Threat Wire
Summary: Threat Wire by Hak5 is a weekly short format video show by Shannon Morse of Hak5 that covers the biggest news stories about what's threatening our privacy, security, and internet freedom. Stay up to date with #ThreatWire, every Tuesday.
- Visit Website
- RSS
- Artist: Shannon Morse
- Copyright: Copyright 2017 . All rights reserved.
Podcasts:
Your browsing data could be tracked by login forms, Forever21 got hacked, and Snowden released his very own mobile security system. All that coming up now on ThreatWire. -------------------------------Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ ------------------------------ Las Vegas CES Meetup details! https://twitter.com/Snubs/status/948252554017652736 Links:https://freedom-to-tinker.com/2017/12/27/no-boundaries-for-user-identities-web-trackers-exploit-browser-login-managers/ https://www.theverge.com/2017/12/30/16829804/browser-password-manager-adthink-princeton-research https://webtransparency.cs.princeton.edu/no_boundaries/autofill_sites.html https://www.cnet.com/news/forever-21-confirms-hack-payment-system/ https://newsroom.forever21.com/releases/notice-of-payment-card-security-incident https://www.forever21.com/protecting_our_customers/default.aspx https://guardianproject.github.io/haven/ https://twitter.com/Snubs/status/944229264856985601 https://www.wired.com/story/snowden-haven-app-turns-phone-into-home-security-system/ https://freedom.press/news/introducing-haven-open-source-security-system-your-pocket/ Youtube Thumbnail credit:https://c2.staticflickr.com/4/3870/14977198417_7fcd885fdd_b.jpg
The biggest, baddest, worst hacks and vulnerabilities of 2017! All that coming up now on ThreatWire.-------------------------------Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ ------------------------------ Yahoo:https://motherboard.vice.com/en_us/article/8x8b4x/whoops-yahoo-says-2013-hack-actually-hit-3-billion-users https://www.oath.com/press/yahoo-provides-notice-to-additional-users-affected-by-previously/ https://krebsonsecurity.com/2017/10/fear-not-you-too-are-a-cybercrime-victim/ WannaCry:https://www.troyhunt.com/everything-you-need-to-know-about-the-wannacrypt-ransomware/ http://blog.talosintelligence.com/2017/05/wannacry.html https://www.malwaretech.com/2017/05/how-to-accidentally-stop-a-global-cyber-attacks.html https://www.documentcloud.org/documents/3912524-Kronos-Indictment-R.html https://www.wsj.com/articles/its-official-north-korea-is-behind-wannacry-1513642537?shareToken=st2d38565d59c24132b421a4b03edb68b5&reflink=article_email_share https://www.washingtonpost.com/world/national-security/us-set-to-declare-north-korea-carried-out-massive-wannacry-cyber-attack/2017/12/18/509deb1c-e446-11e7-a65d-1ac0fd7f097e_story.html?utm_term=.7c8cb1e154dd KRACK:https://www.krackattacks.com/ https://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD+Reference=228519&SearchOrder=4 https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/ 198 Million Voter Data: http://www.securityweek.com/republican-contractor
A history of ISP regulations, new malware is infecting industrial control systems, and three men plead guilty in the Mirai botnet case. All that coming up now on ThreatWire. -------------------------------Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ ------------------------------ Links:Net Neutrality Is Cannedhttp://www.zdnet.com/article/fcc-votes-to-repeal-obama-era-net-neutrality-rules/ https://thehackernews.com/2017/12/fcc-net-neutrality-rules.html https://www.king.senate.gov/imo/media/doc/NN%2012-14.pdf https://www.doj.state.or.us/wp-content/uploads/2017/12/ag_letter_12-13-2017.pdf http://phrack.org/issues/7/3.html https://www.internetvoices.org/blog/2017/04/25/net-neutrality-violations-brief-history https://arstechnica.com/information-technology/2017/05/title-ii-hasnt-hurt-network-investment-according-to-the-isps-themselves/ https://arstechnica.com/tech-policy/2017/12/dead-people-among-millions-impersonated-in-fake-net-neutrality-comments/ https://arstechnica.com/tech-policy/2017/11/comcast-deleted-net-neutrality-pledge-the-same-day-fcc-announced-repeal/ http://www.nytimes.com/2005/06/28/technology/cable-wins-internetaccess-ruling.html?_r=1 TRITON:https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html https://www.wired.com/story/triton-malware-targets-industrial-safety-systems-in-the-middle-east/ https://thehackernews.com/2017/12/triton-ics-scada-malware.html https://arstechnica.com/information-technology/2017/12/game-changing-attack-on-critical-infrastructure-site-causes-outage/
Keyloggers were found in Wordpress and HP, mobile apps have all sorts of vulnerabilities, and Uber is hiding behind bug bounties? All that coming up now on ThreatWire. All that coming up now on ThreatWire. -------------------------------Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ ------------------------------ Links: Keyloggers: https://thehackernews.com/2017/12/hp-laptop-keylogger.html https://twitter.com/zwclose/status/938354516285706240 http://www.zdnet.com/article/keylogger-uncovered-on-hundreds-of-hp-pcs/ https://zwclose.github.io/HP-keylogger/ https://support.hp.com/us-en/document/c05827409 https://www.virustotal.com/#/file/706d3dbe8c7f217e3bb10c359bfa8b69c8ab107e3be69e3c00acaaf0a4c32e5d/detection http://www.securityweek.com/dormant-keylogging-functionality-found-hp-laptops https://www.hackread.com/more-than-5000-wordpress-website-plagued-with-keylogger/ https://blog.sucuri.net/2017/12/cloudflare-solutions-keylogger-on-thousands-of-infected-wordpress-sites.html Mobile Apps: https://thehackernews.com/2017/12/android-malware-signature.html http://www.securityweek.com/vulnerability-allows-modification-signed-android-apps https://threatpost.com/android-flaw-poisons-signed-apps-with-malicious-code/129118/
Let’s talk about Net neutrality! Again… Cryptocurrency updates, and Cellphone Tracking Without a Warrant? All that coming up now on ThreatWire. -------------------------------Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ ------------------------------ Cryptocurrencyhttps://thehackernews.com/2017/11/cryptocurrency-mining-javascript.htmlhttps://blog.malwarebytes.com/cybercrime/2017/11/persistent-drive-by-cryptomining-coming-to-a-browser-near-you/https://motherboard.vice.com/en_us/article/ywnmkk/coinbase-irs-14000-bitcoin-taxhttps://www.scribd.com/document/365893210/US-v-Coinbase-order?irgwc=1&content=10079&campaign=Skimbit%2C%20Ltd.&ad_group=66960X1514734Xf98090d6fa5931ea07eb790a7c503175&keyword=ft750noi&source=impactradius&medium=affiliate#from_embedhttps://medium.com/@barmstrong/coinbase-and-the-irs-c4e2e386e0cf Net Neutralityhttps://arstechnica.com/tech-policy/2017/11/rip-net-neutrality-fcc-chair-releases-plan-to-deregulate-isps/https://arstechnica.com/information-technology/2017/05/title-ii-hasnt-hurt-network-investment-according-to-the-isps-themselves/https://www.freepress.net/sites/default/files/resources/internet-access-and-online-video-markets-are-thriving-in-title-II-era.pdfhttps://transition.fcc.gov/Daily_Releases/Daily_Business/2017/db1121/DOC-347868A1.pdfhttp://www.emprata.com/reports/fcc-restoring-internet-freedom-docket/https://transition.fcc.gov/Daily_Releases/Daily_Business/2017/db1122/DOC-347927A1.pdfhttps://apps.fcc.gov/edocs_public/attachmatch/FCC-17-60A1.pdfhttps://arstechnica.com/tech-policy/2017/11/comcast-deleted-net-neutrality-pledge-the-same-day-fcc-announced-repeal/https://arstechnica.com/tech-policy/2017/11/comcast-throttling-bittorrent-was-no-big-deal-fcc-says/https://arstechnica.com/tech-policy/2017/12/att-says-it-never-blocked-apps-fails-to-mention-how-it-blocked-facetime/ https://theintercept.com/2017/11/29/supreme-court-cellphone-location-tracking-privacy/ https://www.theverge.com/2017/11/29/16715562/supreme-court-privacy-laws-carpenter-v-united-stateshttps://en.wikipedia.org/wiki/Carpenter_v._United_States Youtube Thumbnail credit:https://c1.staticflickr.com/9/8638/16101591183_649c703078_b.jpg
ISPs are getting worked up about state net neutrality rules, Tor browser had a bug, but Onion services are getting updated! And the big tech companies testify in court. All that coming up now on ThreatWire. https://www.hak5.org/contest https://www.hak5.org/jobs -------------------------------Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 Help us with Translations! http://www.youtube.com/timedtext_cs_panel? tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ ------------------------------ http://www.zdnet.com/article/what-we-learned-facebook-twitter-google-testified-senate-in-russia-probe/https://www.documentcloud.org/documents/4164794-Facebook-testimony-to-Senate-Judiciary-Committee.htmlhttps://www.documentcloud.org/documents/4164788-Twitter-testimony-to-Senate-Judiciary-Committee.htmlhttp://www.businessinsider.com/one-sentence-from-the-senates-social-media-hearing-should-terrify-google-facebook-and-twitter-2017-10http://www.businessinsider.com/russia-tech-hearings-2017-11https://www.cnet.com/news/facebook-twitter-google-aim-to-dodge-regulators-by-regulating-themselves-zuckerberg/https://www.cnet.com/news/russian-backed-election-content-reached-126m-on-facebook/https://www.cnet.com/videos/social-media-giants-testify-before-tech-hearings/ https://arstechnica.com/information-technology/2017/11/critical-tor-flaw-leaks-users-real-ip-address-update-now/https://www.wearesegment.com/news/the-tormoil-bug-torbrowser-critical-security-vulnerability/https://blog.torproject.org/tor-browser-709-releasedhttps://blog.torproject.org/tor-browser-75a7-releasedhttps://threatpost.com/tor-browser-users-urged-to-patch-critical-tormoil-vulnerability/128769/https://thehackernews.com/2017/11/tor-onion-service.htmlhttps://blog.torproject.org/tors-fall-harvest-next-generation-onion-serviceshttps://blog.torproject.org/tor-0321-alpha-released-support-next-gen-onion-services-and-kist-scheduler https://arstechnica.com/tech-policy/2017/11/comcast-asks-the-fcc-to-prohibit-states-from-enforcing-net-neutrality/https://arstechnica.com/tech-policy/2014/01/net-neutrality-is-half-dead-court-strikes-down-fccs-anti-blocking-rules/https://ecfsapi.fcc.gov/file/1102951806926/Comcast%20OI%20ex%20parte%2011-1-17.pdfhttps://www.cadc.uscourts.gov/internet/opinions.nsf/3AF8B4D938CDEEA685257C6000532062/$file/11-1355-1474943.pdfhttps://motherboard.vice.com/en_us/article/7x4wmy/verizon-fcc-state-privacy-laws-letterhttps://ecfsapi.fcc.gov/file/1025134031053/2017%2010%2025%20Verizon%20FCC%20Preemption%20White%20Paper%2017-108.pdfhttps://arstechnica.com/tech-policy/2017/11/comcast-has-a-lot-to-lose-if-municipal-broadband-takes-off/ Youtube Thumbnail credit:https://i.vimeocdn.com/video/641313984_1280x720.jpg
Bad Rabbit Ransomware Spreads, Sensitive Airport Docs about the Queen were Found on USB Drive, and Google plans to remove HTTP public key pinning. All that coming up now on ThreatWire. https://www.hak5.org/contest -------------------------------Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ ------------------------------ https://msdn.microsoft.com/en-us/library/aa826517(v=vs.85).aspx http://blog.talosintelligence.com/2017/10/bad-rabbit.html?m=1#more http://www.zdnet.com/article/bad-rabbit-ransomware-spread-using-leaked-nsa-eternalromance-exploit-researchers-confirm/ https://arstechnica.com/information-technology/2017/10/bad-rabbit-used-nsa-eternalromance-exploit-to-spread-researchers-say/ https://thehackernews.com/2017/10/bad-rabbit-ransomware.html https://threatpost.com/badrabbit-ransomware-attacks-hitting-russia-ukraine/128593/ http://www.mirror.co.uk/news/uk-news/terror-threat-heathrow-airport-security-11428132 https://arstechnica.com/information-technology/2017/10/man-finds-usb-stick-with-heathrow-security-plans-queens-travel-details/ https://www.cnet.com/news/usb-stick-detailing-heathrow-airport-security-found-in-london-street/ https://threatpost.com/google-to-ditch-public-key-pinning-in-chrome/128679/ http://www.zdnet.com/article/google-chrome-is-backing-away-from-public-key-pinning-and-heres-why/ https://tools.ietf.org/html/rfc7469 https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/he9tr7p3rZ8/eNMwKPmUBAAJ Youtube Thumbnail credit:https://upload.wikimedia.org/wikipedia/commons/a/a5/European_Rabbit%2C_Lake_District%2C_UK_-_August_2011.jpg
Google announces all sorts of security updates, a few updates on the KRACK attack, and a new IoT botnet has already infected millions. All that coming up now on ThreatWire. Today on ThreatWire. https://www.youtube.com/tekthing -------------------------------Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ ------------------------------ https://thehackernews.com/2017/10/google-advanced-protection.htmlhttps://www.blog.google/topics/safety-security/googles-strongest-security-those-who-need-it-most/https://landing.google.com/advancedprotection/https://www.blog.google/products/chrome/cleaner-safer-web-chrome-cleanup/https://motherboard.vice.com/en_us/article/kz74ym/google-gmail-advanced-protection-security-keys-yubikeyhttps://www.bleepingcomputer.com/news/google/google-testing-android-feature-to-hide-dns-requests/Dessymatrixhttps://tools.ietf.org/html/rfc7858https://www.xda-developers.com/android-dns-over-tls-website-privacy/ https://www.krackattacks.com/https://www.cnet.com/news/krack-wi-fi-attack-patch-how-microsoft-apple-google-responding/https://www.cnet.com/how-to/krack-affects-everyone-heres-what-to-do-now/https://krebsonsecurity.com/2017/10/what-you-should-know-about-the-krack-wifi-security-weakness/ https://www.wired.com/story/reaper-iot-botnet-infected-million-networks/https://thehackernews.com/2017/10/iot-botnet-malware-attack.htmlhttp://blog.netlab.360.com/iot_reaper-a-rappid-spreading-new-iot-botnet-en/https://research.checkpoint.com/new-iot-botnet-storm-coming/ Youtube Thumbnail credit:https://c1.staticflickr.com/9/8487/8250657417_d7f14a62c4_b.jpg
Krack is bad for WiFi, Equifax loses their IRS contract, and an RSA crypto key is vulnerable to being reverse engineered. Today on ThreatWire. -------------------------------Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ ------------------------------ https://www.krackattacks.com/ https://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD+Reference=228519&SearchOrder=4 https://github.com/kristate/krackinfo https://www.wired.com/story/krack-wi-fi-wpa2-vulnerability/ https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/ http://www.zdnet.com/article/here-is-every-patch-for-krack-wi-fi-attack-available-right-now/ https://www.theverge.com/2017/10/16/16481818/wi-fi-attack-response-security-patches https://threatpost.com/equifax-takes-down-compromised-page-redirecting-to-adware-download/128406/ https://krebsonsecurity.com/2017/10/equifax-credit-assistance-site-served-spyware/ https://www.cnet.com/news/equifax-website-ads-served-adware-malware-expert-finds/ https://randy-abrams.blogspot.com/2017/10/new-equifax-website-compromise.html https://www.cnet.com/news/irs-reportedly-suspends-7-2-million-equifax-contract/ https://arstechnica.com/tech-policy/2017/10/after-second-bungle-irs-suspends-equifaxs-taxpayer-identity-contract/ https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/ https://en.wikipedia.org/wiki/Coppersmith%27s_attack
The Yahoo breach was a lot worse than we thought, the Equifax ex-CEO sheds light on some questions, disqus was hacked, and Kaspersky is stuck in the middle of debates. All that coming up now on ThreatWire. Hak5 Product Launch Event! October 20th: https://www.hak5.org/rsvp -------------------------------Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ ------------------------------ https://motherboard.vice.com/en_us/article/8x8b4x/whoops-yahoo-says-2013-hack-actually-hit-3-billion-users https://www.oath.com/press/yahoo-provides-notice-to-additional-users-affected-by-previously/ https://threatpost.com/2013-yahoo-breach-affected-all-3-billion-accounts/128259/ https://krebsonsecurity.com/2017/10/fear-not-you-too-are-a-cybercrime-victim/ https://www.cnet.com/how-to/find-out-if-your-yahoo-account-was-hacked/ https://www.cnet.com/news/yahoo-announces-all-3-billion-accounts-hit-in-2013-breach/ https://www.cnet.com/how-to/how-to-delete-your-yahoo-account/ https://arstechnica.com/information-technology/2017/10/yahoo-says-all-3-billion-accounts-were-compromised-in-2013-hack/ https://www.wired.com/story/yahoo-breach-three-billion-accounts/ https://thehackernews.com/2017/10/yahoo-email-hacked.html https://thehackernews.com/2017/10/kaspersky-nsa-spying.html https://www.wired.com/story/nsa-contractors-hacking-tools/ https://arstechnica.com/information-technology/2017/10/the-cases-for-and-against-claims-kaspersky-helped-steal-secret-nsa-secrets/ https://www.cnet.com/news/russian-hackers-reportedly-stole-nsa-cyber-secrets-in-2015/
Ccleaner malware targeted big companies, Equifax falls for phishing techniques, a car tracking service leaks data, and IR light on security cameras could spill confidential information. All that coming up now on ThreatWire. -------------------------------Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ ------------------------------ http://www.securityweek.com/ccleaner-infection-database-erased https://motherboard.vice.com/en_us/article/7xkxba/researchers-link-ccleaner-hack-to-cyberespionage-group https://www.cnet.com/news/ccleaner-microsoft-google-samsung-intel-sony/ https://arstechnica.com/information-technology/2017/09/ccleaner-malware-outbreak-is-much-worse-than-it-first-appeared/ https://www.wired.com/story/ccleaner-malware-targeted-tech-firms/ https://thehackernews.com/2017/09/ccleaner-malware-hacking.html https://blog.avast.com/progress-on-ccleaner-investigation http://blog.talosintelligence.com/2017/09/ccleaner-c2-concern.html https://blog.avast.com/avast-threat-labs-analysis-of-ccleaner-incident https://arstechnica.com/information-technology/2017/09/ccleaner-backdoor-infecting-millions-delivered-mystery-payload-to-40-pcs/ https://blog.avast.com/additional-information-regarding-the-recent-ccleaner-apt-security-incident https://arstechnica.com/information-technology/2017/09/massive-equifax-hack-reportedly-started-4-months-before-it-was-detected/ https://arstechnica.com/information-technology/2017/09/equifax-directs-breach-victims-to-fake-notification-site/ https://www.cnet.com/news/equifax-twitter-fake-support-site-breach-victims/
CCleaner was infected with malware, Equifax is not having a good month, and BlueBorne Attacks Bluetooth devices - billions of them. All that coming up now on ThreatWire. -------------------------------Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ ------------------------------ https://thehackernews.com/2017/09/ccleaner-hacked-malware.html https://www.piriform.com/news/blog/2017/9/18/security-notification-for-ccleaner-v5336162-and-ccleaner-cloud-v1073191-for-32-bit-windows-users http://blog.talosintelligence.com/2017/09/avast-distributes-malware.html https://arstechnica.com/information-technology/2017/09/backdoor-malware-planted-in-legitimate-software-updates-to-ccleaner/ https://www.forbes.com/sites/thomasbrewster/2017/09/18/ccleaner-cybersecurity-app-infected-with-backdoor/#5eae9585316a http://www.businessinsider.com/avast-piriform-ccleaner-hijacked-trojan-malware-2017-9 https://motherboard.vice.com/en_us/article/a3kgpa/ccleaner-backdoor-malware-hack https://www.bleachbit.org/ https://thehackernews.com/2017/09/apache-struts-flaws-cisco.html https://threatpost.com/equifax-confirms-march-struts-vulnerability-behind-breach/127975/ https://thehackernews.com/2017/09/equifax-apache-struts.html https://www.equifaxsecurity2017.com/ https://arstechnica.com/information-technology/2017/09/massive-equifax-breach-caused-by-failure-to-patch-two-month-old-bug/ https://arstechnica.com/information-technology/2017/09/equifax-hackers-stole-data-for-200k-credit-cards-from-transaction-history/
Everything you need to know so far on Equifax getting hacked, an Android Toast Notification Vulnerability affects almost all android phones, and that linux shell built into windows 10 could hide malware. All that coming up now on ThreatWire. -------------------------------Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ ------------------------------ https://arstechnica.com/information-technology/2017/09/equifax-website-hack-exposes-data-for-143-million-us-consumers/ https://www.equifaxsecurity2017.com/ https://www.equifaxsecurity2017.com/potential-impact/ https://www.bloomberg.com/news/articles/2017-09-07/three-equifax-executives-sold-stock-before-revealing-cyber-hack https://yro.slashdot.org/story/17/09/10/0128214/techcrunch-equifax-hack-checking-web-site-is-returning-random-results http://www.zdnet.com/article/we-tested-equifax-data-breach-checker-it-is-basically-useless/ https://arstechnica.com/information-technology/2017/09/equifax-moves-to-fix-weak-pins-for-security-freeze-on-consumer-credit-reports/ https://www.tekthing.com/blog/2015/6/19/5-hot-games-from-e3-970-sli-vs-980ti-get-yourself-a-credit-lock-peppermint-os-lastpass-hacked?rq=freeze%20credit 10:52 inhttps://www.consumer.ftc.gov/articles/0275-place-fraud-alert https://www.identitytheft.gov/Assistant# https://krebsonsecurity.com/2017/09/equifax-breach-response-turns-dumpster-fire/ https://motherboard.vice.com/en_us/article/ywwakw/the-self-proclaimed-equifax-hackers-are-likely-nothing-more-than-amateur-scammers https://www.bloomberg.com/news/articles/2017-09-08/equifax-sued-over-massive-hack-in-multibillion-dollar-lawsuit
The FCC site could host malware, 6 million instagram accounts had their data leaked, over 700 million email addresses were exposed by a spambot, and almost half a million pacemakers could be hacked. All that coming up now on ThreatWire. -------------------------------Shop: http://www.hakshop.comSupport: http://www.patreon.com/threatwireSubscribe: http://www.youtube.com/hak5Our Site: http://www.hak5.orgContact Us: http://www.twitter.com/hak5Threat Wire RSS: https://shannonmorse.podbean.com/feed/Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ------------------------------ Links:https://motherboard.vice.com/en_us/article/8xx7q3/people-are-making-the-fcc-host-rick-and-morty-gifshttps://medium.com/contratastic/the-fcc-gov-website-lets-you-upload-documents-and-host-them-there-bdcd5c1a5b8bhttps://twitter.com/h3apspray/status/903044975813771264https://arstechnica.com/information-technology/2017/08/fccs-public-comment-api-lets-you-post-just-about-anything-to-gov-website/ https://thehackernews.com/2017/09/instagram-hack-doxagram.htmlhttps://thehackernews.com/2017/08/instagram-breach.htmlhttps://arstechnica.com/information-technology/2017/09/site-sells-instagram-users-phone-and-e-mail-details-10-a-search/https://www.cnet.com/news/instagram-flaw-celebrities-contact-information-for-sale-darknet/ https://thehackernews.com/2017/08/pacemakers-hacking.htmlhttps://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm573669.htmhttps://thehackernews.com/2017/06/pacemaker-vulnerability.htmlhttps://www.reuters.com/article/medtronic-security/medtronic-insulin-pumps-vulnerable-to-hackers-idUSN1E77O1VJ20110826https://arstechnica.com/information-technology/2017/08/465k-patients-need-a-firmware-update-to-prevent-serious-pacemaker-hacks/https://arstechnica.com/information-technology/2016/08/trading-in-stock-of-medical-device-paused-after-hackers-team-with-short-seller/http://www.healthcareitnews.com/news/fda-patients-st-jude-pacemakers-update-needed-keep-hackers-out-deviceshttps://motherboard.vice.com/en_us/article/nee5bw/465000-patients-need-software-updates-for-their-hackable-pacemakers-fda-sayshttps://www.cnet.com/news/fda-nearly-a-half-million-pacemakers-could-get-hacked/ https://www.troyhunt.com/inside-the-massive-711-million-record-onliner-spambot-dump/https://thehackernews.com/2017/08/spambot-email-addresses.htmlhttp://www.zdnet.com/article/onliner-spambot-largest-ever-malware-campaign-millions/https://benkowlab.blogspot.in/2017/08/from-onliner-spambot-to-millions-of.html Youtube Thumbnail credit:https://upload.wikimedia.org/wikipedia/commons/thumb/8/82/St_Jude_Medical_pacemaker_in_hand.jpg/1280px-St_Jude_Medical_pacemaker_in_hand.jpg
Sarahah was Caught Uploading Contacts, ROPEMAKER Changes Emails Post-Delivery, default credentials are still impacting IoT devices, and a New Crowdfunding Campaign for MalwareTech is now up and running. All that coming up now on ThreatWire. ------------------------------- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ ------------------------------ Links: https://threatpost.com/anonymous-messaging-app-sarahah-to-halt-collection-of-user-data-with-next-update/127668/ https://thehackernews.com/2017/08/sarahah-privacy.html https://theintercept.com/2017/08/27/hit-app-sarahah-quietly-uploads-your-address-book/ https://vimeo.com/223686149 https://twitter.com/ZainAlabdin878/status/901812205741629444 https://www.theregister.co.uk/2017/08/28/crowdfunding_for_hutchins_legal_fees/?mt=1503964117577 https://www.theregister.co.uk/2017/08/23/ropemaker_exploit/ https://threatpost.com/ropemaker-exploit-allows-for-changing-of-email-post-delivery/127600/ https://www.mimecast.com/globalassets/documents/whitepapers/wp_the_ropemaker_email_exploit.pdf https://arstechnica.com/information-technology/2017/08/leak-of-1700-valid-passwords-could-make-the-iot-mess-much-worse/ https://twitter.com/ankit_anubhav/status/900803406914347008 https://twitter.com/0xDUDE/status/901062772238274561 http://www.securityweek.com/thousands-iot-devices-impacted-published-credentials-list https://threatpost.com/race-is-on-to-notify-owners-after-public-list-of-iot-device-credentials-published/127661/ https://arstechnica.com/tech-policy/2017/08/malwaretechs-legal-defense-fund-bombarded-with-fraudul