article/887/what-are-airbnb-s-rules-about-electronic-surveillance-devices-in-listings

 

Photo credit:
https://cdn.pixabay.com/photo/2018/05/14/12/18/airbnb-3399753_960_720.jpg

2 Million+ Credit Cards Stolen, Buca di Beppo Hacked - ThreatWire

Apr 2, 2019 11:39

Description:

A new supply chain attack hits ASUS - here’s everything you need to know! Plus, Buca di Beppo was hacked, and we’ve got some new right to repair advocates! All that coming up now on ThreatWire. #threatwire #hak5

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Links:
Support me on alternative platforms! https://snubsie.com/support

ASUS, from David on Patreon:
https://securelist.com/operation-shadowhammer/89992/
https://motherboard.vice.com/en_us/article/pan9wn/hackers-hijacked-asus-software-updates-to-install-backdoors-on-thousands-of-computers
https://arstechnica.com/information-technology/2019/03/hijacked-asus-software-updates-installed-backdoor-on-at-least-0-5-million-pcs/
https://www.zdnet.com/article/supply-chain-attack-installs-backdoors-through-hijacked-asus-live-update-software/
https://thehackernews.com/2019/03/asus-hack-mac-addresses.html
https://www.zdnet.com/article/researchers-publish-list-of-mac-addresses-targeted-in-asus-hack/
https://shadowhammer.kaspersky.com/
https://www.asus.com/News/hqfgVUyZ6uyAyJe1
https://threatpost.com/asus-patches-live-update-bug-that-allowed-apt-to-infect-thousands-of-pcs/143169/
https://www.cyberscoop.com/asus-patch-shadowhammer-kaspersky/

Right to repair:
https://www.wired.com/story/right-to-repair-elizabeth-warren-farmers/
https://motherboard.vice.com/en_us/article/d3mb5k/elizabeth-warren-calls-for-a-national-right-to-repair-law
https://medium.com/@teamwarren/leveling-the-playing-field-for-americas-family-farmers-823d1994f067
https://motherboard.vice.com/en_us/article/d3mqna/internal-documents-show-apple-is-capable-of-implementing-right-to-repair-legislation
https://motherboard.vice.com/en_us/article/eveezj/a-cell-phone-carrier-breaks-with-big-telecom-announces-support-for-right-to-repair-legislation
https://ting.com/blog/epicphonefail/

Buca di Beppo:
http://www.earlenterprise.com/incident/#potentially-affected-locations
https://www.earlenterprise.com/
https://www.zdnet.com/article/card-breach-reported-at-buca-di-beppo-planet-hollywood-and-other-restaurants/
https://www.cnet.com/news/malware-may-have-stolen-2-million-us-restaurant-diners-credit-card-details/
https://krebsonsecurity.com/2019/03/a-month-after-2-million-customer-cards-sold-online-buca-di-beppo-parent-admits-breach/

Photo credit:
https://farm6.staticflickr.com/5158/5875367625_c68e8f2968_b.jpg

Beto O’Rourke Was a Hacker - ThreatWire

Mar 19, 2019 12:20

Description:

Regulating facial recognition in businesses, ecommerce websites and point of sales are hit with malware campaigns, and Presidential candidate Beto O’Rourke was a hacker! All that coming up now on ThreatWire. #threatwire #hak5

Support me on alternative platforms! https://snubsie.com/support

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Facial recognition bill:
https://www.cnet.com/news/senators-introduce-facial-recognition-bill-to-stop-businesses-from-tracking-you/
https://www.blunt.senate.gov/news/press-releases/blunt-schatz-introduce-bipartisan-commercial-facial-recognition-privacy-act
https://www.scribd.com/document/401927683/Facial-Recognition-Act-Proposal

Card skimming malware and POS hacks:
https://www.cyberscoop.com/dmsniff-glitchpos-malware-cybercrime-flashpoint-talos/
https://arstechnica.com/information-technology/2019/03/a-new-rash-of-highly-covert-card-skimming-malware-infects-ecommerce-sites/
https://www.group-ib.com/media/js-sniffer/
https://www.flashpoint-intel.com/blog/dmsniff-pos-malware-actively-leveraged-target-medium-sized-businesses/
https://threatpost.com/glitchpos-malware-credit-card/142804/
https://blog.talosintelligence.com/2019/03/glitchpos-new-pos-malware-for-sale.html

Beto O’Rourke was a hacker:
https://www.reuters.com/investigates/special-report/usa-politics-beto-orourke/
https://www.cnet.com/news/beto-orourke-has-serious-hacker-credentials/
http://textfiles.com/groups/CDC/visions.crusade
https://arstechnica.com/information-technology/2019/03/it-turns-out-beto-orourke-stole-phone-service-pirated-software-as-a-kid/


Photo credit:
https://farm7.staticflickr.com/6206/6130484874_fb768d828d_b.jpg

NSA’s Ghidra is Here! - ThreatWire

Mar 12, 2019 08:22

Description:

Chrome and Windows 7 zero days are being actively exploited, The NSA releases Ghidra into the wild for free, and Democrats Want to Restore Net Neutrality! All that coming up now on ThreatWire. #threatwire #hak5


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Links:
Chrome Zero Days:
https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5786
https://www.zdnet.com/article/google-chrome-zero-day-was-used-together-with-a-windows-7-zero-day/
https://security.googleblog.com/2019/03/disclosing-vulnerabilities-to-protect.html
https://www.wired.com/story/turn-on-auto-updates-everywhere/

Ghidra:
https://motherboard.vice.com/en_us/article/panvm7/nsa-releases-ghidra-for-free-game-changer
https://www.zdnet.com/article/nsa-release-ghidra-a-free-software-reverse-engineering-toolkit/
https://ghidra-sre.org/
https://github.com/nationalsecurityagency
https://www.cyberscoop.com/ghidra-nsa-tool-public/
https://www.wired.com/story/nsa-ghidra-open-source-tool/

New Bill to restore net neutrality:
https://motherboard.vice.com/en_us/article/d3mk5w/democrats-unveil-new-bill-to-fully-restore-net-neutrality
https://energycommerce.house.gov/sites/democrats.energycommerce.house.gov/files/documents/Save%20the%20Internet%20Act%20Legislative%20Text.pdf
https://arstechnica.com/tech-policy/2019/01/net-neutrality-advocates-confident-about-beating-fcc-as-case-heads-to-court/

 


Photo credit:
The NSA, lol.

Sign-In Kiosks Vulnerable, Android is FIDO2 Certified! - ThreatWire

Mar 5, 2019 07:37

Description:

Google adds more security to android devices with FIDO2 certification, sign in kiosks are vulnerable to all sorts of hacks, and Facebook Uses 2FA Numbers For Search! All that coming up now on ThreatWire. #threatwire #hak5

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Links:
https://android-developers.googleblog.com/2019/02/android-security-improvement-update.html
https://www.cnet.com/news/android-security-program-has-helped-fix-over-1m-apps-in-google-play/
https://fidoalliance.org/android-now-fido2-certified-accelerating-global-migration-beyond-passwords/
https://thehackernews.com/2019/02/android-fido2-password-security.html
https://www.cnet.com/news/goodbye-passwords-webauthn-is-now-an-official-web-standard/
https://www.cnet.com/news/google-looks-to-leave-passwords-behind-for-a-billion-android-devices/
https://www.yubico.com/2018/08/10-things-youve-been-wondering-about-fido2-webauthn-and-a-passwordless-world/

https://securityintelligence.com/stranger-danger-x-force-red-finds-19-vulnerabilities-in-visitor-management-systems/
https://www.zdnet.com/article/19-vulnerabilities-exposed-in-visitor-management-systems/
https://www.cyberscoop.com/ibm-interns-find-19-vulnerabilities-corporate-check-systems/

https://www.techradar.com/news/facebook-no-longer-lets-you-search-for-friends-by-phone-numbers
https://techcrunch.com/2019/03/03/facebook-phone-number-look-up/
https://www.cnet.com/news/facebooks-two-factor-authentication-with-phone-numbers-puts-security-and-privacy-at-odds/
https://twitter.com/jeremyburge/status/1101402001907372032?ref_src=twsrc%5Egoogle%7Ctwcamp%5Enews%7Ctwgr%5Etweet
https://motherboard.vice.com/en_us/article/kzdxjx/facebook-phone-number-two-factor-authentication


Photo credit:
https://www.saimgs.com/imglib/other_pages/visitor-management/sine-vms-kiosk.png

 

Password Managers Flawed; WinRAR Vulnerable for 2 Decades! - ThreatWire

Feb 26, 2019 12:40

Description:

Password Managers have vulnerabilities, companies want us to chill out over their embedded recording devices in hardware, and WinRAR had a 19 year old bug! All that coming up now on ThreatWire. #threatwire #hak5


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆


Links:
Password Managers:
https://www.securityevaluators.com/casestudies/password-manager-hacking/
https://www.zdnet.com/article/critical-vulnerabilities-uncovered-in-popular-password-managers/
https://keepass.info/help/base/security.html#secmemprot
https://lastpass.com/misc_download2.php
https://threatpost.com/1password-dashlane-keepass-and-lastpass/142037/
https://www.cyberscoop.com/bugcrowd-adrian-bednarek-lastpass/

Embedded Recording Devices:
https://twitter.com/vkamluk/status/1097008518685573120
https://www.cnet.com/news/airplane-seat-cameras-could-be-your-new-spy-in-the-sky/
https://www.buzzfeednews.com/article/nicolenguyen/american-airlines-planes-entertainment-system-cameras
https://thehackernews.com/2016/12/hacking-in-flight-system.html
https://www.cnet.com/news/google-calls-nests-hidden-microphone-an-error/
https://www.zdnet.com/article/google-says-secret-microphones-in-nest-home-products-an-error/

WinRAR Vulnerability:
https://research.checkpoint.com/extracting-code-execution-from-winrar/
https://arstechnica.com/information-technology/2019/02/nasty-code-execution-bug-in-winrar-threatened-millions-of-users-for-14-years/
https://threatpost.com/winrar-flaw-500-million-users/142080/
https://www.zdnet.com/article/winrar-versions-released-in-the-last-19-years-impacted-by-severe-security-flaw/
https://thehackernews.com/2019/02/winrar-malware-exploit.html


Photo credit:
https://www.flickr.com/photos/bitsfrombytes/29731017407

 

Scooter Hacks! Is Tor on Android Broken?! - ThreatWire

Feb 19, 2019 10:31

Description:

Scooters are being hacked! Make sure you’re resetting your ad ID, but does it do anything? And Australia’s parliament has some hacks to deal with! All that coming up now on ThreatWire. #threatwire #hak5


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Links:
Scooter:
https://blog.zimperium.com/dont-give-me-a-brake-xiaomi-scooter-hack-enables-dangerous-accelerations-and-stops-for-unsuspecting-riders/
https://www.cyberscoop.com/scooter-hack-zimperium-bluetooth-bird-spin/
https://thehackernews.com/2019/02/xiaomi-electric-scooter-hack.html

Android:
https://arxiv.org/pdf/1901.04434.pdf
https://www.zdnet.com/article/tor-traffic-from-individual-android-apps-detected-with-97-percent-accuracy/
https://support.google.com/googleplay/android-developer/answer/6048248?hl=en
https://blog.appcensus.mobi/2019/02/14/ad-ids-behaving-badly/
https://www.cnet.com/news/these-android-apps-have-been-tracking-you-even-when-you-say-stop/
https://www.zdnet.com/article/thousands-of-apps-bypass-android-privacy-protections-to-permanently-record-your-activities/

Australia:
https://www.smh.com.au/politics/federal/australia-s-major-political-parties-hacked-in-sophisticated-attack-ahead-of-election-20190218-p50yi1.html
https://www.zdnet.com/article/australian-political-parties-also-hit-by-state-actor-in-parliamentary-network-attack-pm/
https://www.zdnet.com/article/australian-government-computing-network-reset-following-security-incident/
https://www.cnet.com/news/australia-blames-sophisticated-state-actor-for-massive-government-hack/
https://arstechnica.com/information-technology/2019/02/australian-political-parties-hacked-by-nation-state-attacker/
https://www.abc.net.au/news/2019-02-18/someone-tried-to-hack-parliament-are-our-politicians-vulnerable/10822072


Photo credit:
https://c1.staticflickr.com/7/6179/6180104944_56c7ce7e91_b.jpg

Airlines Don’t Encrypt Your Passenger Data for E-Tickets - ThreatWire

Feb 12, 2019 09:22

Description:

Apple Fixes their FaceTime Bug, and Finds More Issues in the process, airlines are found not encrypting your passenger data, and detailed and accurate GPS data was being sold off! All that coming up now on ThreatWire. #threatwire #hak5

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Links:
Apple Facetime Update:
https://arstechnica.com/information-technology/2019/02/apple-pushes-fix-for-facepalm-possibly-its-creepiest-vulnerability-ever/
https://support.apple.com/en-us/HT209520
https://support.apple.com/en-us/HT209521
https://www.zdnet.com/article/ios-12-1-4-fixes-iphone-facetime-spying-bug/
https://www.businessinsider.com/apple-security-audit-on-group-facetime-bug-discovers-second-flaw-2019-2
https://twitter.com/benhawkes/status/1093581737924259840
https://techcrunch.com/2019/02/06/iphone-session-replay-screenshots/
https://techcrunch.com/2019/02/07/apple-glassbox-apps/


Airline Systems:
https://www.wandera.com/mobile-security/airline-check-in-risk/
https://threatpost.com/flaw-in-multiple-airline-systems-exposes-passenger-data/141596/
https://www.cyberscoop.com/airlines-ticketing-email-hackers-wandera-southwest/

Cell Carriers:
https://motherboard.vice.com/en_us/article/j575dg/what-a-gps-data-is-and-why-wireless-carriers-most-definitely-shouldnt-be-selling-it
https://motherboard.vice.com/en_us/article/a3b3dg/big-telecom-sold-customer-gps-data-911-calls
https://motherboard.vice.com/en_us/article/43z3dn/hundreds-bounty-hunters-att-tmobile-sprint-customer-location-data-years

 

Photo credit:
https://upload.wikimedia.org/wikipedia/commons/d/d5/N731SW_Southwest.jpg

 

5G Network Security Flaw Discovered! FaceTime Disabled - ThreatWire

Feb 5, 2019 08:09

Description:

A new 5G security flaw hits the news, surveillance through facetime, and facebook stops at nothing to get at your data! All that coming up now on ThreatWire. #threatwire #hak5


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org 
Shop → https://www.hakshop.com 
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1 
Support → https://www.patreon.com/threatwire 
Contact Us → http://www.twitter.com/hak5 
Threat Wire RSS → https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999 

Host: Shannon Morse → https://www.twitter.com/snubs 
Host: Darren Kitchen → https://www.twitter.com/hak5darren 
Host: Mubix → http://www.twitter.com/mubix 
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆


Links:
https://www.zdnet.com/article/new-security-flaw-impacts-5g-4g-and-3g-telephony-protocols/
https://eprint.iacr.org/2018/1175.pdf
https://www.cnet.com/news/security-flaw-allows-for-spying-over-5g-researchers-find/

https://9to5mac.com/2019/01/28/facetime-bug-hear-audio/
https://www.buzzfeednews.com/article/nicolenguyen/facetime-bug-iphone
https://www.cnet.com/news/apples-facetime-bug-was-discovered-by-a-teen-playing-fortnite/
https://twitter.com/MGT7500/status/1087171594756083713
https://twitter.com/MGT7500/status/1090079031666438144
https://twitter.com/BEASTMODE/status/1090298850764644352
https://www.cyberscoop.com/facetime-bug-group-chat-disabled-apple-ios-macos/
https://www.apple.com/support/systemstatus/
https://www.zdnet.com/article/iphone-facetime-bug-now-apple-sued-over-eavesdrop-on-lawyers-client-phone-call/
https://www.cnet.com/news/apple-facetime-bug-prompts-investigation-from-ny-attorney-general/
https://www.zdnet.com/article/ios-12-1-4-is-coming-to-fix-the-worst-iphone-and-ipad-bug-to-date/

https://www.cnet.com/news/facebook-shuts-down-ios-research-app-it-used-to-access-user-data/
https://www.cnet.com/news/apple-restores-facebooks-ability-to-run-internal-apps/
https://www.cnet.com/news/googles-data-gathering-app-may-have-also-violated-apples-policies/
https://threatpost.com/google-pulls-data-chugging-app-from-ios-devices/141358/

 

Photo credit:
https://pixabay.com/p-387026/?no_redirect

DNS Hijacking Worldwide; Cell Carriers Stop Selling Data - ThreatWire

Jan 15, 2019 08:57

Description:

A systemd vulnerability creates concern, DNS Hijacking goes worldwide, and major telcos are still selling location data for their users! All that coming up now on ThreatWire. #threatwire #hak5

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org 
Shop → https://www.hakshop.com 
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1 
Support → https://www.patreon.com/threatwire 
Contact Us → http://www.twitter.com/hak5 
Threat Wire RSS → https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999 

Host: Shannon Morse → https://www.twitter.com/snubs 
Host: Darren Kitchen → https://www.twitter.com/hak5darren 
Host: Mubix → http://www.twitter.com/mubix 
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Links:
https://www.qualys.com/2019/01/09/system-down/system-down.txt
https://www.zdnet.com/article/new-linux-systemd-security-holes-uncovered/
https://thehackernews.com/2019/01/linux-systemd-exploit.html

https://www.fireeye.com/blog/threat-research/2019/01/global-dns-hijacking-campaign-dns-record-manipulation-at-scale.html
https://www.us-cert.gov/ncas/current-activity/2019/01/10/DNS-Infrastructure-Hijacking-Campaign
https://www.wired.com/story/iran-dns-hijacking/
https://arstechnica.com/information-technology/2019/01/a-dns-hijacking-wave-is-targeting-companies-at-an-almost-unprecedented-scale/
https://www.cyberscoop.com/fireeye-dns-hijacking-record-manipulation-iran/

https://motherboard.vice.com/en_us/article/nepxbz/i-gave-a-bounty-hunter-300-dollars-located-phone-microbilt-zumigo-tmobile
https://www.wired.com/story/carriers-sell-location-data-third-parties-privacy/
https://arstechnica.com/tech-policy/2019/01/after-broken-promise-att-says-itll-stop-selling-phone-location-data/
https://motherboard.vice.com/en_us/article/d3bnyv/google-demanded-tmobile-sprint-to-not-sell-google-fi-customers-location-data
https://motherboard.vice.com/en_us/article/j5z74d/senators-harris-warner-wyden-fcc-investigate-att-sprint-tmobile-bounty-hunters
https://www.cnet.com/news/congress-asks-fcc-for-emergency-briefing-on-ending-location-data-sales/
https://energycommerce.house.gov/sites/democrats.energycommerce.house.gov/files/documents/FCC.2019.1.11.%20Letter%20to%20the%20FCC%20re%20unauthorized%20disclosures%20of%20consumer%20data.CAT_.pdf

 

Photo credit:
https://cdn.pixabay.com/photo/2017/04/03/14/42/smartphone-2198559_960_720.jpg

 

The 5 Biggest & Worst Hacks of 2018 - ThreatWire

Jan 2, 2019 07:10

Description:

It’s the 5 biggest and worst hacks of 2018! All that coming up now on ThreatWire. #threatwire #hak5


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org 
Shop → https://www.hakshop.com 
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1 
Support → https://www.patreon.com/threatwire 
Contact Us → http://www.twitter.com/hak5 
Threat Wire RSS → https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999 

Host: Shannon Morse → https://www.twitter.com/snubs 
Host: Darren Kitchen → https://www.twitter.com/hak5darren 
Host: Mubix → http://www.twitter.com/mubix 
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆


MyHeritage and 23andMe:
https://blog.myheritage.com/2018/06/myheritage-statement-about-a-cybersecurity-incident/#
https://blog.23andme.com/news/a-note-on-23andmes-new-collaboration-with-gsk/

Exactis:
https://www.wired.com/story/exactis-database-leak-340-million-records/

Facebook:
https://www.recode.net/2018/3/17/17134072/facebook-cambridge-analytica-trump-explained-user-data
https://www.nytimes.com/interactive/2018/06/03/technology/facebook-device-partners-users-friends-data.html
https://newsroom.fb.com/news/2018/09/security-update/
https://developers.facebook.com/blog/post/2018/12/14/notifying-our-developer-ecosystem-about-a-photo-api-bug/

Marriott:
http://news.marriott.com/2018/11/marriott-announces-starwood-guest-reservation-database-security-incident/

Aadhar
https://www.zdnet.com/article/another-data-leak-hits-india-aadhaar-biometric-database/

Photo credit:
https://pixabay.com/p-3010443/?no_redirect

Facebook Exposes Private Photos For Millions of Users - ThreatWire

Dec 18, 2018 09:07

Description:

Shamoon malware is back, Facebook exposes private photos for millions of users, and SuperMicro did an audit to prove their innocence! All that coming up now on ThreatWire. #threatwire #hak5

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org 
Shop → https://www.hakshop.com 
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1 
Support → https://www.patreon.com/threatwire 
Contact Us → http://www.twitter.com/hak5 
Threat Wire RSS → https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999 

Host: Shannon Morse → https://www.twitter.com/snubs 
Host: Darren Kitchen → https://www.twitter.com/hak5darren 
Host: Mubix → http://www.twitter.com/mubix 
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Links:

Shamoon:

https://www.cyberscoop.com/shamoon-saipem-palo-alto-networks/

https://thehackernews.com/2018/12/shamoon-malware-attack.html

http://www.saipem.com/en_IT/static/documents/PR%20Saipem%2010_1_2018.pdf

http://www.saipem.com/sites/SAIPEM_en_IT/con-side-dx/Press%20releases/2018/Cyber%20attack%20update.page

https://threatpost.com/shamoon-new-wiper-attack/139881/

https://www.zdnet.com/article/shamoon-malware-destroys-data-at-italian-oil-and-gas-company/

 

Facebook:

https://developers.facebook.com/blog/post/2018/12/14/notifying-our-developer-ecosystem-about-a-photo-api-bug/

https://techcrunch.com/2018/12/14/facebook-photo-bug/

https://threatpost.com/facebook-photos-exposed/139940/

https://www.zdnet.com/article/facebook-bug-exposed-private-photos-of-6-8-million-users/

https://www.facebook.com/help/200632800873098?ref=photonotice

 

SuperMicro update:

https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies

https://www.supermicro.com/en/news/CEO-3rdPartySecurity-Update

https://arstechnica.com/information-technology/2018/12/supermicro-refutes-report-of-malicious-implants-with-audit/

https://www.supermicro.com/en/news/CEO-3rdPartySecurity-Update



Photo credit:

https://imagesvc.timeincapp.com/v3/mm/image?url=https%3A%2F%2Ffortunedotcom.files.wordpress.com%2F2018%2F04%2Ffacebook-screen.jpg&w=1000&q=85

 

Australia’s Anti-Encryption Bill Passes - ThreatWire

Dec 11, 2018 11:16

Description:

Australia’s Anti-Encryption Bill Passes, Banks Get Hit With Old School Social Engineering and new school tech, and Huawei gets banned in multiple countries! All that coming up now on ThreatWire. #threatwire #hak5

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Links:
Australia’s new Anti-encryption bill:
https://www.aph.gov.au/Parliamentary_Business/Bills_Legislation/Bills_Search_Results/Result?bId=r6195
https://thehackernews.com/2018/12/australia-anti-encryption-bill.html
https://www.zdnet.com/article/australia-now-has-encryption-busting-laws-as-labor-capitulates/
https://www.zdnet.com/article/shorten-defends-process-of-passing-encryption-laws-and-reviewing-later/
https://www.cnet.com/news/australia-passes-encryption-assistance-access-laws-facebook-google-twitter-apple-amazon/
https://www.cyberscoop.com/australia-encryption-backdoors-law-passes/
https://threatpost.com/australia-anti-encryption-law-triggers-sweeping-backlash/139697/

Banks hacked:
https://www.kaspersky.com/blog/dark-vishnya-attack/24867/
https://securelist.com/darkvishnya/89169/
https://www.hak5.org/gear/bash-bunny
https://www.zdnet.com/article/eastern-european-banks-lose-tens-of-millions-of-dollars-in-hollywood-style-hacks/
https://www.cyberscoop.com/darkvishnya-kaspersky-physical-devices-banks/

Huawei:
https://www.businessinsider.com/huawei-meng-wanzhou-trump-china-trade-war-2018-12
https://www.nytimes.com/2018/12/07/technology/huawei-meng-wanzhou-fraud.html
https://www.zdnet.com/article/trudeau-denies-involvement-in-huawei-arrest/
https://www.zdnet.com/article/japan-looking-at-banning-huawei-and-zte-from-government-deals/
https://www.zdnet.com/article/bt-avoids-huawei-for-5g-after-stripping-tech-from-ee-mobile-network/


Photo credit:
https://upload.wikimedia.org/wikipedia/commons/7/7a/Aus_Flag.jpg

 

Marriott’s Starwood Database Stolen - 500 Million Guests Exposed - ThreatWire

Dec 4, 2018 10:24

Description:

Dunkin Donuts Got Hacked?! Not Necessarily, 500M Customers are Affected in a Huge Breach, and Thousands of Routers are infected with an NSA exploit! All that coming up now on ThreatWire. #threatwire #hak5


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆


Links:
Marriott Breach: via Joel
http://news.marriott.com/2018/11/marriott-announces-starwood-guest-reservation-database-security-incident/
https://answers.kroll.com/
https://www.cyberscoop.com/marriott-data-breach-starwood-hotels-gdpr/
https://www.zdnet.com/article/starwood-hotels-fall-prey-to-point-of-sale-malware/
https://www.zdnet.com/article/20-top-us-hotels-hit-by-fresh-malware-attacks/
https://arstechnica.com/information-technology/2018/11/marriott-breach-leaves-500-million-exposed-with-passport-card-numbers-stolen/
https://threatpost.com/2014-marriott-data-breach-exposed-500m-guests-impacted/139507/
https://twitter.com/NewYorkStateAG/status/1068510072396029952
https://www.zdnet.com/article/marriott-faces-massive-data-breach-expenses-even-with-cybersecurity-insurance/
https://www.wired.com/story/marriott-hack-protect-yourself/


Dunkin Donuts Breached:
https://www.dunkindonuts.com/content/dam/dd/pdf/Security_Update.pdf
https://www.cyberscoop.com/dunkin-donuts-struck-in-latest-credential-stuffing-attack/
https://www.bostonglobe.com/business/2018/11/29/your-dunkin-donuts-account-may-have-been-hacked/8WWXZJzX3ZwAhKit2xavwL/story.html
https://motherboard.vice.com/en_us/article/59v5d8/dunkin-donuts-loyalty-points-accounts-dark-web-buy-sell-cheap


NSA Malware Makes Its Way Onto Consumer Routers:
https://blogs.akamai.com/sitr/2018/11/upnproxy-eternalsilence.html
https://www.akamai.com/cn/zh/multimedia/documents/white-paper/upnproxy-blackhat-proxies-via-nat-injections-white-paper.pdf
https://arstechnica.com/information-technology/2018/11/mass-router-hack-exposes-millions-of-devices-to-potent-nsa-exploit/


Photo credit:
https://upload.wikimedia.org/wikipedia/commons/7/7e/Hotel_Marriott_Vienna.jpg

 

USPS Exposes 60 Million; Amazon Ignores Infosec Incident Questions - ThreatWire

Nov 27, 2018 08:28

Description:

Amazon quietly discloses a security incident, USPS finally fixes a vulnerability they knew about a year ago, and rowhammer is back with a vengeance ! All that coming up now on ThreatWire. #threatwire #hak5


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop → https://www.hakshop.com
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Links:
Amazon
https://www.cyberscoop.com/amazon-keeps-tight-lipped-pre-black-friday-security-incident/
https://www.zdnet.com/article/amazon-leaks-users-email-addresses-due-to-technical-error/
https://arstechnica.com/information-technology/2018/11/amazon-customers-names-and-email-addresses-disclosed-by-website-error/
https://betanews.com/2018/11/21/amazon-discloses-names-and-addreses/

USPS
https://www.zdnet.com/article/usps-finally-fixes-website-flaw-that-exposed-60-million-users-data/
https://krebsonsecurity.com/2018/11/usps-site-exposed-data-on-60-million-users/
https://www.cnet.com/news/usps-reportedly-fixes-website-bug-that-exposed-data-of-60m-users/
https://thehackernews.com/2018/11/usps-data-breach.html
https://www.uspsoig.gov/sites/default/files/document-library-files/2018/IT-AR-19-001.pdf

Rowhammer
https://www.zdnet.com/article/rowhammer-attacks-can-now-bypass-ecc-memory-protections/
https://arstechnica.com/information-technology/2018/11/potentially-disastrous-rowhammer-bitflips-can-bypass-ecc-protections/
https://www.wired.com/story/rowhammer-ecc-memory-data-hack/
https://www.vusec.net/projects/eccploit/


Photo credit:
https://upload.wikimedia.org/wikipedia/commons/0/02/USPS-Mail-Truck.jpg

 

20 Minute ATM Hacks, Google Fi Adds A VPN! - ThreatWire

Nov 20, 2018 09:44

Description:

Millions of SMS Messages were exposed in a leak, a New Always-On VPN from Google Fi is now available, and hacking an ATM in 20 minutes or less? Totally possible! All that coming up now on ThreatWire. #threatwire #hak5


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org 
Shop → https://www.hakshop.com 
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1 
Support → https://www.patreon.com/threatwire 
Contact Us → http://www.twitter.com/hak5 
Threat Wire RSS → https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999 

Host: Shannon Morse → https://www.twitter.com/snubs 
Host: Darren Kitchen → https://www.twitter.com/hak5darren 
Host: Mubix → http://www.twitter.com/mubix 
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Links:
https://techcrunch.com/2018/11/15/millions-sms-text-messages-leaked-two-factor-codes/
https://arstechnica.com/information-technology/2018/11/millions-of-sms-texts-in-unsecured-database-expose-2fa-codes-and-reset-links/
https://www.cnet.com/news/text-message-database-reportedly-leaked-password-resets/

https://www.zdnet.com/article/most-atms-can-be-hacked-in-under-20-minutes/
https://www.ptsecurity.com/upload/corporate/ww-en/analytics/ATM-Vulnerabilities-2018-eng.pdf

https://www.blog.google/products/project-fi/project-fis-enhanced-network-brings-faster-more-secure-connections/
https://arstechnica.com/gadgets/2018/11/google-adds-always-on-vpn-to-its-project-fi-cellular-service/
https://lifehacker.com/enable-project-fis-new-vpn-to-hide-your-mobile-browsing-1830441006

 


Photo credit:
https://libreshot.com/wp-content/uploads/2017/09/young-tourist-woman-atm.jpg

 

Will Election Security Ever Improve?! DJI Vulnerability “High Risk” - ThreatWire

Nov 13, 2018 11:21

Description:

USPS helps identity thieves steal your mail, a DJI vulnerability is listed as high risk, and Will Election Security Ever Improve?! All that coming up now on ThreatWire. #threatwire #hak5

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org 
Shop → https://www.hakshop.com 
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1 
Support → https://www.patreon.com/threatwire 
Contact Us → http://www.twitter.com/hak5 
Threat Wire RSS → https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999 

Host: Shannon Morse → https://www.twitter.com/snubs 
Host: Darren Kitchen → https://www.twitter.com/hak5darren 
Host: Mubix → http://www.twitter.com/mubix 
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Links:

USPS Informed Delivery
https://mashable.com/article/usps-informed-delivery-fraud/#nC9QnarFVgqL 
https://krebsonsecurity.com/2018/11/u-s-secret-service-warns-id-thieves-are-abusing-uspss-mail-scanning-service/ 
https://krebsonsecurity.com/2017/10/usps-informed-delivery-is-stalkers-dream/ 

DJI Flaw:
https://www.cnet.com/news/dji-fixes-vulnerability-that-let-potential-hackers-spy-on-drones/ 
https://www.wired.com/story/dji-drones-bugs-exposed-users-data/ 
https://threatpost.com/dji-patches-forum-bug-that-allowed-drone-account-takeovers/138922/ 
https://thehackernews.com/2018/11/dji-drone-hack_8.html 
https://blog.checkpoint.com/2018/11/08/the-spy-drone-in-your-cloud/ 

Voting Security:
https://motherboard.vice.com/en_us/article/kzvejx/voting-machine-manual-instructed-election-officials-to-use-weak-passwords 
https://www.bostonglobe.com/metro/2018/11/04/hackers-targeting-election-networks-across-country-lead-midterms/d0EzG4Cmh2jeMqllhXo4WP/story.html 
https://www.dhs.gov/news/2018/11/05/joint-statement-election-day-preparations 
https://www.dni.gov/index.php/newsroom/press-releases/item/1915-joint-statement-from-the-odni-doj-fbi-and-dhs-combating-foreign-influence-in-u-s-elections 
https://arstechnica.com/tech-policy/2018/11/are-elections-fixed-no-but-neither-is-election-security/ 


Photo credit:
https://upload.wikimedia.org/wikipedia/commons/2/2f/DJI_Mavic_Pro.jpg

 

Bypass DRM, Legally! Russia Tied to Infrastructure Malware - ThreatWire

Oct 30, 2018 08:43

Description:

A Privilege Escalation Flaw Hits Linux, you can now bypass DRM, legally, and Triton Malware is Tied To the Russian Government! All that coming up now on ThreatWire.


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org 
Shop → https://www.hakshop.com 
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1 
Support → https://www.patreon.com/threatwire 
Contact Us → http://www.twitter.com/hak5 
Threat Wire RSS → https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999 

Host: Shannon Morse → https://www.twitter.com/snubs 
Host: Darren Kitchen → https://www.twitter.com/hak5darren 
Host: Mubix → http://www.twitter.com/mubix 
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Linux Privilege Escalation Flaw;
https://thehackernews.com/2018/10/privilege-escalation-linux.html
https://www.zdnet.com/article/new-security-flaw-impacts-most-linux-and-bsd-distros/
https://lists.x.org/archives/xorg-announce/2018-October/002927.html
https://www.securepatterns.com/2018/10/cve-2018-14665-xorg-x-server.html
https://twitter.com/hackerfantastic/status/1055568290112831490/photo/1


DRM:
https://www.federalregister.gov/documents/2018/10/26/2018-23241/exemption-to-prohibition-on-circumvention-of-copyright-protection-systems-for-access-control
https://www.zdnet.com/article/need-to-fix-an-iphone-or-android-device-you-can-now-break-drm-under-new-us-rules/
https://motherboard.vice.com/en_us/article/xw9bwd/1201-exemptions-right-to-repair
https://boingboing.net/2018/10/25/use-exemptions.html

Russia Tied to Infrastructure Attack:
https://www.fireeye.com/blog/threat-research/2018/10/triton-attribution-russian-government-owned-lab-most-likely-built-tools.html
https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html
https://www.cyberscoop.com/trisis-ics-malware-saudi-arabia/
https://arstechnica.com/information-technology/2018/10/russia-was-likely-behind-dangerous-critical-infrastructure-attack-report-says/
https://thehackernews.com/2018/10/russia-triton-ics-malware.html
https://www.wired.com/story/triton-malware-russia-industrial-controls/
https://motherboard.vice.com/en_us/article/9k74az/triton-malware-russian-government-saudi-arabia-petrol-plant


Photo credit:
https://cdn2.macworld.co.uk/cmsdata/features/3427174/iPhone_5S_JAILBREAK.jpg

 

Adult Site Leaks Data, Early TLS Versions Deprecated - ThreatWire

Oct 23, 2018 08:39

Description:

Private Data from an Adult Site is Exposed, TLS 1.0 & 1.1 will be Deprecated In 2020, and an IoT Operating System is found Vulnerable to Hacks! All that coming up now on ThreatWire.

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Shop → http://www.hakshop.com 
Subscribe → http://www.youtube.com/hak5 
RSS Feeds → https://www.hak5.org/subscribe 
Support → http://www.patreon.com/threatwire 
Amazon Associates → https://amzn.to/2pHgf8T 

Our Site → http://www.hak5.org 
Contact Us → http://www.twitter.com/hak5 
Threat Wire RSS → https://shannonmorse.podbean.com/feed
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999  

Help us with Translations! → http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ 

For Business Inquiries, please use our contact forms → https://www.hak5.org/contact 

Producer: Shannon Morse → https://www.youtube.com/channel/UCefsgN8xeWIp658QvOl73qA 
Editor: Colleen Cavolo
Host: Shannon Morse → https://www.twitter.com/snubs 
Host: Darren Kitchen → https://www.twitter.com/hak5darren 
Host: Mubix → http://www.twitter.com/mubix 
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Links:
Adult Site Data Exposed:
https://twitter.com/haveibeenpwned/status/1053745264090116102
https://twitter.com/troyhunt/status/1053751051352969219
https://arstechnica.com/information-technology/2018/10/hack-on-8-adult-websites-exposes-oodles-of-intimate-user-data/
https://twitter.com/hashcat/status/1053016015871852546
https://haveibeenpwned.com/PwnedWebsites#WifeLovers

TLS 1.0 and 1.1 Deprecated:
https://arstechnica.com/gadgets/2018/10/browser-vendors-unite-to-end-support-for-20-year-old-tls-1-0/
https://webkit.org/blog/8462/deprecation-of-legacy-tls-1-0-and-1-1-versions/
https://security.googleblog.com/2018/10/modernizing-transport-security.html
https://blogs.windows.com/msedgedev/2018/10/15/modernizing-tls-edge-ie11/#sqWRkguy62CtVDut.97
https://tools.ietf.org/html/draft-ietf-tls-oldversions-deprecate-00
https://blog.mozilla.org/security/2018/10/15/removing-old-versions-of-tls/

IoT OS Vulnerable:
https://thehackernews.com/2018/10/amazon-freertos-iot-os.html

https://aws.amazon.com/freertos/
https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/
https://github.com/aws/amazon-freertos/blob/master/CHANGELOG.md


Photo credit:
https://upload.wikimedia.org/wikipedia/commons/e/eb/Placing_a_wedding_ring.jpg

Google+ Says Goodbye, Bloomberg Vs Big Tech - ThreatWire

Oct 16, 2018 12:04

Description:

Fact or Fiction? It’s Bloomberg Vs Big Tech! The Facebook Vulnerability Affects 30 Million (Not 50 million!), and Google+ Says Goodbye! All that coming up now on ThreatWire.

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Shop → http://www.hakshop.com 
Subscribe → http://www.youtube.com/hak5 
RSS Feeds → https://www.hak5.org/subscribe 
Support → http://www.patreon.com/threatwire 
Amazon Associates → https://amzn.to/2pHgf8T 

Our Site → http://www.hak5.org 
Contact Us → http://www.twitter.com/hak5 
Threat Wire RSS → https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999 

Help us with Translations! → http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ 

For Business Inquiries, please use our contact forms → https://www.hak5.org/contact 

Producer: Shannon Morse → https://www.youtube.com/channel/UCefsgN8xeWIp658QvOl73qA 
Editor: Perrin M
Host: Shannon Morse → https://www.twitter.com/snubs 
Host: Darren Kitchen → https://www.twitter.com/hak5darren 
Host: Mubix → http://www.twitter.com/mubix 
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Links:
Facebook update:
https://newsroom.fb.com/news/2018/10/update-on-security-issue/  
https://arstechnica.com/information-technology/2018/10/facebook-hackers-stole-locations-and-other-private-data-for-millions-of-users/ 
https://www.cnet.com/news/facebook-e-mails-phone-numbers-and-other-personal-information-accessed-during-breach/ 
https://www.cnet.com/news/in-facebooks-massive-breach-the-hackers-friends-were-the-first-victims/ 
https://www.securityweek.com/facebook-says-hackers-accessed-data-29-million-users 
https://www.zdnet.com/article/facebook-downgrades-breach-count-from-50-million-to-30-million-users/ 

Bloomberg Microchips:
https://www.bloomberg.com/businessweek 
https://arstechnica.com/gadgets/2018/10/bloomberg-super-micro-motherboards-used-by-apple-amazon-contained-chinese-spy-chips/ 
https://www.bloomberg.com/news/articles/2018-10-04/the-big-hack-amazon-apple-supermicro-and-beijing-respond 
https://motherboard.vice.com/en_us/article/qv9npv/bloomberg-china-supermicro-apple-hack 
https://techcrunch.com/2018/10/04/bloomberg-spy-chip-murky-world-national-security-reporting/ 
https://arstechnica.com/information-technology/2018/10/supermicro-boards-were-so-bug-ridden-why-would-hackers-ever-need-implants/ 
https://blog.rapid7.com/2013/07/02/a-penetration-testers-guide-to-ipmi/ 
https://krebsonsecurity.com/2018/10/supply-chain-security-is-the-whole-enchilada-but-whos-willing-to-pay-for-it/ 

Google+ via Joel:
https://www.wsj.com/articles/google-exposed-user-data-feared-repercussions-of-disclosing-to-public-1539017194  
https://motherboard.vice.com/en_us/article/qv9xmb/google-plus-is-shutting-down-after-security-bug-exposed-user-info 
https://www.blog.google/technology/safety-security/project-strobe/ 
https://www.cnet.com/news/senate-seeks-internal-memo-on-google-vulnerability/ 
https://www.usatoday.com/story/tech/2018/09/28/google-ceo-sundar-pichai-testify-before-congress-conservative-bias-charges/1457087002/ 
https://threatpost.com/google-privacy-snafu-leaves-a-cloud-over-the-tech-landscape/138098/ 

 

Photo credit:
https://www.extremetech.com/wp-content/uploads/2014/02/EM8R5.jpg

 

Facebook Hacked, Access Tokens Stolen - ThreatWire

Oct 2, 2018 09:40

Description:

Linux Vulnerabilities were Found, Current Voting Machines were also found to be Vulnerable to hacks, and Facebook was Hacked! All that coming up now on ThreatWire.


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Shop → http://www.hakshop.com
Subscribe → http://www.youtube.com/hak5
RSS Feeds → https://www.hak5.org/subscribe
Support → http://www.patreon.com/threatwire
Amazon Associates → https://amzn.to/2pHgf8T

Our Site → http://www.hak5.org
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Help us with Translations! → http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ

For Business Inquiries, please use our contact forms → https://www.hak5.org/contact

Producer: Shannon Morse → https://www.youtube.com/channel/UCefsgN8xeWIp658QvOl73qA
Editor: Colleen Cavolo
Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Linux Flaws:
https://threatpost.com/local-privilege-escalation-flaw-in-linux-kernel-allows-root-access/137748/
https://www.qualys.com/2018/09/25/cve-2018-14634/mutagen-astronomy-integer-overflow-linux-create_elf_tables-cve-2018-14634.txt
https://access.redhat.com/security/cve/cve-2018-14634
https://access.redhat.com/security/cve/cve-2018-17182
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/mm/vmacache.c?id=7a9cdebdcc17e426fb5287e4a82db1dfe86339b2
https://thehackernews.com/2018/09/linux-kernel-exploit.html
https://threatpost.com/another-linux-kernel-bug-surfaces-allowing-root-access/137800/

Voting:
https://defcon.org/images/defcon-26/DEF%20CON%2026%20voting%20village%20report.pdf
https://arstechnica.com/information-technology/2018/09/e-voting-researchers-warn-of-hack-that-could-flip-the-electoral-college/
https://www.cnet.com/news/half-of-us-states-using-voting-machines-with-a-known-vulnerability-says-report/
https://www.cnet.com/news/campaign-2018-voting-machines-are-vulnerable-to-hacking/

Facebook:
https://newsroom.fb.com/news/2018/09/security-update/
https://threatpost.com/facebook-data-breach-impacts-almost-50-million-accounts/137801/
https://www.businessinsider.com/facebook-hack-how-to-check-if-you-were-affected-2018-9
https://krebsonsecurity.com/2018/09/facebook-security-bug-affects-90m-users/
https://motherboard.vice.com/en_us/article/mbw3zb/facebook-hacked-50-million-users-affected
https://thehackernews.com/2018/09/facebook-account-hacked.html


Photo credit:
https://c1.staticflickr.com/1/813/26405895567_3ba098e250_b.jpg

No Jail Time for Mirai Authors - ThreatWire

Sep 25, 2018 08:23

Description:

Newegg gets hit by the British Airways attackers, a Twitter bug sent direct messages to developers, and the three men behind Mirai don’t receive jail time. All that coming up now on ThreatWire.

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Shop → http://www.hakshop.com
Subscribe → http://www.youtube.com/hak5
RSS Feeds → https://www.hak5.org/subscribe
Support → http://www.patreon.com/threatwire
Amazon Associates → https://amzn.to/2pHgf8T

Our Site → http://www.hak5.org
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Help us with Translations! → http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ

For Business Inquiries, please use our contact forms → https://www.hak5.org/contact

Producer: Shannon Morse → https://www.youtube.com/channel/UCefsgN8xeWIp658QvOl73qA
Editor: Perrin M
Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Links:
Newegg:
https://arstechnica.com/information-technology/2018/09/newegg-hit-by-credit-card-stealing-code-injected-into-shopping-code/
https://www.cnet.com/news/newegg-data-breach-exposed-customer-credit-card-info-says-report/
https://twitter.com/Newegg/status/1042466284577779712?ref_src=twsrc%5Etfw
https://kb.newegg.com/knowledge-base/2018-data-security-update-faq/?cm_mmc=snc-twitter-_-kb-faq-_-na-_-na
https://www.riskiq.com/blog/labs/magecart-newegg/
https://www.volexity.com/blog/2018/09/19/magecart-strikes-again-newegg/

Twitter:
https://help.twitter.com/en/account-activity-api
https://developer.twitter.com/en/products/accounts-and-users/account-activity-api.html
https://blog.twitter.com/developer/en_us/topics/tools/2018/details-for-developers-on-Account-Activity-API-bug.html
https://www.cnet.com/news/twitter-may-have-sent-your-private-dms-to-the-wrong-people-but-probably-not/
https://threatpost.com/twitter-flaw-exposed-direct-messages-to-external-developers/137608/
https://techcrunch.com/2018/09/21/twitter-bug-sent-user-direct-messages-to-developers-for-over-a-year/

Mirai:
https://www.justice.gov/usao-ak/pr/hackers-cooperation-fbi-leads-substantial-assistance-other-complex-cybercrime
https://krebsonsecurity.com/2018/09/mirai-botnet-authors-avoid-jail-time/
https://www.cnet.com/news/hackers-behind-mirai-botnet-could-be-sentenced-to-working-for-the-fbi/
https://thehackernews.com/2018/09/mirai-botnet-fbi-cybercrime.html

Photo credit:
https://c1.staticflickr.com/1/967/41911616902_13d3d1007a_b.jpg

Cold Boot Attacks are Back! - ThreatWire

Sep 18, 2018 09:25

Description:

Cold boot attacks are back, British Airways got their Website Hacked, and the GCHQ Data Collection Standards are deemed Illegal. All that coming up now on ThreatWire.

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Shop → http://www.hakshop.com
Subscribe → http://www.youtube.com/hak5
RSS Feeds → https://www.hak5.org/subscribe
Support → http://www.patreon.com/threatwire
Amazon Associates → https://amzn.to/2pHgf8T

Our Site → http://www.hak5.org
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Help us with Translations! → http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ

For Business Inquiries, please use our contact forms → https://www.hak5.org/contact

Producer: Shannon Morse → https://www.youtube.com/channel/UCefsgN8xeWIp658QvOl73qA
Editor: Perrin M
Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Links:
Cold Boot:
https://arstechnica.com/gadgets/2018/09/cold-boot-attacks-given-new-life-with-firmware-attack/
https://blog.f-secure.com/cold-boot-attacks/
https://techcrunch.com/2018/09/12/security-flaw-in-nearly-all-modern-pcs-and-macs-leaks-encrypted-data/
https://www.cnet.com/news/almost-all-modern-computers-affected-by-cold-boot-attack-researchers-warn/
https://www.wired.com/story/cold-boot-break-pc-encryption/
https://thehackernews.com/2018/09/cold-boot-attack-encryption.html

British Airways:
https://www.britishairways.com/en-us/information/incident/data-theft/latest-information#
https://www.wired.com/story/british-airways-hack-details/
https://arstechnica.com/information-technology/2018/09/british-airways-site-had-credit-card-skimming-code-injected/
https://www.cnet.com/news/british-airways-data-breach-put-customers-financial-info-at-risk/

GCHQ:
https://arstechnica.com/tech-policy/2018/09/bulk-interception-by-gchq-and-nsa-violated-human-rights-charter-european-court-rules/
https://hudoc.echr.coe.int/eng-press#{%22itemid%22:[%22003-6187848-8026299%22]}
https://www.theguardian.com/uk-news/2018/sep/13/gchq-data-collection-violated-human-rights-strasbourg-court-rules


Photo credit:
https://www.goodfreephotos.com/albums/animals/mammals/a-pair-of-rams-in-the-winter.jpg

 

Hacker Charged for Sony and WannaCry Hacks - ThreatWire

Sep 11, 2018 08:30

Description:

A Popular Anti-Adware App is Actually Spyware, the US Charges a North Korean hacker for the Sony Hack and WannaCry ransomware, and a Hacker Behind DDoS attempts Pleads Guilty to Bomb Threats. All that coming up now on ThreatWire.

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Shop → http://www.hakshop.com
Subscribe → http://www.youtube.com/hak5
RSS Feeds → https://www.hak5.org/subscribe
Support → http://www.patreon.com/threatwire
Amazon Associates → https://amzn.to/2pHgf8T

Our Site → http://www.hak5.org
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Help us with Translations! → http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ

For Business Inquiries, please use our contact forms → https://www.hak5.org/contact

Producer: Shannon Morse → https://www.youtube.com/channel/UCefsgN8xeWIp658QvOl73qA
Editor: Perrin M
Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Links:
Adware Doctor:
https://twitter.com/privacyis1st/status/1031428304543395840
https://www.youtube.com/watch?v=nZ7CVIy5Tq8&feature=youtu.be
https://thehackernews.com/2018/09/mac-adware-removal-tool.html
https://www.wired.com/story/adware-doctor-mac-app-store-spyware/
https://objective-see.com/blog/blog_0x37.html
https://www.securityweek.com/mac-apps-apples-app-store-steal-user-data-researchers-say
https://threatpost.com/apple-finally-boots-sneaky-adware-doctor-app-from-mac-app-store/137319/
https://threatpost.com/top-macos-app-exfiltrates-browser-histories-behind-users-backs/137247/
https://motherboard.vice.com/en_us/article/wjye8x/mac-anti-adware-doctor-app-steals-browsing-history

North Korean Charged:
https://www.justice.gov/opa/press-release/file/1092091/download
https://www.wired.com/story/doj-north-korea-hacker-sony-wannacry-complaint/
https://arstechnica.com/information-technology/2018/09/us-indicts-north-korean-agents-for-wannacry-sony-attacks/
https://www.zdnet.com/article/how-us-authorities-tracked-down-the-north-korean-hacker-behind-wannacry/
https://thehackernews.com/2018/09/wannacry-north-korea-hacks.html
https://www.cnet.com/news/justice-department-charges-north-korean-hacker-linked-to-wannacry-2014-sony-hack/
https://motherboard.vice.com/en_us/article/j5nyyx/doj-charge-north-korea-wannacry-sony-hack

ProtonMail:
https://krebsonsecurity.com/2018/09/leader-of-ddos-for-hire-gang-pleads-guilty-to-bomb-threats/
https://www.zdnet.com/article/hacker-uses-protonmail-vpn-hacker-ddoses-protonmail-hacker-gets-arrested/
https://protonmail.com/blog/apophis-squad-arrest/
https://www.zdnet.com/article/popular-vpns-contain-code-execution-security-flaws-despite-patches/
https://www.securityweek.com/vpn-firms-release-new-patches-privilege-escalation-flaw
https://blog.talosintelligence.com/2018/09/vulnerability-spotlight-Multi-provider-VPN-Client-Privilege-Escalation.html

 

Photo credit:
https://cdn.pixabay.com/photo/2016/01/20/09/03/north-korea-1151137_960_720.jpg

Fornite Rewards for 2FA, T-Mobile Hacked, and Apache Struts Vulnerable to Hacks - ThreatWire

Aug 29, 2018 09:17

Description:

Fortnite rewards for security while having security issues of their own, 2 million are affected in a t-mobile hack, and a New Apache Struts Flaw Affects Web Servers. All that coming up now on ThreatWire.


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Shop → http://www.hakshop.com
Subscribe → http://www.youtube.com/hak5
RSS Feeds → https://www.hak5.org/subscribe
Support → http://www.patreon.com/threatwire
Amazon Associates → https://amzn.to/2pHgf8T

Our Site → http://www.hak5.org
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Help us with Translations! → http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ

For Business Inquiries, please use our contact forms → https://www.hak5.org/contact

Producer: Shannon Morse → https://www.youtube.com/channel/UCefsgN8xeWIp658QvOl73qA
Editor: Colleen C.
Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Links:
Fortnite:
https://www.epicgames.com/fortnite/en-US/news/2fa
https://www.cnet.com/news/fortnite-has-a-giveaway-if-you-enable-two-factor-authentication/
https://www.businessinsider.com/fortnite-two-factor-authentication-2018-8
https://duo.com/blog/state-of-the-auth-experiences-and-perceptions-of-multi-factor-authentication
https://www.cnet.com/news/want-fortnite-for-android-you-wont-get-it-from-the-google-play-store/
https://thehackernews.com/2018/08/fortnite-android-app-apk.html
https://threatpost.com/fortnite-android-app-falls-victim-to-man-in-the-disk-flaw/136931/

T-Mobile (Via Joel on Discord):
https://www.t-mobile.com/customers/6305378821
https://thehackernews.com/2018/08/t-mobile-hack-breach.html
https://www.cnet.com/news/t-mobile-hack-may-have-exposed-2-million-customers-data/
https://www.zdnet.com/article/international-hackers-help-themselves-to-data-belonging-to-2-million-t-mobile-customers/
https://threatpost.com/t-mobile-alerts-2-3-million-customers-of-data-breach-tied-to-leaky-api/136896/
https://motherboard.vice.com/en_us/article/a3qpk5/t-mobile-hack-data-breach-api-customer-data

Apache Struts Flaw:
https://lgtm.com/blog/apache_struts_CVE-2018-11776
https://semmle.com/news/apache-struts-CVE-2018-11776
https://cwiki.apache.org/confluence/display/WW/S2-057
https://thehackernews.com/2018/08/apache-struts-vulnerability.html
https://krebsonsecurity.com/2018/08/experts-urge-rapid-patching-of-struts-bug/
https://www.recordedfuture.com/apache-struts-vulnerability-github/
https://github.com/jas502n/St2-057

 

Photo credit:
https://cdn2.unrealengine.com/Fortnite%2Fblog%2F2FA%2FBR05_News_Header_16_9_Boogiedown-Emote-1920x1080-38794c76e4c4264bb61c601db0dbb88f78e5e533.jpg

DEF CON 26: Voting Machines Hacked by Kids! - ThreatWire

Aug 15, 2018 07:37

Description:

Multiple Credit Card Readers are Flawed, the Amazon Echo Gets Creepy, and the Voting Machine Hacking Village creates waves. All that coming up now on ThreatWire.


-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Shop → http://www.hakshop.com 
Subscribe → http://www.youtube.com/hak5 
RSS Feeds → https://www.hak5.org/subscribe 
Support → http://www.patreon.com/threatwire 
Amazon Associates → https://amzn.to/2pHgf8T 

Our Site → http://www.hak5.org 
Contact Us → http://www.twitter.com/hak5 
Threat Wire RSS → https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999 

Help us with Translations! → http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ 

For Business Inquiries, please use our contact forms → https://www.hak5.org/contact 

Producer: Shannon Morse → https://www.youtube.com/channel/UCefsgN8xeWIp658QvOl73qA 
Editor: Perrin M
Host: Shannon Morse → https://www.twitter.com/snubs 
Host: Darren Kitchen → https://www.twitter.com/hak5darren 
Host: Mubix → http://www.twitter.com/mubix 
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Square:
https://www.cnet.com/news/security-flaws-in-mobile-point-of-sale-systems-spell-money-trouble/
https://www.cnet.com/videos/credit-card-readers-had-a-vulnerability-where-you-pay-the-price/ 
https://www.zdnet.com/article/paypal-square-vulnerabilities-impact-mobile-point-of-sale-machines/ 

Amazon Echo:
https://www.wired.com/story/hackers-turn-amazon-echo-into-spy-bug/ 
https://techcrunch.com/2018/08/13/security-researchers-found-a-way-to-hack-into-the-amazon-echo/ 
https://www.pymnts.com/amazon-alexa/2018/echo-defcon-smart-speakers-security-hackers-voice-ai/ 

Voting:
https://www.nass.org/node/1511 
https://www.wired.com/story/defcon-election-threat-funding/ 
https://www.cnet.com/news/us-officials-hope-hackers-at-defcon-find-more-voting-machine-problems/ 
https://threatpost.com/def-con-2018-voting-hacks-prompt-push-back-from-election-officials-vendors/134980/ 
http://time.com/5366171/11-year-old-hacked-into-us-voting-system-10-minutes/ 
https://twitter.com/VotingVillageDC/status/1028103644388962304  


Photo credit:
https://c1.staticflickr.com/4/3152/3004595893_2fd8ffdbe3_b.jpg

 

Steal One Billion Euros? Get Arrested - ThreatWire

Aug 7, 2018 00:09:28

Description:

Reddit gets hacked, and yes, SMS 2FA is still the worst option, an Apple iPhone chip manufacturer gets hit with a virus, and hackers get arrested for their role in 100+ breaches. All that coming up now on ThreatWire.

—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆
Shop → http://www.hakshop.com 
Subscribe → http://www.youtube.com/hak5 
RSS Feeds → https://www.hak5.org/subscribe 
Support → http://www.patreon.com/threatwire 
Amazon Associates → https://amzn.to/2pHgf8T 

Our Site → http://www.hak5.org 
Contact Us → http://www. [...]

23andMe Sells Your Data, Google Announces Titan - ThreatWire

Jul 31, 2018 00:12:21

Description:

Google announces Titan, a bluetooth enabled u2f device… huh…, Spectre grew up and now works remotely, and 23andMe starts selling data to big pharma. All that coming up now on ThreatWire.

—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆
Shop → http://www.hakshop.com 
Subscribe → http://www.youtube.com/hak5 
RSS Feeds → https://www.hak5.org/subscribe 
Support → http://www.patreon.com/threatwire 
Amazon Associates → https://amzn.to/2pHgf8T 

Our Site → http://www.hak5.org 
Contact Us →

Vulnerable Election Systems, and Venmo is Public by Default - ThreatWire

Jul 25, 2018 00:09:26

Description:

Election Systems are Vulnerable to Hacks, Venmo Is Public By Default, and Midterm Candidates are Attacked in phishing attempts. All that coming up now on ThreatWire.

—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆
Shop → http://www.hakshop.com 
Subscribe → http://www.youtube.com/hak5 
RSS Feeds → https://www.hak5.org/subscribe 
Support → http://www.patreon.com/threatwire 
Amazon Associates → https://amzn.to/2pHgf8T  

Our Site → http://www.hak5.org 
Contact Us → http://www.twitter.com/hak5 
Threat Wire RSS → < [...]

Fortnite Hackers Get Hacked, Mapping Public Fitness Data on Polar - ThreatWire

Jul 11, 2018 00:10:31

Description:

Polar Fitness shared home location data of soldiers, all inclusive malware features mining and ransomware, and Tens of Thousands are Affected by Fortnight Malware. All that coming up now on ThreatWire.

—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆
Shop → http://www.hakshop.com 
Subscribe → http://www.youtube.com/hak5 
RSS Feeds → https://www.hak5.org/subscribe 
Support → http://www.patreon.com/threatwire 
Amazon Associates → https://amzn.to/2pHgf8T 

Our Site → http://www.hak5.org 
Contact Us → http://www.twitter.com/hak [...]

California’s New Privacy Bill, Exactis Leak, & Gentoo Guthub Hacked - ThreatWire

Jul 4, 2018 00:08:45

Description:

Gentoo’s github account was hacked, a Marketing Firm Leaks Private Data on millions, and a new GDPR-like bill was signed into law in California. All that coming up now on ThreatWire. Links:

 

Links:

Gentoo Github Account Hacked:

https://www.gentoo.org/news/2018/06/28/Github-gentoo-org-hacked.html

https://www.zdnet.com/article/gentoo-github-mirror-hacked-and-considered-compromised/

https://archives.gentoo.org/gentoo-dev/message/03df77a347ec75a9b1ceaab3a2f76ee8

Location Data? Come Back With A Warrant! - ThreatWire

Jun 27, 2018 00:08:22

Description:

he Supreme Court ruled in favor of privacy advocates everywhere, Cell phone Carriers Stop Location Data Sharing, and you can totally Steal online Accounts Through Audio Files. All that coming up now on ThreatWire.

—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆
Shop → http://www.hakshop.com
Subscribe → http://www.youtube.com/hak5
RSS Feeds → https://www.hak5.org/subscribe
Support → http://www.patreon.com/threatwire
Amazon Associates → https://amzn.to/2pHgf8T

Our Site → http://www.hak5.org
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Help us with Translations! → http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ

For [...]

Malware on Macs? GnuPG is Flawed & Docker Hub Has a Problem - ThreatWire

Jun 20, 2018 00:10:53

Description:

Malware on macs? Yeah, it’s a thing. Apple blocks cops from using lightning ports to steal data, spoofed signatures are a problem in GnuPG, and a slew of backdoored images were found on docker hub.. All that coming up now on ThreatWire.

—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆
Shop → http://www.hakshop.com
Subscribe → http://www.youtube.com/hak5
RSS Feeds → https://www.hak5.org/subscribe
Support → http://www.patreon.com/threatwire
Amazon Associates → https://amzn.to/2pHgf8T

Our Site → http://www.hak5.org
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Help us with Translations! → http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJ [...]

Hackers Could Sink Ships - ThreatWire

Jun 12, 2018 00:09:14

Description:

Vulnerable Ships Could Sink, VPNFilter is still kickin’, and is really a lot worse, and Facebook make private posts public for four days. All that coming up now on ThreatWire.

—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆
Shop → http://www.hakshop.com
Subscribe → http://www.youtube.com/hak5
RSS Feeds → https://www.hak5.org/subscribe
Support → http://www.patreon.com/threatwire
Amazon Associates → https://amzn.to/2pHgf8T

Our Site → http://www.hak5.org
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Help us with Translations! → http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ

For Business Inquiries, please use our [...]

Facebook’s Secret Device Partnerships - ThreatWire

Jun 5, 2018 00:09:56

Description:

Facebook Shares Data With Device Makers, Steam’s remote code execution Vulnerability is Finally Fixed and you should probably reset Your Vulnerable Router. All that coming up now on ThreatWire.

—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆
Shop → http://www.hakshop.com
Subscribe → http://www.youtube.com/hak5
RSS Feeds → https://www.hak5.org/subscribe
Support → http://www.patreon.com/threatwire
Amazon Associates → https://amzn.to/2pHgf8T

Our Site → http://www.hak5.org
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Help us with Translations! → http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ

For Business Inquirie [...]

Net Neutrality Has a Comeback; Companies Track Locations Legally - ThreatWire

May 22, 2018 00:09:49

Description:

Net neutrality is on it’s way to being restored, companies share your cellphone location data legally, and attackers could get full root access on Red Hat Linux OS’s. All that coming up now on ThreatWire.

—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆
Shop → http://www.hakshop.com
Subscribe → http://www.youtube.com/hak5
RSS Feeds → https://www.hak5.org/subscribe
Support → http://www.patreon.com/threatwire
Amazon Associates → https://amzn.to/2pHgf8T

Our Site → http://www.hak5.org
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Help us with Translations! → http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ

For Busi [...]

PGP IS ON FIRE! Or Is It? - ThreatWire

May 15, 2018 00:12:33

Description:

PGP is on Fire, or is it?!, Android P has new security measures, and Signal for Desktop has a disappearing messages problem. All that coming up now on ThreatWire.

—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆
Shop → http://www.hakshop.com 
Subscribe → http://www.youtube.com/hak5 
RSS Feeds → https://www.hak5.org/subscribe 
Support → http://www.patreon.com/threatwire 
Amazon Associates → https://amzn.to/2pHgf8T 

Our Site → http://www.hak5.org 
Contact Us → http://www.twitter.com/hak5 
Threat Wire RSS →

An Unfixable Android Hardware Issue - ThreatWire

May 8, 2018 00:09:48

Description:

Change that twitter password, an Android phone hack that can’t be fixed in software, and millions of routers can be hacked! All that coming up now on ThreatWire.

—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆
Shop → http://www.hakshop.com 
Subscribe → http://www.youtube.com/hak5 
RSS Feeds → https://www.hak5.org/subscribe 
Support → http://www.patreon.com/threatwire 
Amazon Associates → https://amzn.to/2pHgf8T 

Our Site → http://www.hak5.org 
Contact Us → http://www.twitter.com/hak5 
Threat Wire RSS →

Amazon Echos Can Spy On Users - ThreatWire

May 1, 2018 00:08:18

Description:

https://youtu.be/rG977uxXipw

A master digital key can unlock millions of hotel rooms, Amazon Echos could spy on users… again, and a genealogy websites DNA database was used to capture a killer. All that coming up now on ThreatWire.

 

—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆
Shop → http://www.hakshop.com
Subscribe → http://www.youtube.com/hak5
RSS Feeds → https://www.hak5.org/subscribe
Support → http://www.patreon.com/threatwire
Amazon Associates → https://amzn.to/2pHgf8T

Our Site → http://www.hak5.org
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Help us with Translations! → http://ww [...]

WTF IS GDPR?! Facebook and Apples New Privacy Protections - ThreatWire

Apr 24, 2018 00:09:39

Description:

Russians target routers and switches, a casino’s fish tank got hacked, and what in the world is GDPR? All that coming up now on ThreatWire.

—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆
Shop → http://www.hakshop.com 
Subscribe → http://www.youtube.com/hak5 
RSS Feeds → https://www.hak5.org/subscribe 
Support → http://www.patreon.com/threatwire 
Amazon Associates → https://amzn.to/2pHgf8T 

Our Site → http://www.hak5.org
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/thre [...]

iPhone vs GrayKey, and Android’s Meager Security - ThreatWire

Apr 17, 2018 00:12:02

Description:

Android phone manufacturers don’t patch as much as they should, GrayKey lets cops unlock encrypted iPhones, and everything you need to know about the Facebook Zuckerberg hearing. All that coming up now on ThreatWire.

—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆
Shop → http://www.hakshop.com
Subscribe → http://www.youtube.com/hak5
RSS Feeds → https://www.hak5.org/subscribe
Support → http://www.patreon.com/threatwire
Amazon Associates → https://amzn.to/2pHgf8T

Our Site → http://www.hak5.org
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Help us with Translations! → http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ

< [...]

Stingrays Found in DC?! Best Buy and Delta Hit with Malware - ThreatWire

Apr 10, 2018 00:10:56

Description:

Stingrays may be in Washington DC, several online retailers are hit with malware, and Zuckerberg will testify in Congress about user data and privacy. All that coming up now on ThreatWire.

—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆
Shop → http://www.hakshop.com 
Subscribe → http://www.youtube.com/hak5 
RSS Feeds → https://www.hak5.org/subscribe 
Support → http://www.patreon.com/threatwire 
Amazon Associates → https://amzn.to/2pHgf8T 

Our Site → http://www.hak5.org 
Contact Us → http://www.twitter.com/hak5 
[...]

MyFitnessPal Hacked - ThreatWire

Apr 3, 2018 00:08:19

Description:

150 million MyFitnessPal users get their data stolen, Australia passes a big infrastructure security bill, and Facebook introduces new security settings. All that coming up now on ThreatWire.

—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆
Shop → http://www.hakshop.com 
Subscribe → http://www.youtube.com/hak5 
RSS Feeds → https://www.hak5.org/subscribe 
Support → http://www.patreon.com/threatwire 
Amazon Associates → https://amzn.to/2pHgf8T 

Our Site → http://www.hak5.org 
Contact Us → http://www.twitter.com/hak5 

Facebook Fails at Data Protection - ThreatWire

Mar 27, 2018 00:09:48

Description:

Facebook and Cambridge Analytica face intense scrutiny, the US charges 9 iranians in university hacks, and was Guccifer 2.0 really working for the Russian government? All that coming up now on ThreatWire.

—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆
Shop → http://www.hakshop.com 
Subscribe → http://www.youtube.com/hak5 
RSS Feeds → https://www.hak5.org/subscribe 
Support → http://www.patreon.com/threatwire 
Amazon Associates → https://amzn.to/2pHgf8T 

Our Site → http://www.hak5.org 
Contact Us → http://www.twitter.com/ [...]

Facebook Private Data Leak of 50 Million Users; New AMD Chipset Flaws - Threat Wire

Mar 21, 2018 00:11:28

Description:

A well-known hacker passes away, processors have new vulnerabilities, and Facebook gave 50 million users data away.. All that coming up now on ThreatWire.

—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆
Shop → http://www.hakshop.com
Subscribe → http://www.youtube.com/hak5
RSS Feeds → https://www.hak5.org/subscribe
Support → http://www.patreon.com/threatwire

Our Site → http://www.hak5.org
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Help us with Translations! → http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ

For Business Inquiries, please use our contact forms → https://www.hak5.org/contact

Producer: Shannon Mo [...]

Half a Billion! Pwned Passwords V2 Released - ThreatWire

Mar 1, 2018 00:09:39

Description:

Pwned Passwords version 2 is launched, Intel releases a new firmware update for Spectre, and the net neutrality repeal was published, but the fight is far from over. All that coming up now on ThreatWire.

—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆
Shop → http://www.hakshop.com
Subscribe → http://www.youtube.com/hak5
RSS Feeds → https://www.hak5.org/subscribe
Support → http://www.patreon.com/threatwire

Our Site → http://www.hak5.org
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Help us with Translations! → http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ

For Business Inquiries, please use our contact forms → https:/ [...]

Break And Enter Dropbox - Amazon Key Gets Hacked - ThreatWire

Feb 14, 2018 00:09:59

Description:

Amazon’s Key has another vulnerability, Apple’s source code gets leaked, and cryptomining hits government sites. All that coming up now on ThreatWire.

Special thanks to MG for contributing to this episode! https://twitter.com/_MG_/ 

—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆
Shop → http://www.hakshop.com 
Subscribe → http://www.youtube.com/hak5 
RSS Feeds → https://www.hak5.org/subscribe 
Support → http://www.patreon.com/threatwire 

Our Site → http://www.hak5.org 
Contact Us → http://www.twitter.com/hak5 < [...]

Is AutoSploit for Script Kiddies? - ThreatWire

Feb 7, 2018 00:07:54

Description:

Adobe Flash has got a 0-Day Remote Code Execution problem, that jackpotting thing? Yeah, it officially happened in the US. And is autosploit just for noobs? All that coming up now on ThreatWire.

—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆
Shop → http://www.hakshop.com 
Subscribe → http://www.youtube.com/hak5 
RSS Feeds → https://www.hak5.org/subscribe 
Support → http://www.patreon.com/threatwire 

Our Site → http://www.hak5.org 
Contact Us → http://www.twitter.com/hak5 
Threat Wire RSS → https://shannonm [...]

Half a Billion in Cryptocurrency Stolen - ThreatWire

Jan 31, 2018 00:10:27

Description:

Over half a billion dollars worth of cryptocurrency is stolen, jackpotting his the states, and net neutrality is still in the news but why? All that coming up now on ThreatWire.

—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆
Shop → http://www.hakshop.com 
Subscribe → http://www.youtube.com/hak5 
RSS Feeds → https://www.hak5.org/subscribe 
Support → http://www.patreon.com/threatwire 

Our Site → http://www.hak5.org 
Contact Us → http://www.twitter.com/hak5 
Threat Wire RSS → https://shannonmorse.podbean.com/ [...]

FISA Lives On & The NSA Keeps Surveillance Authority - Threat Wire

Jan 24, 2018 00:09:21

Description:

The NSA can legally monitor some communications, some google chrome extensions were found to be malicious, and OnePlus had a credit card hack. All that coming up now on ThreatWire.

——————————-
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 
Help us with Translations!

Meltdown and Spectre - Everything You Need To Know - ThreatWire

Jan 18, 2018 00:15:25

Description:

Everything you need to know about Spectre and Meltdown. All that coming up now on ThreatWire.

——————————-
Shop: http://www.hakshop.com
Support: http://www.patreon.com/threatwire
Subscribe: http://www.youtube.com/hak5
Our Site: http://www.hak5.org
Contact Us: http://www.twitter.com/hak5
Threat Wire RSS: https://shannonmorse.podbean.com/feed/
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999
Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ
——————————

Links:
https://c-5uwzmx78pmca09×24umtblwevibbiksx2ekwu.g00.cnet.com/g00/3_c-5eee.kvmb.kwu_/c-5UWZMXPMCA09×24pbbx78ax3ax2fx2fumtblwevibbiks.kwux2fumtblwev.x78ln_$/$?i10c.ua=1
https://c-5uwzmx78pmca09×24ax78mkbzmibbiksx2ekwu.g00.cnet.com/g00/3_c-5eee.kvm [...]

Snowden’s New Security System; Browsing Tracked By Login Forms - ThreatWire

Jan 3, 2018 00:08:41

Description:

Your browsing data could be tracked by login forms, Forever21 got hacked, and Snowden released his very own mobile security system. All that coming up now on ThreatWire.

——————————-
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 
Help us with Translations!

The Biggest Hacks of 2017 - ThreatWire

Dec 27, 2017 00:10:51

Description:

The biggest, baddest, worst hacks and vulnerabilities of 2017! All that coming up now on ThreatWire.
——————————-
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 
Help us with Translations!

Triton Malware Threatens Lives & The Net Neutrality Repeal - A History - Threat Wire

Dec 20, 2017 00:08:27

Description:

A history of ISP regulations, new malware is infecting industrial control systems, and three men plead guilty in the Mirai botnet case. All that coming up now on ThreatWire.

——————————-
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 
Help us with Translations!

A Dormant HP Keylogger Found, Uber Pays Ransom - ThreatWire

Dec 14, 2017 00:10:11

Description:

Keyloggers were found in Wordpress and HP, mobile apps have all sorts of vulnerabilities, and Uber is hiding behind bug bounties? All that coming up now on ThreatWire. All that coming up now on ThreatWire.

——————————-
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat [...]

Do We Need Net Neutrality? - ThreatWire

Dec 6, 2017 00:10:48

Description:

Let’s talk about Net neutrality! Again… Cryptocurrency updates, and Cellphone Tracking Without a Warrant? All that coming up now on ThreatWire.

——————————-
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 
Help us with Translations!

State Net Neutrality Laws? Not If ISPs Have a Say - ThreatWire

Nov 8, 2017 00:11:05

Description:

ISPs are getting worked up about state net neutrality rules, Tor browser had a bug, but Onion services are getting updated! And the big tech companies testify in court. All that coming up now on ThreatWire.

https://www.hak5.org/contest 
https://www.hak5.org/jobs 

——————————-
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTun [...]

Bad Rabbit Ransomware Spreads with NSA EternalRomance- ThreatWire

Nov 1, 2017 00:06:51

Description:

Bad Rabbit Ransomware Spreads, Sensitive Airport Docs about the Queen were Found on USB Drive, and Google plans to remove HTTP public key pinning. All that coming up now on ThreatWire.

https://www.hak5.org/contest 

——————————-
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org  
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.app [...]

Google Security Gets Serious, New IoT Botnet On The Loose - ThreatWire

Oct 25, 2017 00:09:13

Description:

Google announces all sorts of security updates, a few updates on the KRACK attack, and a new IoT botnet has already infected millions. All that coming up now on ThreatWire. Today on ThreatWire.

https://www.youtube.com/tekthing 

——————————-
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: htt [...]

WPA2 Wi-Fi Vulnerable to KRACK Hack; RSA Keys Broken - ThreatWire

Oct 18, 2017 00:12:42

Description:

Krack is bad for WiFi, Equifax loses their IRS contract, and an RSA crypto key is vulnerable to being reverse engineered. Today on ThreatWire.

——————————-
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 
Help us with Translations!

3 Billion Yahoo Accounts Hacked; Disqus Hacked! - Threat Wire

Oct 11, 2017 00:09:36

Description:

The Yahoo breach was a lot worse than we thought, the Equifax ex-CEO sheds light on some questions, disqus was hacked, and Kaspersky is stuck in the middle of debates. All that coming up now on ThreatWire.

Hak5 Product Launch Event! October 20th: https://www.hak5.org/rsvp 

——————————-
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes:

Equifax and CCleaner Updates, Hacking Air Gapped Networks Via IR LEDs - Threat Wire

Sep 27, 2017 00:10:03

Description:

Ccleaner malware targeted big companies, Equifax falls for phishing techniques, a car tracking service leaks data, and IR light on security cameras could spill confidential information. All that coming up now on ThreatWire.

——————————-
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 [...]

CCleaner Infected With Malware - Update Now! Equifax Updates, BlueBorne Hits Bluetooth - Threat Wire

Sep 20, 2017 00:09:56

Description:

CCleaner was infected with malware, Equifax is not having a good month, and BlueBorne Attacks Bluetooth devices - billions of them. All that coming up now on ThreatWire.

——————————-
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 
Help us with Translations!

Equifax Hacked! Your Social Security Number is Probably Public - Threat Wire

Sep 13, 2017 00:12:24

Description:

Everything you need to know so far on Equifax getting hacked, an Android Toast Notification Vulnerability affects almost all android phones, and that linux shell built into windows 10 could hide malware. All that coming up now on ThreatWire.

——————————-
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-w [...]

Half A Million Pacemakers Could Be Hacked - Threat Wire

Sep 6, 2017 00:09:33

Description:

The FCC site could host malware, 6 million instagram accounts had their data leaked, over 700 million email addresses were exposed by a spambot, and almost half a million pacemakers could be hacked. All that coming up now on ThreatWire.

——————————-
Shop: http://www.hakshop.com
Support: http://www.patreon.com/threatwire
Subscribe: http://www.youtube.com/hak5
Our Site: http://www.hak5.org
Contact Us: http://www.twitter.com/hak5
Threat Wire RSS: https://shannonmorse.podbean.com/feed/
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999
Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ
——————————

Links:
https://motherboard.vice.com/en_us/article/8xx7q3/people-are-making-the-fcc-host-rick-and-morty-gifs
https://medium.c [...]

Sarahah Uploads Your Data, Internet of Things Creds Exposed - Threat Wire

Aug 30, 2017 00:09:32

Description:

Sarahah was Caught Uploading Contacts, ROPEMAKER Changes Emails Post-Delivery, default credentials are still impacting IoT devices, and a New Crowdfunding Campaign for MalwareTech is now up and running. All that coming up now on ThreatWire.

——————————-
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wi [...]

Stealing Cryptocurrency, Spyware in Android Apps, and Dreamhost vs. DOJ - Threat Wire

Aug 25, 2017 08:05

Description:

Cryptocurrency is being stolen with phone numbers, dreamhost was compelled to turn over data, and android had a slew of spyware apps. All that coming up now on ThreatWire.

-------------------------------
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 
Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ 
------------------------------

Links:
https://www.nytimes.com/2017/08/21/business/dealbook/phone-hack-bitcoin-virtual-currency.html 
http://nationalpost.com/news/world/how-hackers-are-hijacking-mobile-phone-numbers-to-grab-wallets 

http://thehill.com/policy/cybersecurity/346544-dreamhost-claims-doj-requesting-info-on-visitors-to-anti-trump-website 
https://www.dreamhost.com/blog/we-fight-for-the-users/ 
https://www.dreamhost.com/blog/narrowing-the-scope/ 
https://www.dreamhost.com/blog/a-win-for-the-web/ 
https://www.dreamhost.com/blog/wp-content/uploads/2017/08/DH-Search-Warrant.pdf 
https://www.dreamhost.com/blog/wp-content/uploads/2017/08/DH-DOJMotiontoShowCause.pdf 
https://assets.documentcloud.org/documents/3939670/8-22-17-US-Reply-Brief-DreamHost.pdf 
https://www.cnet.com/news/feds-pare-back-demands-for-data-from-anti-trump-protest-site/ 
https://arstechnica.com/tech-policy/2017/08/feds-drop-demand-for-1-3-million-ip-addresses-that-visited-anti-trump-site/ 

https://thehackernews.com/2017/08/android-spyware-malware.html 
https://www.android.com/play-protect/ 
https://arstechnica.com/information-technology/2017/08/500-google-play-apps-with-100-million-downloads-had-spyware-backdoor/ 
https://blog.lookout.com/igexin-malicious-sdk 


Youtube Thumbnail credit:
http://maxpixel.freegreatpicture.com/static/photo/1x/Bitcoin-Crypto-Currency-Electronic-Cyber-Finance-2057405.jpg

 

Stingrays Outsmart Detection Apps, and an Update on MalwareTechBlog! - Threat Wire

Aug 15, 2017 07:37

Description:

MalwareTech pleads not guilty, fake cell phone towers can outsmart detection apps, and hackers encode malware into DNA. All that coming up now on ThreatWire.
-------------------------------
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 
Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ 
------------------------------

Links:
https://twitter.com/lorenzoFB/status/897120325850329093 
https://motherboard.vice.com/en_us/article/evvn8k/malwaretech-marcus-hutchins-not-guilty-plea 
http://www.securityweek.com/lawyer-british-hacking-suspect-will-be-vindicated 
https://arstechnica.com/tech-policy/2017/08/researcher-who-neutralized-wcry-pleads-not-guilty-to-writing-banking-malware/ 
https://twitter.com/MalwareTechBlog/status/897180606005694464 

https://www.wired.com/story/stingray-detector-apps/ 
http://www.cs.ox.ac.uk/files/9192/paper-final-woot-imsi.pdf 

https://arstechnica.com/science/2017/08/researchers-encode-malware-in-dna-compromise-dna-sequencing-software/ 
https://www.wired.com/story/malware-dna-hack 
https://thehackernews.com/2017/08/hacking-computer-with-dna.html 
https://www.wired.com/story/scientists-upload-a-galloping-horse-gif-into-bacteria-with-crispr/ 


Youtube Thumbnail credit:
https://cdn.pixabay.com/photo/2016/09/17/20/41/cellular-tower-1676940_960_720.jpg

WannaCry White Hat Hacker Arrested After DEF CON, The Facts So Far - Threat Wire

Aug 8, 2017 10:47

Description:

The guy who stopped WannaCry was arrested right after DEF CON, a vulnerability on older amazon echo’s won’t be patched, and hackers are using online repos to get developer creds. All that coming up now on Threat Wire.

-------------------------------
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 
Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ 
------------------------------

Links:
https://www.wired.co.uk/article/what-is-kronos-trojan-malware-marcus-hutchins-hacker 
https://twitter.com/MalwareTechBlog/status/488373794168254464 
https://motherboard.vice.com/en_us/article/ywp8k5/researcher-who-stopped-wannacry-ransomware-detained-in-us-after-def-con 
https://motherboard.vice.com/en_us/article/pagn7v/malwaretech-wannacry-indictment-kronos-malware 
https://www.documentcloud.org/documents/3912524-Kronos-Indictment-R.html 
http://uk.businessinsider.com/malwaretech-researcher-marcus-hutchins-has-been-granted-a-30000-bail-2017-8 
https://twitter.com/tarah 
https://secure.lawpay.com/pages/torekeland/hutchinsldf 
http://www.bbc.co.uk/news/technology-40833951 
https://www.wired.com/story/wannacry-malwaretech-arrest/ 
https://arstechnica.com/tech-policy/2017/08/researcher-who-stopped-wcry-worm-detained-under-mysterious-circumstances/ 
https://www.youtube.com/watch?v=X7DIjaQvZn0 
https://www.engadget.com/2017/08/04/marcus-hutchins-kronos-malwaretech/ 
https://twitter.com/LOBOLAWPLLC 
https://twitter.com/MabbsSec/status/893624617142759425  
https://twitter.com/MabbsSec 
https://www.wired.com/story/marcus-hutchins-arrest 

https://labs.mwrinfosecurity.com/blog/alexa-are-you-listening 
https://motherboard.vice.com/en_us/article/evng4p/hack-that-turns-amazon-echo-into-a-spying-device-cant-be-fixed-by-software-patch 
https://arstechnica.com/information-technology/2017/08/how-hackers-could-turn-an-amazon-echo-into-a-secret-bugging-device/ 

https://threatpost.com/attackers-use-typo-squatting-to-steal-npm-credentials/127235/ 
http://blog.npmjs.org/post/163723642530/crossenv-malware-on-the-npm-registry 


Youtube Thumbnail credit:
Marcus Hutchins Frank Augstein / AP

Hacking Voting Machines, BroadPwn in Vegas, and #LeakTheAnalyst - Threat Wire

Aug 2, 2017 08:15

Description:

What in the world is LeakTheAnalyst? Voting machines get hacked at DEF CON in a matter of minutes, and BroadPwn patches are now available for mobile devices. All that coming up now on Threat Wire.

-------------------------------
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 
Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ 
------------------------------

Links:
https://thehackernews.com/2017/07/data-breach-mandiant-fireeye.html 
http://www.securityweek.com/hackers-compromise-accounts-fireeye-threat-intelligence-analyst 

https://thehackernews.com/2017/07/hacking-voting-machine.html 
http://www.businessinsider.com/def-con-hacker-voting-machine-election-hacking-2017-7 
https://www.cnet.com/news/defcon-hackers-find-its-very-easy-to-break-voting-machines/ 
https://motherboard.vice.com/en_us/article/mba858/at-def-con-i-watched-hackers-take-voting-machines-apart 
https://threatpost.com/voting-machines-hacked-with-ease-at-def-con/127101/ 
https://twitter.com/votingvillagedc 

https://www.cnet.com/news/chip-vulnerability-crashes-your-outdated-phone-via-wifi/ 
https://arstechnica.com/information-technology/2017/07/broadcom-chip-bug-opened-1-billion-phones-to-a-wi-fi-hopping-worm-attack/ 
https://threatpost.com/apple-patches-broadpwn-bug-in-ios-10-3-3/126955/ 
https://threatpost.com/google-patches-critical-broadpwn-bug-in-july-security-update/126688/ 


Youtube Thumbnail credit:
https://i2.wp.com/itmeets.guru/wp-content/uploads/2017/05/Untitled-design-2.jpg?fit=19201080&ssl=1 

FBI NSL Gag Orders Ruled Constitutional - Threat Wire

Jul 18, 2017 05:54

Description:

FBI Gag orders are ruled constitutional, android ransomware threatens to leak your personal data, and verizon customers had a data breach. All that coming up now on Threat Wire.

-------------------------------
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 
Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ 
------------------------------

Links:
https://www.cnet.com/news/court-rules-fbi-can-continue-to-request-data-in-secret/ 
https://www.reuters.com/article/us-usa-surveillance-idUSKBN1A21XJ? feedType=RSS&feedName=technologyNews&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+reuters%2FtechnologyNews+%28Reuters+Technology+News%29 
http://cdn.ca9.uscourts.gov/datastore/opinions/2017/07/17/16-16067.pdf 
https://en.wikipedia.org/wiki/USA_Freedom_Act 

https://www.cnet.com/news/this-ransomware-will-share-your-browser-history-with-friends/ 
http://www.zdnet.com/article/this-android-ransomware-threatens-to-expose-your-browsing-history-to-all-your-contacts/ 
https://thehackernews.com/2017/07/leakerlocker-android-ransomware.html 

http://www.zdnet.com/article/millions-verizon-customer-records-israeli-data/ 
https://www.cnet.com/news/israeli-tech-firm-exposes-verizon-customer-records/ 
https://thehackernews.com/2017/07/over-14-million-verizon-customers-data.html 
https://threatpost.com/third-party-exposes-14-million-verizon-customer-records/126798/ 

 

Youtube Thumbnail credit:
https://cdn.pixabay.com/photo/2016/08/11/23/54/judge-1587300_960_720.jpg

Nuclear Power Plants Hacked, 1Password Goes Cloud - Threat Wire

Jul 11, 2017 08:52

Description:

Nuclear power plants are being targeted by hackers, NotPetya news isn’t over, Facebook wins a battle over privacy, and there’s lot of debate over 1Password’s new cloud push. All that coming up now on Threat Wire.

-------------------------------
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 
Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ 
------------------------------

Links:
https://www.nytimes.com/2017/07/06/technology/nuclear-plant-hack-report.html?_r=0 
https://www.cnet.com/news/hackers-targeting-us-nuclear-power-plants-report-finds/ 
https://arstechnica.com/security/2017/07/dhs-fbi-warn-of-attempts-to-hack-nuclear-plants/ 

https://arstechnica.com/security/2017/07/heavily-armed-police-raid-company-that-seeded-last-weeks-notpetya-outbreak/ 
https://www.welivesecurity.com/2017/07/04/analysis-of-telebots-cunning-backdoor/ 
https://thehackernews.com/2017/07/notpetya-ransomware-police-raid.html 
https://www.cnet.com/news/hackers-linked-to-latest-ransomware-attack-demand-250000-goldeneye-not-petya/ 
https://thehackernews.com/2017/07/petya-ransomware-decryption-key.html 

https://www.theguardian.com/technology/2017/jul/03/facebook-track-browsing-history-california-lawsuit  

https://motherboard.vice.com/en_us/article/evdbdz/why-security-experts-are-pissed-that-1password-is-pushing-users-to-the-cloud 
https://twitter.com/1Password/with_replies 
https://1password.com/sign-up/ 

Youtube Thumbnail credit:
https://upload.wikimedia.org/wikipedia/commons/3/3e/Kerncentrale_Doel_in_werking.jpg  

DHS Removes Airplane Laptop Ban, NotPetya Is a Wiper - Threat Wire

Jul 4, 2017 09:36

Description:

DHS Removes Laptop Ban on Airplanes, Microsoft 10 To Block Ransomware?, and NotPetya Is A Wiper, Not Ransomware. All that coming up now on Threat Wire.

-------------------------------
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 
Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ 
------------------------------

Links:
https://labs.bitdefender.com/2017/06/massive-goldeneye-ransomware-campaign-slams-worldwide-users/ 
https://motherboard.vice.com/en_us/article/qv4gx5/a-ransomware-outbreak-is-infecting-computers-across-the-world-right-now 
https://krebsonsecurity.com/2017/06/petya-ransomware-outbreak-goes-global/ 
https://www.cnet.com/news/petya-goldeneye-malware-hits-cadbury-chocolate-factory/ 
https://motherboard.vice.com/en_us/article/new8xw/hacker-behind-massive-ransomware-outbreak-cant-get-emails-from-victims-who-paid 
https://securelist.com/expetrpetyanotpetya-is-a-wiper-not-ransomware/78902/ 
https://arstechnica.com/security/2017/06/petya-outbreak-was-a-chaos-sowing-wiper-not-profit-seeking-ransomware/ 
https://www.cnet.com/news/ukraine-ransomware-petya-goldeneye-medocs-microsoft-global/ 
https://twitter.com/JanusSecretary 


https://www.dhs.gov/news/2017/06/28/fact-sheet-aviation-enhanced-security-measures-all-commercial-flights-united-states 
https://www.cnet.com/news/laptop-ban-planes-to-us-replaced-by-tighter-security/ 
https://motherboard.vice.com/en_us/article/nevwj7/homeland-security-will-begin-heightened-screenings-of-phones-on-all-us-bound-flights 
https://www.aclu.org/blog/free-future/new-tsa-policy-may-lead-increased-scrutiny-reading-material 

https://thehackernews.com/2017/06/windows10-controlled-folder-access-ransomware-protection.html 
https://blogs.windows.com/windowsexperience/2017/06/28/announcing-windows-10-insider-preview-build-16232-pc-build-15228-mobile/#vTaqpWj70bWJlW2S.97 
https://arstechnica.com/information-technology/2017/06/windows-10-will-restrict-data-access-to-authorized-apps-to-combat-ransomware/ 

Youtube Thumbnail credit:
https://regmedia.co.uk/2017/03/21/shutterstock_laptop_airplane.jpg?x=648&y=348&crop=1 

GhostHook Attacks Windows 10 and OpenVPN has Flaws! - Threat Wire

Jun 27, 2017 08:22

Description:

Microsoft just had a pretty bad week, WannaCry is still alive and kickin!, the CIA’s Brutal Kangaroo hits the web, and OpenVPN has flaws, so make sure to update. All that coming up now on Threat Wire.


-------------------------------
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 
Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ 
------------------------------

Links:
https://thehackernews.com/2017/06/ghosthook-windows-10-hacking.html 
https://threatpost.com/ghosthook-attack-bypasses-windows-10-patchguard/126462/ 
https://www.cyberark.com/threat-research-blog/ghosthook-bypassing-patchguard-processor-trace-based-hooking/ 

http://www.zdnet.com/article/microsoft-no-known-ransomware-windows-we-tried-to-hack-it/ 
https://arstechnica.com/information-technology/2017/06/microsoft-should-shore-up-windows-10-ss-security-then-offer-it-to-everyone/ 

https://thehackernews.com/2017/06/windows10-builds-source-code.html 
https://www.theregister.co.uk/2017/06/23/windows_10_leak/ 
https://arstechnica.com/information-technology/2017/06/32tb-of-windows-10-beta-builds-driver-source-code-leaked/ 

https://thehackernews.com/2017/06/honda-wannacry-attack.html 
https://www.cnet.com/roadshow/news/wannacry-ransomware-causes-honda-plant-shutdown-in-japan/ 
https://www.cnet.com/news/wannacry-hits-traffic-cameras-in-australia/ 

https://wikileaks.org/vault7/#Brutal%20Kangaroo 
https://thehackernews.com/2017/06/wikileaks-Brutal-Kangaroo-airgap-malware.html 
https://motherboard.vice.com/en_us/article/wjq3zq/wikileaks-docs-show-how-the-cia-allegedly-infected-offline-computers 

https://guidovranken.wordpress.com/2017/06/21/the-openvpn-post-audit-bug-bonanza/ 
https://ostif.org/the-openvpn-2-4-0-audit-by-ostif-and-quarkslab-results/ 
https://www.privateinternetaccess.com/blog/2017/05/openvpn-2-4-2-fixes-critical-issues-discovered-openvpn-audit-reports/ 
https://thehackernews.com/2017/06/openvpn-security-flaw_21.html 

198 Million US Voters Data Exposed - Threat Wire

Jun 20, 2017 07:05

Description:

198 million us voters data has been exposed, the US warns of north korean cyberattacks, a hacker pleads guilty to attacks on military, and the CIA hacks routers with CherryBlossom. All that coming up now on Threat Wire.

-------------------------------
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/  
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 
Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ 
------------------------------

Links:
https://thehackernews.com/2017/06/us-voters-data-leaked.html 
http://www.securityweek.com/republican-contractor-exposes-details-198-million-american-voters 
https://threatpost.com/republican-data-broker-exposes-198m-voter-records/126357/ 
https://gizmodo.com/gop-data-firm-accidentally-leaks-personal-details-of-ne-1796211612 
https://www.upguard.com/breaches/the-rnc-files 
https://theintercept.com/2017/06/19/republican-data-mining-firm-exposed-personal-information-for-virtually-every-american-voter/ 

https://thehackernews.com/2017/06/cia-wireless-router-hacking-tool.html 
https://www.wired.com/story/wikileaks-cia-router-hack/ 
https://arstechnica.com/security/2017/06/advanced-cia-firmware-turns-home-routers-into-covert-listening-posts/ 
https://www.cnet.com/news/cia-reportedly-hacked-wi-fi-routers-for-years-wikileaks/ 
https://wikileaks.org/vault7/releases/  
https://wikileaks.org/vault7/document/SRI-SLO-FF-2012-177-CherryBlossom_UsersManual_CDRL-12_SLO-FF-2012-171/page-30/#pagination  

https://motherboard.vice.com/en_us/article/british-hacker-pleads-guilty-to-hacking-us-military-satellite-phone-and-messaging-system 
http://www.securityweek.com/hacker-admits-stealing-satellite-data-dod 
https://thehackernews.com/2017/06/british-hacker-military-system.html 
https://public-newsroom-nca-01.azurewebsites.net/news/hacker-stole-satellite-data-from-us-department-of-defence 

https://thehackernews.com/2017/06/north-korea-hacking-malware.html 
https://www.cnet.com/news/north-korea-behind-cyberattacks-since-2009-more-expected-us/ 
https://www.wired.com/story/north-korea-cyberattacks/ 
https://www.us-cert.gov/ncas/alerts/TA17-164A 
https://www.operationblockbuster.com/wp-content/uploads/2016/02/Operation-Blockbuster-Destructive-Malware-Report.pdf  





Youtube Thumbnail credit:
https://c1.staticflickr.com/9/8489/8170302472_5fc33f17fa_b.jpg  

Did Russia Hack US Election Systems? - Threat Wire

Jun 13, 2017 08:54

Description:

 Did Russia hack election systems, Comey testifies to the Senate, and a Ukrainian Power Grid is Downed by Crash Override. All that coming up now on Threat Wire.

-------------------------------
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 
Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ 
------------------------------

Links:
Via DcyMatrix: https://theintercept.com/2017/06/05/top-secret-nsa-report-details-russian-hacking-effort-days-before-2016-election/ 
https://www.wired.com/2017/06/feds-charge-alleged-nsa-leaker-exposed-russian-election-hacking/ 
https://thehackernews.com/2017/06/nsa-russian-hacking-leak.html 
https://motherboard.vice.com/en_us/article/snowden-prosecuting-nsa-leaker-reality-winner-is-a-fundamental-threat-to-the-free-press 
https://motherboard.vice.com/en_us/article/suspected-nsa-leaker-visited-senators-office-to-discuss-environmental-issues 
https://motherboard.vice.com/en_us/article/nsa-suspected-leaker-reality-leigh-winner-caught 
https://www.cnet.com/news/reality-winner-nsa-leak-russian-hacking-printer-tracking-dots/ 
https://arstechnica.com/security/2017/06/leaked-nsa-report-says-russians-tried-to-hack-state-election-officials/ 
https://www.cnet.com/news/nsa-russian-hacking-leaked-report-election-us/ 
https://www.documentcloud.org/documents/3766950-NSA-Report-on-Russia-Spearphishing.html#document/p1 
http://www.politico.com/story/2017/06/01/putin-russian-state-has-never-been-involved-in-hacking-239014 
https://www.documentcloud.org/documents/3841268-Reality-Winner-Criminal-Complaint-Affidavit.html#document/p5/a356445 
https://www.eff.org/pages/list-printers-which-do-or-do-not-display-tracking-dots 
https://www.bloomberg.com/politics/articles/2017-06-13/russian-breach-of-39-states-threatens-future-u-s-elections 
https://www.nytimes.com/2016/08/04/us/politics/us-seeks-to-protect-voting-system-against-cyberattacks.html 
https://www.dhs.gov/news/2016/10/01/statement-secretary-johnson-about-election-systems-cybersecurity# 
https://www.dhs.gov/news/2017/01/06/statement-secretary-johnson-designation-election-infrastructure-critical 


https://www.wired.com/story/james-comey-senate-testimony/ 
https://www.wired.com/story/right-left-james-comey-testimony-filter-bubble/ 
https://www.cnet.com/news/james-comey-donald-trump-russian-hacking-massive-effort-against-us-elections/ 
https://motherboard.vice.com/en_us/article/comey-russian-hackers-100s-entities-election 

https://motherboard.vice.com/en_us/article/ukraine-power-grid-malware-crashoverride-industroyer 
https://www.wired.com/story/crash-override-malware/ 
http://www.businessinsider.com/ap-researchers-weve-discovered-power-grid-wrecking-software-2017-6 
https://www.welivesecurity.com/2017/06/12/industroyer-biggest-threat-industrial-control-systems-since-stuxnet/ 
https://dragos.com/blog/crashoverride/  

Youtube Thumbnail credit:
https://c1.staticflickr.com/4/3152/3004595893_2fd8ffdbe3_b.jpg 

Fireball Malware Infects Millions - Threat Wire

Jun 6, 2017 07:12

Description:

Fireball malware infects millions of computers worldwide, a OneLogin breach creates headaches for users, and Wikileaks is back with another Vault7 leak. All that coming up now on Threat Wire.

-------------------------------
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 
Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ 
------------------------------

Links:
http://blog.checkpoint.com/2017/06/01/fireball-chinese-malware-250-million-infection/ 
http://www.ibtimes.co.uk/fireball-malware-could-spark-global-catastrophe-after-infecting-250-million-computers-already-1624286 
https://www.wired.com/2017/06/hack-brief-dangerous-fireball-adware-infects-quarter-billion-pcs/ 
https://thehackernews.com/2017/06/fireball-computer-virus.html 

https://www.onelogin.com/blog/august-2016-incident 
https://www.onelogin.com/blog/may-31-2017-security-incident 
https://krebsonsecurity.com/2017/06/onelogin-breach-exposed-ability-to-decrypt-data/ 
https://arstechnica.com/security/2017/06/onelogin-data-breach-compromised-decrypted/ 
https://motherboard.vice.com/en_us/article/identity-manager-onelogin-has-suffered-a-nasty-looking-data-breach 

https://thehackernews.com/2017/06/windows-hacking-implant.html 
https://arstechnica.com/security/2017/06/wikileaks-says-cias-pandemic-implant-turns-servers-into-malware-carriers/ 
https://wikileaks.org/vault7/releases/#Pandemic 
 


Youtube Thumbnail credit:
http://apocageddon.com/wp-content/uploads/2016/10/10b017_f7f33fe3dd4942bab14c189e089aed9b-mv2_d_2800_2000_s_2-1024x731-2800x2000.jpg  

No More Drone Registration! Subtitles Can Be Hacked, Fake Net Neutrality Comments - Threat Wire

May 30, 2017 09:06

Description:

No more drone registration, watch movies with subtitles? Beware a remote code execution flaw, and was your name used for anti-net neutrality comments? All that coming up now on Threat Wire.

-------------------------------
Shop: http://www.hakshop.com
Support: http://www.patreon.com/threatwire
Subscribe: http://www.youtube.com/hak5
Our Site: http://www.hak5.org
Contact Us: http://www.twitter.com/hak5
Threat Wire RSS: https://shannonmorse.podbean.com/feed/
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999
Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ
------------------------------

https://www.cnet.com/news/new-proposed-legislation-gives-government-authority-to-take-over-your-drone/
https://www.nytimes.com/2017/05/23/us/politics/drone-surveillance-policy.html?_r=2
https://www.geekwire.com/2017/hobbyist-faa-drone-registration/
http://www.flyingmag.com/faa-drone-registration-requirement-shot-down-by-appeals-court
https://www.cadc.uscourts.gov/internet/opinions.nsf/FA6F27FFAA83E20585258125004FBC13/%24file/15-1495-1675918.pdf

https://thehackernews.com/2017/05/movie-subtitles-malware.html
http://blog.checkpoint.com/2017/05/23/hacked-in-translation/
https://threatpost.com/subtitle-hack-leaves-200-million-vulnerable-to-remote-code-execution/125868/
https://www.cnet.com/news/new-hack-threat-may-be-hiding-in-your-movies-subtitles/

https://arstechnica.com/information-technology/2017/05/examining-the-fcc-claim-that-ddos-attacks-hit-net-neutrality-comment-system/
https://transition.fcc.gov/Daily_Releases/Daily_Business/2017/db0508/DOC-344764A1.pdf
https://arstechnica.com/information-technology/2017/05/identity-theft-victims-ask-fcc-to-clean-up-fake-anti-net-neutrality-comments/
http://www.zdnet.com/article/a-bot-is-flooding-the-fccs-website-with-fake-anti-net-neutrality-comments/
https://motherboard.vice.com/en_us/article/dead-people-are-posting-anti-net-neutrality-comments-to-the-fcc-website
https://www.fightforthefuture.org/news/2017-05-25-letter-to-the-fcc-from-people-whose-names-and/
https://www.comcastroturf.com/
http://kdvr.com/2017/05/14/7000-coloradans-names-addresses-used-to-post-fake-comments-about-government-decision/


Youtube Thumbnail credit:
https://c1.staticflickr.com/1/354/19357743954_93ae933bdc_b.jpg

WannaCry Ransomware Infects the World - Threat Wire

May 16, 2017 11:31

Description:

Everything we know so far about WannaCrypt or WannaCry, Microsoft criticizes gov’t agencies, a keylogger is found on HP machines, and Trump’s new cybersecurity measures. All that coming up now on Threat Wire.

-------------------------------
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 
Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ 
------------------------------

Links:
https://www.troyhunt.com/everything-you-need-to-know-about-the-wannacrypt-ransomware/ 
http://blog.talosintelligence.com/2017/05/wannacry.html 
https://www.malwaretech.com/2017/05/how-to-accidentally-stop-a-global-cyber-attacks.html 
https://technet.microsoft.com/en-us/library/security/ms17-010.aspx 
https://arstechnica.com/security/2017/05/an-nsa-derived-ransomware-worm-is-shutting-down-computers-worldwide/ 
https://krebsonsecurity.com/2017/05/u-k-hospitals-hit-in-widespread-ransomware-attack/ 
https://krebsonsecurity.com/2017/05/global-wana-ransomware-outbreak-earned-perpetrators-26000-so-far/ 
https://www.nomoreransom.org/ 
https://www.bleepingcomputer.com/forums/f/239/ransomware-help-tech-support/ 
https://arstechnica.com/security/2017/05/wcry-is-so-mean-microsoft-issues-patch-for-3-unsupported-windows-versions/ 
http://www.securityweek.com/manhunt-hackers-behind-global-cyberattack 
https://www.theverge.com/2017/5/15/15643226/wannacry-ransomware-north-korea-attribution-wannacrypt 
https://support.microsoft.com/en-gb/help/2696547/how-to-enable-and-disable-smbv1,-smbv2,-and-smbv3-in-windows-vista,-windows-server-2008,-windows-7,-windows-server-2008-r2,-windows-8,-and-windows-server-2012 
https://www.nytimes.com/interactive/2017/05/12/world/europe/wannacry-ransomware-map.html 
https://thehackernews.com/2017/05/wannacry-ransomware-cyber-attack.html 
https://twitter.com/m0rb 
https://twitter.com/hackerfantastic/status/863833239475171329 
https://www.bleepingcomputer.com/virus-removal/remove-wannacry-wana-decryptor-ransomware#remove 


https://thehackernews.com/2017/05/windows-malware-framework.html 
http://www.securityweek.com/wikileaks-details-more-windows-attack-tools-used-cia 
https://wikileaks.org/vault7/#AfterMidnight 
https://wikileaks.org/vault7/document/Assassin_v1_4_Users_Guide/page-1/#pagination 
https://blogs.microsoft.com/on-the-issues/2017/05/14/need-urgent-collective-action-keep-people-safe-online-lessons-last-weeks-cyberattack/#sm.00000ufcgvbxszdbhq9jijaflto2p 
http://www.businessinsider.com/microsoft-brad-smith-attacks-us-government-stockpiling-vulnerabilities-ransomware-attack-2017-5 

 

https://thehackernews.com/2017/05/hp-audio-driver-laptop-keylogger.html 
https://arstechnica.com/security/2017/05/hp-laptops-covert-log-every-keystroke-researchers-warn/ 
https://www.cnet.com/news/keylogger-discovered-on-some-hp-laptops-conexant/ 
https://www.modzero.ch/modlog/archives/2017/05/11/en_keylogger_in_hewlett-packard_audio_driver/index.html 


https://thehackernews.com/2017/05/trump-fires-fbi-director.html 
https://theintercept.com/2017/05/12/trump-threatens-comey-secretly-recorded-tapes-conversations/ 
https://theintercept.com/2017/05/11/tk-worldwide-threats-hearing-thursday/ 
https://theintercept.com/2017/05/11/with-james-comey-gone-these-three-fbi-and-doj-officials-are-running-the-russia-trump-probe/ 
https://theintercept.com/2017/05/10/why-was-james-comey-fired-donald-trump-cant-find-the-words/ 
https://www.whitehouse.gov/the-press-office/2017/05/11/presidential-executive-order-strengthening-cybersecurity-federal 
https://www.cnet.com/news/president-trump-signs-cybersecurity-executive-order/ 
https://threatpost.com/trump-signs-cybersecurity-executive-order/125616/  

Youtube Thumbnail credit:
https://upload.wikimedia.org/wikipedia/commons/3/3a/Countries_initially_affected_in_WannaCry_ransomware_attack.png

 

2FA Via Text Is Broken, Windows Could Have a Worm - Threat Wire

May 9, 2017 07:44

Description:

Google fixes a major phishing attack, 2FA via text is still broken, and a remote code execution vulnerability has been reported to microsoft. All that coming up now on Threat Wire.


-------------------------------
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 
Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ 
------------------------------
Links:
Big thanks to Jeffrey for this week’s Patreon Pick!
https://www.theregister.co.uk/AMP/2017/05/03/hackers_fire_up_ss7_flaw/?utm_content=bufferf297f&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer 
https://www.theregister.co.uk/2017/03/30/fcc_must_act_on_ss7/ 
https://thehackernews.com/2017/05/ss7-vulnerability-bank-hacking.html 
https://arstechnica.com/security/2017/05/thieves-drain-2fa-protected-bank-accounts-by-abusing-ss7-routing-protocol/ 
https://motherboard.vice.com/en_us/article/we-were-warned-about-flaws-in-the-mobile-data-backbone-for-years-now-2fa-is-screwed 

https://thehackernews.com/2017/05/google-docs-phishing-email.html 
https://arstechnica.com/security/2017/05/google-phishing-attack-was-foretold-by-researchers-and-it-may-have-used-their-code/ 
https://arstechnica.com/security/2017/05/google-docs-phish-worm-grabs-your-google-app-permissions-contacts/ 
https://www.cnet.com/news/google-doc-phishing-scam/ 
https://motherboard.vice.com/en_us/article/that-twitter-account-claiming-the-google-docs-attack-was-research-is-dodgy-as-hell 
https://motherboard.vice.com/en_us/article/massive-gmail-google-doc-phishing-email 
https://threatpost.com/1-million-gmail-users-impacted-by-google-docs-phishing-attack/125436/ 

https://thehackernews.com/2017/05/windows-rce-exploit.html 
https://twitter.com/taviso/status/860679110728622080 
https://twitter.com/taviso/status/860681252034142208  
https://threatpost.com/wormable-windows-zero-day-reported-to-microsoft/125513/ 

 

Youtube Thumbnail credit:
https://cdn4.computerworlduk.com/cmsdata/slideshow/3623740/Hand_holding_smartphone_thumb800.jpg

 

The FCC Targets Net Neutrality, NSA Stops Email Spying - Threat Wire

May 2, 2017 10:11

Description:

The FCC has targeted net neutrality, the NSA stops -some- of their email spying, IoT vigilantes are on the rise, and Intel devices can be pwned. All that coming up now on Threat Wire.

 

Links:

https://motherboard.vice.com/en_us/article/shady-conservative-group-is-flooding-the-fcc-with-anti-net-neutrality-comments

https://arstechnica.com/information-technology/2017/04/throttling-of-websites-and-online-services-might-help-customers-fcc-says/

https://thehackernews.com/2017/04/fcc-net-neutrality-rules.html

https://arstechnica.com/tech-policy/2017/05/too-little-too-late-fcc-wins-net-neutrality-court-case/

https://apps.fcc.gov/edocs_public/attachmatch/DOC-344614A1.pdf

https://act.eff.org/action/tell-congress-don-t-surrender-the-internet

https://www.fcc.gov/ecfs/search/filings?limit=100&offset=0&proceedings_name=17-108&sort=date_disseminated,ASC

 

https://www.nsa.gov/news-features/press-room/statements/2017-04-28-702-statement.shtml

https://arstechnica.com/tech-policy/2017/04/nsa-stops-collection-of-us-citizens-e-mails-about-intel-targets/

https://www.cnet.com/news/nsa-ditches-controversial-aspect-of-its-spy-program/

https://arstechnica.com/security/2017/04/nsa-backdoor-detected-on-55000-windows-boxes-can-now-be-remotely-removed/

https://www.wired.com/2017/04/big-change-nsa-spying-marks-win-american-privacy/

https://theintercept.com/2017/04/28/nsa-backs-down-on-major-surveillance-program-that-captured-americans-communications-without-a-warrant/



https://www.wired.com/2017/04/clever-plan-fix-iot-security-still-drawbacks/

https://arstechnica.com/security/2017/04/a-vigilante-is-putting-huge-amount-of-work-into-infecting-iot-devices/

https://thehackernews.com/2017/04/vigilante-hacker-iot-botnet_26.html

https://arstechnica.com/security/2017/04/brickerbot-the-permanent-denial-of-service-botnet-is-back-with-a-vengeance/

https://themerkle.com/brickerbot-developer-claims-he-bricked-over-2-million-iot-devices-so-far/

https://securelist.com/blog/research/78160/hajime-the-mysterious-evolving-botnet/

 

https://semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platforms/

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr




Youtube Thumbnail credit:

https://c1.staticflickr.com/3/2940/14743736905_635a8c14e9_b.jpg

 

Steal a Car With $22 in Tech, FCC Removes Price Caps, and Punycode is Full of Win - Threat Wire

Apr 25, 2017 08:56

Description:

The FCC still isn’t so keen on internet freedom, a new car could cost as little as $22, and it’s possible to phish people using Unicode. All that coming up now on Threat Wire.


-------------------------------
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 
Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ 
------------------------------

Links:
https://motherboard.vice.com/en_us/article/canada-just-ruled-to-uphold-net-neutrality  
https://www.canada.ca/en/radio-television-telecommunications/news/2017/04/crtc_strengthensitscommitmenttonetneutralityconsumerchoiceandfre0.html 
https://motherboard.vice.com/en_us/article/trumps-fcc-to-vote-to-allow-broadband-rate-hikes-for-schools-and-libraries 
https://apps.fcc.gov/edocs_public/attachmatch/FCC-16-54A1.pdf 
http://consumerfed.org/press_release/fcc-must-reject-proposal-allowing-business-data-services-increase-already-inflated-pricing/ 
https://www.fcc.gov/news-events/events/2017/04/april-2017-open-commission-meeting 
https://transition.fcc.gov/Daily_Releases/Daily_Business/2017/db0330/DOC-344162A1.pdf 
https://arstechnica.com/information-technology/2017/04/fcc-helps-att-and-verizon-charge-more-by-ending-broadband-price-caps/ 

https://thehackernews.com/2017/04/unicode-Punycode-phishing-attack.html  
https://arstechnica.com/security/2017/04/chrome-firefox-and-opera-users-beware-this-isnt-the-apple-com-you-want/ 
https://www.xudongz.com/blog/2017/idn-phishing/ 
https://www.xn--80ak6aa92e.com/ 
https://www.apple.com/ 


https://www.wired.com/2017/04/just-pair-11-radio-gadgets-can-steal-car/ 

 

 

***************************
CREDITS:
Editor: Perrin Murphy

Youtube Thumbnail credit:
QIHOO 360 TEAM UNICORN

ShadowBrokers Release New NSA Docs - Threat Wire

Apr 17, 2017 07:45

Description:

Emergency sirens went off in Dallas, but it was a pretty low-tech hack, inmates in an Ohio prison build their own computers to access the internet, and the ShadowBrokers offer up a Good Friday Surprise from the NSA. All that coming up now on Threat Wire.

 

Links:

https://thehackernews.com/2017/04/emergency-tornado-siren-hack.html

http://www.dallasobserver.com/news/dallas-siren-hack-done-by-radio-not-computer-9358087

https://www.dallasnews.com/news/dallas-city-council/2017/04/12/dallas-spends-100000-upgrade-emergency-sirens-hack-just-beginning

https://arstechnica.com/information-technology/2017/04/dallas-siren-hack-used-radio-signals-to-spoof-alarm-says-city-manager/

 

http://watchdog.ohio.gov/Portals/0/pdf/investigations/2015-CA00043.pdf

https://motherboard.vice.com/en_us/article/how-to-illegally-build-an-internet-connected-pc-in-prison

https://thehackernews.com/2017/04/computer-in-prison.html

https://arstechnica.com/tech-policy/2017/04/inmates-built-computers-hidden-in-ceiling-connected-them-to-prison-network/

 

https://arstechnica.com/security/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

https://www.fireeye.com/blog/threat-research/2017/04/acknowledgement_ofa.html

https://arstechnica.com/security/2017/04/microsoft-word-0day-used-to-push-dangerous-dridex-malware-on-millions/

https://arstechnica.com/security/2017/04/critical-word-0day-is-only-1-of-3-microsoft-bugs-under-attack/

 

https://thehackernews.com/2017/04/swift-banking-hacking-tool.html

https://thehackernews.com/2017/04/swift-banking-hacking-tool.html

https://steemit.com/shadowbrokers/@theshadowbrokers/lost-in-translation

http://www.marketwired.com/press-release/no-credibility-online-claim-compromise-eastnets-customer-information-on-its-swift-service-2209857.htm

https://motherboard.vice.com/en_us/article/shadow-brokers-nsa-stuxnet-iran

https://blogs.technet.microsoft.com/msrc/2017/04/14/protecting-customers-and-evaluating-risk/

-------------------------------
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 
Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ 
------------------------------


Youtube Thumbnail credit:

https://upload.wikimedia.org/wikipedia/commons/c/cd/Nsa_sign.jpg

Better Border Protections for Your Electronic Devices - Threat Wire

Apr 11, 2017 06:03

Description:

A Bipartisan bill for better border protections? Did Symantec just oust the CIA? And Wi-Fi networks can hack your phone, All that coming up now on Threat Wire.

-------------------------------
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 
Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ 
------------------------------

Links:
https://www.cnet.com/news/warrant-search-phones-border-senate-bill-ron-wyden-rand-paul/ 
https://motherboard.vice.com/en_us/article/airport-search-phone-tsa-border-patrol 
https://www.wyden.senate.gov/download/?id=9CDE0A37-24DD-4D05-B199-C7E160CAA088&download=1 

https://arstechnica.com/tech-policy/2017/04/wikileaks-just-dropped-the-cias-secret-how-to-for-infecting-windows/ 
https://wikileaks.org/vault7/releases/ 
https://wikileaks.org/ciav7p1/cms/page_12353652.html 
https://wikileaks.org/vault7/document/#grasshopper 
https://arstechnica.com/security/2017/04/found-in-the-wild-vault7-hacking-tools-wikileaks-attributes-to-the-cia/ 
https://www.symantec.com/connect/blogs/longhorn-tools-used-cyberespionage-group-linked-vault-7 

https://arstechnica.com/security/2017/04/wide-range-of-android-phones-vulnerable-to-device-hijacks-over-wi-fi/ 
https://support.apple.com/en-us/HT207688 
https://googleprojectzero.blogspot.com/2017/04/over-air-exploiting-broadcoms-wi-fi_4.html 
https://source.android.com/security/bulletin/2017-04-01 


Youtube Thumbnail credit:
https://c1.staticflickr.com/9/8234/8468731232_d71091177c_b.jpg

ISPs Could Sell User Web Data with Senate Vote - Threat Wire

Mar 28, 2017 09:14

Description:

Symantec issued HTTPS certificates are on Google’s chopping block, the Senate votes to allow ISPs to sell web search data, Wikileaks says the CIA targets Apple devices, and John Deere tractors are being hacked. All that coming up now on ThreatWire.


-------------------------------
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 
Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ 
------------------------------

Links:
https://thehackernews.com/2017/03/google-invalidate-symantec-certs.html 
https://arstechnica.com/security/2017/03/google-takes-symantec-to-the-woodshed-for-mis-issuing-30000-https-certs/ 
https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/eUAKwjihhBs%5B1-25%5D 

https://thehackernews.com/2017/03/isp-to-sell-browsing-data.html 
https://arstechnica.com/information-technology/2017/03/how-isps-can-sell-your-web-history-and-how-to-stop-them/ 
https://theintercept.com/2017/03/23/the-senate-just-voted-to-sell-you-out-to-advertisers/ 
https://motherboard.vice.com/en_us/article/senate-republicans-vote-to-allow-isps-to-sell-your-private-data 
https://www.senate.gov/legislative/LIS/roll_call_lists/roll_call_vote_cfm.cfm?congress=115&session=1&vote=00094 
https://www.eff.org/deeplinks/2017/03/five-creepy-things-your-isp-could-do-if-congress-repeals-fccs-privacy-protections 

https://thehackernews.com/2017/03/wikileaks-cia-mac-iphone-hacking.html 
https://arstechnica.com/security/2017/03/new-wikileaks-dump-the-cia-built-thunderbolt-exploit-implants-to-target-macs/ 
https://techcrunch.com/2017/03/23/apple-says-recent-wikileaks-cia-docs-detail-old-fixed-iphone-and-mac-exploits/ 
https://wikileaks.org/vault7/darkmatter/ 

https://motherboard.vice.com/en_us/article/why-american-farmers-are-hacking-their-tractors-with-ukrainian-firmware 
Via: DcyMatrix

 


Youtube Thumbnail credit:
ISPs Can Sell Your Private Data!?

Youtube thumbnail title:
https://static.pexels.com/photos/7360/startup-photos.jpg  

WhatsApp Web App Account Takeover, and Yahoo Hackers Indicted - Threat Wire

Mar 21, 2017 07:08

Description:

Twitter Counter gets hacked, WhatsApp and Telegram web apps vulnerable to account takeovers, four have been indicted in one of the Yahoo hacks, and the White House has a new cybersecurity coordinator. All that coming up now on Threat Wire.

 

Links:

https://www.cnet.com/news/twitter-hack-fills-high-profile-accounts-with-nazi-references/

http://blog.twittercounter.com/2017/03/turkish-spam-and-cyber-defences/?utm_content=buffer22f5d&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer

https://twitter.com/thecounter/status/841936613752094721

https://www.wired.com/2017/03/hack-brief-high-profile-twitter-accounts-overrun-swastikas/

https://thehackernews.com/2017/03/twitter-account-hack.html

 

https://www.cnet.com/news/whatsapp-telegram-flaws-left-accounts-vulnerable-to-hackers/

http://blog.checkpoint.com/2017/03/15/check-point-discloses-vulnerability-whatsapp-telegram/

https://thehackernews.com/2017/03/hack-whatsapp-telegram-account.html

https://www.wired.com/2017/03/whatsapp-hack-shows-even-encryption-apps-vulnerable-browser/

 

https://krebsonsecurity.com/2017/03/four-men-charged-with-hacking-500m-yahoo-accounts/

https://www.wired.com/2017/03/yahoo-hack-russia-indictment/

https://www.justice.gov/opa/pr/us-charges-russian-fsb-officers-and-their-criminal-conspirators-hacking-yahoo-and-millions

https://arstechnica.com/tech-policy/2017/03/fbi-hints-that-hack-of-semi-privileged-yahoo-employee-led-to-massive-breach/

https://www.cnet.com/news/yahoo-russian-spies-hack-cyber-security-department-of-justice-charged-breach/

 

https://fcw.com/articles/2017/03/15/joyce-white-house-cyber.aspx

https://www.youtube.com/watch?v=bDJb8WOJYdA

https://www.sans.org/critical-security-controls



Youtube Thumbnail credit:

https://c1.staticflickr.com/5/4141/4806442824_a906d7dda7_b.jpg

CIA Hacking Tools Released in Wikileaks Vault 7 - Threat Wire

Mar 14, 2017 11:13

Description:

Wikileaks publicizes Vault 7, 8000 plus pages of CIA documents. All that coming up now on Threat Wire.

-------------------------------
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 
------------------------------

Links:
https://wikileaks.org/ciav7p1/ 
https://twitter.com/wikileaks/status/839105996429668352 
https://twitter.com/whispersystems/status/839204754718932992?ref_src=twsrc%5Etfw 
https://wikileaks.com/ciav7p1/cms/page_11629096.html 
https://wikileaks.com/ciav7p1/cms/files/iOS%20Exploits%20-%20iOS%20-%20EDG%20Confluence.pdf 
https://wikileaks.org/ciav7p1/cms/page_12353643.html 
https://www.cnet.com/news/weeping-angel-hack-samsung-smart-tv-cia-wikileaks/ 
https://wikileaks.org/ciav7p1/cms/page_7995642.html 
https://wikileaks.org/ciav7p1/cms/page_20873532.html 
http://www.reuters.com/article/us-cia-wikileaks-leak-idUSKBN16F2CZ 
https://www.facebook.com/wikileaks/videos/1262453947123048/ 
https://www.cnet.com/news/google-android-chrome-cia-exploits-wikileaks-vault-7-julian-assange/ 
https://www.cnet.com/news/microsoft-systems-seem-safe-from-wikileaks-alleged-cia-hacks/ 
https://www.cnet.com/news/apple-cia-wikileaks-vault-7-ios-patches-vulnerabilities/ 
https://www.cia.gov/news-information/press-releases-statements/2017-press-releases-statements/cia-statement-on-claims-by-wikileaks.html 
https://www.cnet.com/news/cias-alleged-hackers-are-fixated-with-pokemon-in-vault-7-leak/ 
https://arstechnica.com/information-technology/2017/03/a-look-at-the-cias-internal-dank-meme-division/ 


Youtube Thumbnail credit:

https://www.upr.fr/wp-content/uploads/2011/11/cia-europe-federalistes.jpg 

FCC Stays Privacy Regulations, CloudPets Ignores Hack, and 32 Million Yahoo Accounts Hacked - Threat Wire

Mar 7, 2017 07:52

Description:

The FCC stays privacy regulations for consumers, 32 million total yahoo accounts were hacked with that cookie problem a few months ago, and CloudPets is really digging themselves into a grave with this toy hack. All that coming up now on Threat Wire.

-------------------------------
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 
------------------------------

 

https://apps.fcc.gov/edocs_public/attachmatch/DOC-341937A1.pdf

https://www.hak5.org/episodes/threatwire/are-hacker-counterattacks-legal-threat-wire

https://transition.fcc.gov/Daily_Releases/Daily_Business/2017/db0301/DOC-343702A1.pdf

https://apps.fcc.gov/edocs_public/attachmatch/FCC-16-148A5.pdf

https://arstechnica.com/tech-policy/2017/02/fcc-head-ajit-pai-you-can-thank-me-for-carriers-new-unlimited-data-plans/

https://arstechnica.com/information-technology/2017/03/paid-data-cap-exemptions-can-still-be-big-despite-rise-of-unlimited-data/

https://arstechnica.com/information-technology/2017/03/robocalls-begone-fcc-seeks-to-block-calls-from-spoofed-numbers/

https://www.fcc.gov/news-events/blog/2017/03/02/springing-forward-public-interest-fcc%E2%80%99s-march-agenda



https://arstechnica.com/security/2017/03/marissa-mayer-forgoes-bonus-after-yahoo-botches-hack-investigation/

https://www.cnet.com/news/yahoo-says-forged-cookie-attack-accessed-about-32m-accounts/

https://investor.yahoo.net/secfiling.cfm?filingID=1193125-17-65791&CIK=1011006&soc_src=mail&soc_trk=ma

 

https://www.troyhunt.com/data-from-connected-cloudpets-teddy-bears-leaked-and-ransomed-exposing-kids-voice-messages/

http://www.networkworld.com/article/3175225/security/smart-teddy-bears-involved-in-a-contentious-data-breach.html




Youtube Thumbnail credit:

https://morningconsult.com/wp-content/uploads/2016/02/Ajit-Pai-2-1024x681.jpg

SHA-1 is Officially Dead and What is CloudBleed? - Threat Wire

Feb 28, 2017 07:52

Description:

Cloudflare experiences a bug, SHA-1 is officially dead, and a man accused of DDoSing almost a million people has been arrested. All that coming up now on Threat Wire.

 

Links:

https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/

https://twitter.com/taviso/status/832744397800214528

https://www.cnet.com/how-to/cloudbleed-bug-everything-you-need-to-know/

https://bugs.chromium.org/p/project-zero/issues/detail?id=1139

https://www.troyhunt.com/pragmatic-thoughts-on-cloudbleed/

https://medium.com/@octal/cloudbleed-how-to-deal-with-it-150e907fd165#.b1zg99ry2

http://www.doesitusecloudflare.com/

https://github.com/pirate/sites-using-cloudflare

https://blog.agilebits.com/2017/02/23/three-layers-of-encryption-keeps-you-safe-when-ssltls-fails/

 

https://thehackernews.com/2017/02/sha1-collision-attack.html

https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html

https://arstechnica.com/security/2017/02/at-deaths-door-for-years-widely-used-sha1-function-is-now-dead/

https://arstechnica.com/security/2017/02/watershed-sha1-collision-just-broke-the-webkit-repository-others-may-follow/

https://shattered.io/static/shattered-1.pdf

https://shattered.io/static/shattered-2.pdf

https://shattered.io/

https://shattered.io/static/shattered.pdf

 

https://thehackernews.com/2017/02/mirai-router-hacking.html

https://motherboard.vice.com/en_us/article/police-have-arrested-a-suspect-in-a-massive-internet-of-things-attack

http://www.presseportal.de/blaulicht/pm/7/3568074

http://www.spoofit.org/bestbuy-vdos-reloaded/

http://www.spoofit.org/lonestarcell.txt

 

Youtube thumbnail title:

https://cdn.pixabay.com/photo/2016/12/07/12/58/virus-1889413_960_720.jpg

Steam Profile XSS Attack - Threat Wire

Feb 14, 2017 05:52

Description:

Simply viewing a Steam profile could put you at risk, Wordpress fixes a rather big problem, and WhatsApp introduces two step verification. All that coming up now on Threat Wire.

 

-------------------------------
Shop: http://www.hakshop.com
Support: http://www.patreon.com/threatwire
Subscribe: http://www.youtube.com/hak5
Our Site: http://www.hak5.org
Contact Us: http://www.twitter.com/hak5
Threat Wire RSS: https://shannonmorse.podbean.com/feed/
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999
------------------------------

 

Links:

https://arstechnica.com/security/2017/02/as-valve-eradicates-serious-bug-in-steam-heres-what-you-need-to-know/

https://www.reddit.com/r/Steam/comments/5skfg4/warning_regarding_a_steam_profile_related_exploit/

https://www.reddit.com/r/Steam/comments/5srlwd/the_steam_community_exploit_explained_indepth_by/

https://www.youtube.com/watch?v=lGF_QO3W3GQ

 

https://arstechnica.com/security/2017/02/virally-growing-attacks-on-unpatched-wordpress-sites-affects-2m-pages/

https://thehackernews.com/2017/02/wordpress-hack-seo.html

https://threatpost.com/attackers-capitalizing-on-unpatched-wordpress-sites/123617/

https://blog.sucuri.net/2017/02/wordpress-rest-api-vulnerability-abused-in-defacement-campaigns.html

https://wordpress.org/news/2017/01/wordpress-4-7-2-security-release/

 

http://www.phonearena.com/news/WhatsApp-now-using-a-two-step-verification-process_id90874

https://www.whatsapp.com/faq/en/general/26000021



Youtube Thumbnail credit:

https://mygaming.co.za/news/wp-content/uploads/2015/08/Most-popular-and-highest-rated-games-currently-on-Steam.jpg

House of Reps Passes New Email Privacy Act - Threat Wire

Feb 8, 2017 06:31

Description:

Facebook is trying to make password recovery more secure, Vizio is watching you, and the ECPA sorely needs an update. All that coming up now on Threat Wire.

 

-------------------------------
Shop: http://www.hakshop.com 
Support: http://www.patreon.com/threatwire 
Subscribe: http://www.youtube.com/hak5 
Our Site: http://www.hak5.org 
Contact Us: http://www.twitter.com/hak5 
Threat Wire RSS: https://shannonmorse.podbean.com/feed/ 
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 
------------------------------

 

Links:

https://arstechnica.com/security/2017/01/forgotten-passwords-are-bane-of-the-internet-facebook-wants-to-fix-that/

https://www.facebook.com/notes/protect-the-graph/improving-account-security-with-delegated-recovery/1833022090271267/

https://github.com/facebookincubator/DelegatedRecovery/

 

http://www.theverge.com/2017/2/6/14522582/vizio-ftc-lawsuit-tv-viewing-habits-tracking-privacy

https://arstechnica.com/tech-policy/2017/02/vizio-smart-tvs-tracked-viewers-around-the-clock-without-consent/

https://www.ftc.gov/news-events/press-releases/2017/02/vizio-pay-22-million-ftc-state-new-jersey-settle-charges-it

https://www.consumer.ftc.gov/blog/vizio-settlement-smart-tvs-should-not-track-your-shows-without-your-ok

 

http://www.multichannel.com/news/congress/house-passes-e-mail-privacy-act/410716

https://www.wired.com/2017/02/trump-power-email-privacy-act-never-urgent/



Youtube Thumbnail credit:

https://upload.wikimedia.org/wikipedia/commons/f/fb/Obama_Health_Care_Speech_to_Joint_Session_of_Congress.jpg

Meitu, Spyware or Just Plain Kawaii - Threat Wire

Jan 24, 2017 06:45

Description:

Meitu is super kawaii, but is it spyware?, Lavabit is Back!, Chelsea Manning’s jail time gets commuted, and the US people still needs pix or it didn’t happen regarding Russia’s hacks of the DNC and RNC. Coming up now on Threat Wire.

-------------------------------
Shop: http://www.hakshop.com
Support: http://www.patreon.com/threatwire
Subscribe: http://www.youtube.com/hak5
Our Site: http://www.hak5.org
Contact Us: http://www.twitter.com/hak5
------------------------------

RSS: https://shannonmorse.podbean.com/feed/

iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Links:
http://arstechnica.com/security/2017/01/meitu-anime-beauty-app-privacy-holes/
https://motherboard.vice.com/read/anime-selfies-app-meitu-is-crapware-that-collects-private-data
https://www.documentcloud.org/documents/3386200-Meitu-Statement-Final.html
https://twitter.com/Laughing_Mantis/status/821978447551397888
https://twitter.com/FourOctets/status/821987457520369664

http://www.businessinsider.com/lavabit-encrypted-email-service-used-by-edward-snowden-relaunches-privacy-2017-1
https://theintercept.com/2017/01/20/encrypted-email-service-once-used-by-edward-snowden-to-relaunch/
https://lavabit.com/

https://theintercept.com/2017/01/18/russia-allows-edward-snowden-to-remain-through-2020/
https://theintercept.com/2017/01/17/chelsea-manning-will-be-free-in-may/
http://www.webmd.com/mental-health/gender-dysphoria#1

https://www.wired.com/2017/01/feds-damning-report-russian-election-hack-wont-convince-skeptics/
https://www.wired.com/2017/01/russia-hacked-older-republican-emails-fbi-director-says/


Youtube thumbnail credit:
https://pixabay.com/p-1525124/?no_redirect

Is WhatsApp Secure? - Threat Wire

Jan 19, 2017 08:01

Description:

Does WhatsApp really have a backdoor? Thousands of MongoDB Databases have been deleted across the web, cardless ATMs sounds like a terrible idea, and Cellebrite got hacked... Coming up now on Threat Wire.

-------------------------------
Shop: http://www.hakshop.com
Support: http://www.patreon.com/threatwire
Subscribe: http://www.youtube.com/hak5
Our Site: http://www.hak5.org
Contact Us: http://www.twitter.com/hak5
------------------------------

Links:
http://thehackernews.com/2017/01/whatsapp-backdoor-encryption.html
http://arstechnica.com/security/2017/01/whatsapp-and-friends-take-umbrage-at-report-its-crypto-is-backdoored/
https://www.theguardian.com/technology/2017/jan/13/whatsapp-backdoor-allows-snooping-on-encrypted-messages


https://www.mongodb.com/blog/post/how-to-avoid-a-malicious-attack-that-ransoms-your-data
http://arstechnica.com/security/2017/01/more-than-10000-online-databases-taken-hostage-by-ransomware-attackers/
https://krebsonsecurity.com/2017/01/extortionists-wipe-thousands-of-databases-victims-who-pay-up-get-stiffed/

https://krebsonsecurity.com/2017/01/stolen-passwords-fuel-cardless-atm-fraud/
http://www.dca.ca.gov/publications/legal_guides/cr-6.shtml

http://arstechnica.com/tech-policy/2017/01/hack-reveals-data-company-cellebrite-works-with-everyone-from-us-cops-to-russia/
http://motherboard.vice.com/read/hacker-steals-900-gb-of-cellebrite-data
http://www.cellebrite.com/Mobile-Forensics/News-Events/Press-Releases/cellebrite-statement-on-information-security-breach


Youtube Thumbnail credit:
https://c2.staticflickr.com/6/5469/9344676230_55dbffe0f0_b.jpg

Top 5 Security and Privacy Apps! - Threat Wire

Jan 17, 2017 10:50

Description:

Start your 2017 off right by using some privacy and security apps made for anyone!