Threat Wire

Your browsing data could be tracked by login forms, Forever21 got hacked, and Snowden released his very own mobile security system. All that coming up now on ThreatWire. -------------------------------Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ ------------------------------ Las Vegas CES Meetup details! https://twitter.com/Snubs/status/948252554017652736  Links:https://freedom-to-tinker.com/2017/12/27/no-boundaries-for-user-identities-web-trackers-exploit-browser-login-managers/ https://www.theverge.com/2017/12/30/16829804/browser-password-manager-adthink-princeton-research https://webtransparency.cs.princeton.edu/no_boundaries/autofill_sites.html  https://www.cnet.com/news/forever-21-confirms-hack-payment-system/ https://newsroom.forever21.com/releases/notice-of-payment-card-security-incident https://www.forever21.com/protecting_our_customers/default.aspx  https://guardianproject.github.io/haven/ https://twitter.com/Snubs/status/944229264856985601 https://www.wired.com/story/snowden-haven-app-turns-phone-into-home-security-system/  https://freedom.press/news/introducing-haven-open-source-security-system-your-pocket/  Youtube Thumbnail credit:https://c2.staticflickr.com/4/3870/14977198417_7fcd885fdd_b.jpg

The biggest, baddest, worst hacks and vulnerabilities of 2017! All that coming up now on ThreatWire.-------------------------------Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ ------------------------------ Yahoo:https://motherboard.vice.com/en_us/article/8x8b4x/whoops-yahoo-says-2013-hack-actually-hit-3-billion-users https://www.oath.com/press/yahoo-provides-notice-to-additional-users-affected-by-previously/ https://krebsonsecurity.com/2017/10/fear-not-you-too-are-a-cybercrime-victim/  WannaCry:https://www.troyhunt.com/everything-you-need-to-know-about-the-wannacrypt-ransomware/ http://blog.talosintelligence.com/2017/05/wannacry.html https://www.malwaretech.com/2017/05/how-to-accidentally-stop-a-global-cyber-attacks.html https://www.documentcloud.org/documents/3912524-Kronos-Indictment-R.html https://www.wsj.com/articles/its-official-north-korea-is-behind-wannacry-1513642537?shareToken=st2d38565d59c24132b421a4b03edb68b5&reflink=article_email_share https://www.washingtonpost.com/world/national-security/us-set-to-declare-north-korea-carried-out-massive-wannacry-cyber-attack/2017/12/18/509deb1c-e446-11e7-a65d-1ac0fd7f097e_story.html?utm_term=.7c8cb1e154dd  KRACK:https://www.krackattacks.com/ https://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD+Reference=228519&SearchOrder=4 https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/  198 Million Voter Data: http://www.securityweek.com/republican-contractor

A history of ISP regulations, new malware is infecting industrial control systems, and three men plead guilty in the Mirai botnet case. All that coming up now on ThreatWire. -------------------------------Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ ------------------------------ Links:Net Neutrality Is Cannedhttp://www.zdnet.com/article/fcc-votes-to-repeal-obama-era-net-neutrality-rules/ https://thehackernews.com/2017/12/fcc-net-neutrality-rules.html https://www.king.senate.gov/imo/media/doc/NN%2012-14.pdf https://www.doj.state.or.us/wp-content/uploads/2017/12/ag_letter_12-13-2017.pdf http://phrack.org/issues/7/3.html https://www.internetvoices.org/blog/2017/04/25/net-neutrality-violations-brief-history https://arstechnica.com/information-technology/2017/05/title-ii-hasnt-hurt-network-investment-according-to-the-isps-themselves/ https://arstechnica.com/tech-policy/2017/12/dead-people-among-millions-impersonated-in-fake-net-neutrality-comments/ https://arstechnica.com/tech-policy/2017/11/comcast-deleted-net-neutrality-pledge-the-same-day-fcc-announced-repeal/ http://www.nytimes.com/2005/06/28/technology/cable-wins-internetaccess-ruling.html?_r=1  TRITON:https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html https://www.wired.com/story/triton-malware-targets-industrial-safety-systems-in-the-middle-east/ https://thehackernews.com/2017/12/triton-ics-scada-malware.html https://arstechnica.com/information-technology/2017/12/game-changing-attack-on-critical-infrastructure-site-causes-outage/   

Keyloggers were found in Wordpress and HP, mobile apps have all sorts of vulnerabilities, and Uber is hiding behind bug bounties? All that coming up now on ThreatWire. All that coming up now on ThreatWire. -------------------------------Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ ------------------------------ Links:   Keyloggers: https://thehackernews.com/2017/12/hp-laptop-keylogger.html https://twitter.com/zwclose/status/938354516285706240 http://www.zdnet.com/article/keylogger-uncovered-on-hundreds-of-hp-pcs/ https://zwclose.github.io/HP-keylogger/ https://support.hp.com/us-en/document/c05827409 https://www.virustotal.com/#/file/706d3dbe8c7f217e3bb10c359bfa8b69c8ab107e3be69e3c00acaaf0a4c32e5d/detection http://www.securityweek.com/dormant-keylogging-functionality-found-hp-laptops https://www.hackread.com/more-than-5000-wordpress-website-plagued-with-keylogger/ https://blog.sucuri.net/2017/12/cloudflare-solutions-keylogger-on-thousands-of-infected-wordpress-sites.html   Mobile Apps: https://thehackernews.com/2017/12/android-malware-signature.html http://www.securityweek.com/vulnerability-allows-modification-signed-android-apps https://threatpost.com/android-flaw-poisons-signed-apps-with-malicious-code/129118/

Let’s talk about Net neutrality! Again… Cryptocurrency updates, and Cellphone Tracking Without a Warrant? All that coming up now on ThreatWire. -------------------------------Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ ------------------------------ Cryptocurrencyhttps://thehackernews.com/2017/11/cryptocurrency-mining-javascript.htmlhttps://blog.malwarebytes.com/cybercrime/2017/11/persistent-drive-by-cryptomining-coming-to-a-browser-near-you/https://motherboard.vice.com/en_us/article/ywnmkk/coinbase-irs-14000-bitcoin-taxhttps://www.scribd.com/document/365893210/US-v-Coinbase-order?irgwc=1&content=10079&campaign=Skimbit%2C%20Ltd.&ad_group=66960X1514734Xf98090d6fa5931ea07eb790a7c503175&keyword=ft750noi&source=impactradius&medium=affiliate#from_embedhttps://medium.com/@barmstrong/coinbase-and-the-irs-c4e2e386e0cf Net Neutralityhttps://arstechnica.com/tech-policy/2017/11/rip-net-neutrality-fcc-chair-releases-plan-to-deregulate-isps/https://arstechnica.com/information-technology/2017/05/title-ii-hasnt-hurt-network-investment-according-to-the-isps-themselves/https://www.freepress.net/sites/default/files/resources/internet-access-and-online-video-markets-are-thriving-in-title-II-era.pdfhttps://transition.fcc.gov/Daily_Releases/Daily_Business/2017/db1121/DOC-347868A1.pdfhttp://www.emprata.com/reports/fcc-restoring-internet-freedom-docket/https://transition.fcc.gov/Daily_Releases/Daily_Business/2017/db1122/DOC-347927A1.pdfhttps://apps.fcc.gov/edocs_public/attachmatch/FCC-17-60A1.pdfhttps://arstechnica.com/tech-policy/2017/11/comcast-deleted-net-neutrality-pledge-the-same-day-fcc-announced-repeal/https://arstechnica.com/tech-policy/2017/11/comcast-throttling-bittorrent-was-no-big-deal-fcc-says/https://arstechnica.com/tech-policy/2017/12/att-says-it-never-blocked-apps-fails-to-mention-how-it-blocked-facetime/ https://theintercept.com/2017/11/29/supreme-court-cellphone-location-tracking-privacy/ https://www.theverge.com/2017/11/29/16715562/supreme-court-privacy-laws-carpenter-v-united-stateshttps://en.wikipedia.org/wiki/Carpenter_v._United_States   Youtube Thumbnail credit:https://c1.staticflickr.com/9/8638/16101591183_649c703078_b.jpg

ISPs are getting worked up about state net neutrality rules, Tor browser had a bug, but Onion services are getting updated! And the big tech companies testify in court. All that coming up now on ThreatWire. https://www.hak5.org/contest https://www.hak5.org/jobs  -------------------------------Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 Help us with Translations! http://www.youtube.com/timedtext_cs_panel? tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ ------------------------------ http://www.zdnet.com/article/what-we-learned-facebook-twitter-google-testified-senate-in-russia-probe/https://www.documentcloud.org/documents/4164794-Facebook-testimony-to-Senate-Judiciary-Committee.htmlhttps://www.documentcloud.org/documents/4164788-Twitter-testimony-to-Senate-Judiciary-Committee.htmlhttp://www.businessinsider.com/one-sentence-from-the-senates-social-media-hearing-should-terrify-google-facebook-and-twitter-2017-10http://www.businessinsider.com/russia-tech-hearings-2017-11https://www.cnet.com/news/facebook-twitter-google-aim-to-dodge-regulators-by-regulating-themselves-zuckerberg/https://www.cnet.com/news/russian-backed-election-content-reached-126m-on-facebook/https://www.cnet.com/videos/social-media-giants-testify-before-tech-hearings/ https://arstechnica.com/information-technology/2017/11/critical-tor-flaw-leaks-users-real-ip-address-update-now/https://www.wearesegment.com/news/the-tormoil-bug-torbrowser-critical-security-vulnerability/https://blog.torproject.org/tor-browser-709-releasedhttps://blog.torproject.org/tor-browser-75a7-releasedhttps://threatpost.com/tor-browser-users-urged-to-patch-critical-tormoil-vulnerability/128769/https://thehackernews.com/2017/11/tor-onion-service.htmlhttps://blog.torproject.org/tors-fall-harvest-next-generation-onion-serviceshttps://blog.torproject.org/tor-0321-alpha-released-support-next-gen-onion-services-and-kist-scheduler https://arstechnica.com/tech-policy/2017/11/comcast-asks-the-fcc-to-prohibit-states-from-enforcing-net-neutrality/https://arstechnica.com/tech-policy/2014/01/net-neutrality-is-half-dead-court-strikes-down-fccs-anti-blocking-rules/https://ecfsapi.fcc.gov/file/1102951806926/Comcast%20OI%20ex%20parte%2011-1-17.pdfhttps://www.cadc.uscourts.gov/internet/opinions.nsf/3AF8B4D938CDEEA685257C6000532062/$file/11-1355-1474943.pdfhttps://motherboard.vice.com/en_us/article/7x4wmy/verizon-fcc-state-privacy-laws-letterhttps://ecfsapi.fcc.gov/file/1025134031053/2017%2010%2025%20Verizon%20FCC%20Preemption%20White%20Paper%2017-108.pdfhttps://arstechnica.com/tech-policy/2017/11/comcast-has-a-lot-to-lose-if-municipal-broadband-takes-off/ Youtube Thumbnail credit:https://i.vimeocdn.com/video/641313984_1280x720.jpg

Bad Rabbit Ransomware Spreads, Sensitive Airport Docs about the Queen were Found on USB Drive, and Google plans to remove HTTP public key pinning. All that coming up now on ThreatWire. https://www.hak5.org/contest  -------------------------------Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org  Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ ------------------------------ https://msdn.microsoft.com/en-us/library/aa826517(v=vs.85).aspx http://blog.talosintelligence.com/2017/10/bad-rabbit.html?m=1#more http://www.zdnet.com/article/bad-rabbit-ransomware-spread-using-leaked-nsa-eternalromance-exploit-researchers-confirm/ https://arstechnica.com/information-technology/2017/10/bad-rabbit-used-nsa-eternalromance-exploit-to-spread-researchers-say/ https://thehackernews.com/2017/10/bad-rabbit-ransomware.html https://threatpost.com/badrabbit-ransomware-attacks-hitting-russia-ukraine/128593/  http://www.mirror.co.uk/news/uk-news/terror-threat-heathrow-airport-security-11428132 https://arstechnica.com/information-technology/2017/10/man-finds-usb-stick-with-heathrow-security-plans-queens-travel-details/ https://www.cnet.com/news/usb-stick-detailing-heathrow-airport-security-found-in-london-street/  https://threatpost.com/google-to-ditch-public-key-pinning-in-chrome/128679/ http://www.zdnet.com/article/google-chrome-is-backing-away-from-public-key-pinning-and-heres-why/ https://tools.ietf.org/html/rfc7469 https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/he9tr7p3rZ8/eNMwKPmUBAAJ  Youtube Thumbnail credit:https://upload.wikimedia.org/wikipedia/commons/a/a5/European_Rabbit%2C_Lake_District%2C_UK_-_August_2011.jpg

Google announces all sorts of security updates, a few updates on the KRACK attack, and a new IoT botnet has already infected millions. All that coming up now on ThreatWire. Today on ThreatWire. https://www.youtube.com/tekthing  -------------------------------Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ ------------------------------ https://thehackernews.com/2017/10/google-advanced-protection.htmlhttps://www.blog.google/topics/safety-security/googles-strongest-security-those-who-need-it-most/https://landing.google.com/advancedprotection/https://www.blog.google/products/chrome/cleaner-safer-web-chrome-cleanup/https://motherboard.vice.com/en_us/article/kz74ym/google-gmail-advanced-protection-security-keys-yubikeyhttps://www.bleepingcomputer.com/news/google/google-testing-android-feature-to-hide-dns-requests/Dessymatrixhttps://tools.ietf.org/html/rfc7858https://www.xda-developers.com/android-dns-over-tls-website-privacy/ https://www.krackattacks.com/https://www.cnet.com/news/krack-wi-fi-attack-patch-how-microsoft-apple-google-responding/https://www.cnet.com/how-to/krack-affects-everyone-heres-what-to-do-now/https://krebsonsecurity.com/2017/10/what-you-should-know-about-the-krack-wifi-security-weakness/ https://www.wired.com/story/reaper-iot-botnet-infected-million-networks/https://thehackernews.com/2017/10/iot-botnet-malware-attack.htmlhttp://blog.netlab.360.com/iot_reaper-a-rappid-spreading-new-iot-botnet-en/https://research.checkpoint.com/new-iot-botnet-storm-coming/ Youtube Thumbnail credit:https://c1.staticflickr.com/9/8487/8250657417_d7f14a62c4_b.jpg  

Krack is bad for WiFi, Equifax loses their IRS contract, and an RSA crypto key is vulnerable to being reverse engineered. Today on ThreatWire. -------------------------------Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ ------------------------------ https://www.krackattacks.com/ https://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD+Reference=228519&SearchOrder=4 https://github.com/kristate/krackinfo https://www.wired.com/story/krack-wi-fi-wpa2-vulnerability/ https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/ http://www.zdnet.com/article/here-is-every-patch-for-krack-wi-fi-attack-available-right-now/  https://www.theverge.com/2017/10/16/16481818/wi-fi-attack-response-security-patches  https://threatpost.com/equifax-takes-down-compromised-page-redirecting-to-adware-download/128406/ https://krebsonsecurity.com/2017/10/equifax-credit-assistance-site-served-spyware/ https://www.cnet.com/news/equifax-website-ads-served-adware-malware-expert-finds/ https://randy-abrams.blogspot.com/2017/10/new-equifax-website-compromise.html https://www.cnet.com/news/irs-reportedly-suspends-7-2-million-equifax-contract/ https://arstechnica.com/tech-policy/2017/10/after-second-bungle-irs-suspends-equifaxs-taxpayer-identity-contract/  https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/ https://en.wikipedia.org/wiki/Coppersmith%27s_attack 

The Yahoo breach was a lot worse than we thought, the Equifax ex-CEO sheds light on some questions, disqus was hacked, and Kaspersky is stuck in the middle of debates. All that coming up now on ThreatWire. Hak5 Product Launch Event! October 20th: https://www.hak5.org/rsvp  -------------------------------Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ ------------------------------ https://motherboard.vice.com/en_us/article/8x8b4x/whoops-yahoo-says-2013-hack-actually-hit-3-billion-users https://www.oath.com/press/yahoo-provides-notice-to-additional-users-affected-by-previously/  https://threatpost.com/2013-yahoo-breach-affected-all-3-billion-accounts/128259/ https://krebsonsecurity.com/2017/10/fear-not-you-too-are-a-cybercrime-victim/ https://www.cnet.com/how-to/find-out-if-your-yahoo-account-was-hacked/ https://www.cnet.com/news/yahoo-announces-all-3-billion-accounts-hit-in-2013-breach/ https://www.cnet.com/how-to/how-to-delete-your-yahoo-account/ https://arstechnica.com/information-technology/2017/10/yahoo-says-all-3-billion-accounts-were-compromised-in-2013-hack/ https://www.wired.com/story/yahoo-breach-three-billion-accounts/ https://thehackernews.com/2017/10/yahoo-email-hacked.html  https://thehackernews.com/2017/10/kaspersky-nsa-spying.html https://www.wired.com/story/nsa-contractors-hacking-tools/ https://arstechnica.com/information-technology/2017/10/the-cases-for-and-against-claims-kaspersky-helped-steal-secret-nsa-secrets/ https://www.cnet.com/news/russian-hackers-reportedly-stole-nsa-cyber-secrets-in-2015/ 

Ccleaner malware targeted big companies, Equifax falls for phishing techniques, a car tracking service leaks data, and IR light on security cameras could spill confidential information. All that coming up now on ThreatWire. -------------------------------Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ ------------------------------ http://www.securityweek.com/ccleaner-infection-database-erased https://motherboard.vice.com/en_us/article/7xkxba/researchers-link-ccleaner-hack-to-cyberespionage-group https://www.cnet.com/news/ccleaner-microsoft-google-samsung-intel-sony/ https://arstechnica.com/information-technology/2017/09/ccleaner-malware-outbreak-is-much-worse-than-it-first-appeared/ https://www.wired.com/story/ccleaner-malware-targeted-tech-firms/ https://thehackernews.com/2017/09/ccleaner-malware-hacking.html https://blog.avast.com/progress-on-ccleaner-investigation http://blog.talosintelligence.com/2017/09/ccleaner-c2-concern.html https://blog.avast.com/avast-threat-labs-analysis-of-ccleaner-incident https://arstechnica.com/information-technology/2017/09/ccleaner-backdoor-infecting-millions-delivered-mystery-payload-to-40-pcs/ https://blog.avast.com/additional-information-regarding-the-recent-ccleaner-apt-security-incident  https://arstechnica.com/information-technology/2017/09/massive-equifax-hack-reportedly-started-4-months-before-it-was-detected/ https://arstechnica.com/information-technology/2017/09/equifax-directs-breach-victims-to-fake-notification-site/ https://www.cnet.com/news/equifax-twitter-fake-support-site-breach-victims/ 

CCleaner was infected with malware, Equifax is not having a good month, and BlueBorne Attacks Bluetooth devices - billions of them. All that coming up now on ThreatWire. -------------------------------Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ ------------------------------ https://thehackernews.com/2017/09/ccleaner-hacked-malware.html https://www.piriform.com/news/blog/2017/9/18/security-notification-for-ccleaner-v5336162-and-ccleaner-cloud-v1073191-for-32-bit-windows-users http://blog.talosintelligence.com/2017/09/avast-distributes-malware.html https://arstechnica.com/information-technology/2017/09/backdoor-malware-planted-in-legitimate-software-updates-to-ccleaner/ https://www.forbes.com/sites/thomasbrewster/2017/09/18/ccleaner-cybersecurity-app-infected-with-backdoor/#5eae9585316a http://www.businessinsider.com/avast-piriform-ccleaner-hijacked-trojan-malware-2017-9 https://motherboard.vice.com/en_us/article/a3kgpa/ccleaner-backdoor-malware-hack https://www.bleachbit.org/  https://thehackernews.com/2017/09/apache-struts-flaws-cisco.html https://threatpost.com/equifax-confirms-march-struts-vulnerability-behind-breach/127975/ https://thehackernews.com/2017/09/equifax-apache-struts.html https://www.equifaxsecurity2017.com/ https://arstechnica.com/information-technology/2017/09/massive-equifax-breach-caused-by-failure-to-patch-two-month-old-bug/ https://arstechnica.com/information-technology/2017/09/equifax-hackers-stole-data-for-200k-credit-cards-from-transaction-history/ 

Everything you need to know so far on Equifax getting hacked, an Android Toast Notification Vulnerability affects almost all android phones, and that linux shell built into windows 10 could hide malware. All that coming up now on ThreatWire. -------------------------------Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ ------------------------------ https://arstechnica.com/information-technology/2017/09/equifax-website-hack-exposes-data-for-143-million-us-consumers/ https://www.equifaxsecurity2017.com/ https://www.equifaxsecurity2017.com/potential-impact/ https://www.bloomberg.com/news/articles/2017-09-07/three-equifax-executives-sold-stock-before-revealing-cyber-hack https://yro.slashdot.org/story/17/09/10/0128214/techcrunch-equifax-hack-checking-web-site-is-returning-random-results http://www.zdnet.com/article/we-tested-equifax-data-breach-checker-it-is-basically-useless/ https://arstechnica.com/information-technology/2017/09/equifax-moves-to-fix-weak-pins-for-security-freeze-on-consumer-credit-reports/ https://www.tekthing.com/blog/2015/6/19/5-hot-games-from-e3-970-sli-vs-980ti-get-yourself-a-credit-lock-peppermint-os-lastpass-hacked?rq=freeze%20credit  10:52 inhttps://www.consumer.ftc.gov/articles/0275-place-fraud-alert https://www.identitytheft.gov/Assistant# https://krebsonsecurity.com/2017/09/equifax-breach-response-turns-dumpster-fire/ https://motherboard.vice.com/en_us/article/ywwakw/the-self-proclaimed-equifax-hackers-are-likely-nothing-more-than-amateur-scammers https://www.bloomberg.com/news/articles/2017-09-08/equifax-sued-over-massive-hack-in-multibillion-dollar-lawsuit 

The FCC site could host malware, 6 million instagram accounts had their data leaked, over 700 million email addresses were exposed by a spambot, and almost half a million pacemakers could be hacked. All that coming up now on ThreatWire. -------------------------------Shop: http://www.hakshop.comSupport: http://www.patreon.com/threatwireSubscribe: http://www.youtube.com/hak5Our Site: http://www.hak5.orgContact Us: http://www.twitter.com/hak5Threat Wire RSS: https://shannonmorse.podbean.com/feed/Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ------------------------------ Links:https://motherboard.vice.com/en_us/article/8xx7q3/people-are-making-the-fcc-host-rick-and-morty-gifshttps://medium.com/contratastic/the-fcc-gov-website-lets-you-upload-documents-and-host-them-there-bdcd5c1a5b8bhttps://twitter.com/h3apspray/status/903044975813771264https://arstechnica.com/information-technology/2017/08/fccs-public-comment-api-lets-you-post-just-about-anything-to-gov-website/ https://thehackernews.com/2017/09/instagram-hack-doxagram.htmlhttps://thehackernews.com/2017/08/instagram-breach.htmlhttps://arstechnica.com/information-technology/2017/09/site-sells-instagram-users-phone-and-e-mail-details-10-a-search/https://www.cnet.com/news/instagram-flaw-celebrities-contact-information-for-sale-darknet/ https://thehackernews.com/2017/08/pacemakers-hacking.htmlhttps://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm573669.htmhttps://thehackernews.com/2017/06/pacemaker-vulnerability.htmlhttps://www.reuters.com/article/medtronic-security/medtronic-insulin-pumps-vulnerable-to-hackers-idUSN1E77O1VJ20110826https://arstechnica.com/information-technology/2017/08/465k-patients-need-a-firmware-update-to-prevent-serious-pacemaker-hacks/https://arstechnica.com/information-technology/2016/08/trading-in-stock-of-medical-device-paused-after-hackers-team-with-short-seller/http://www.healthcareitnews.com/news/fda-patients-st-jude-pacemakers-update-needed-keep-hackers-out-deviceshttps://motherboard.vice.com/en_us/article/nee5bw/465000-patients-need-software-updates-for-their-hackable-pacemakers-fda-sayshttps://www.cnet.com/news/fda-nearly-a-half-million-pacemakers-could-get-hacked/ https://www.troyhunt.com/inside-the-massive-711-million-record-onliner-spambot-dump/https://thehackernews.com/2017/08/spambot-email-addresses.htmlhttp://www.zdnet.com/article/onliner-spambot-largest-ever-malware-campaign-millions/https://benkowlab.blogspot.in/2017/08/from-onliner-spambot-to-millions-of.html Youtube Thumbnail credit:https://upload.wikimedia.org/wikipedia/commons/thumb/8/82/St_Jude_Medical_pacemaker_in_hand.jpg/1280px-St_Jude_Medical_pacemaker_in_hand.jpg

Sarahah was Caught Uploading Contacts, ROPEMAKER Changes Emails Post-Delivery, default credentials are still impacting IoT devices, and a New Crowdfunding Campaign for MalwareTech is now up and running. All that coming up now on ThreatWire. ------------------------------- Shop: http://www.hakshop.com  Support: http://www.patreon.com/threatwire  Subscribe: http://www.youtube.com/hak5  Our Site: http://www.hak5.org  Contact Us: http://www.twitter.com/hak5  Threat Wire RSS: https://shannonmorse.podbean.com/feed/  Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999  Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ  ------------------------------ Links: https://threatpost.com/anonymous-messaging-app-sarahah-to-halt-collection-of-user-data-with-next-update/127668/  https://thehackernews.com/2017/08/sarahah-privacy.html  https://theintercept.com/2017/08/27/hit-app-sarahah-quietly-uploads-your-address-book/  https://vimeo.com/223686149  https://twitter.com/ZainAlabdin878/status/901812205741629444  https://www.theregister.co.uk/2017/08/28/crowdfunding_for_hutchins_legal_fees/?mt=1503964117577  https://www.theregister.co.uk/2017/08/23/ropemaker_exploit/  https://threatpost.com/ropemaker-exploit-allows-for-changing-of-email-post-delivery/127600/  https://www.mimecast.com/globalassets/documents/whitepapers/wp_the_ropemaker_email_exploit.pdf  https://arstechnica.com/information-technology/2017/08/leak-of-1700-valid-passwords-could-make-the-iot-mess-much-worse/  https://twitter.com/ankit_anubhav/status/900803406914347008  https://twitter.com/0xDUDE/status/901062772238274561  http://www.securityweek.com/thousands-iot-devices-impacted-published-credentials-list  https://threatpost.com/race-is-on-to-notify-owners-after-public-list-of-iot-device-credentials-published/127661/  https://arstechnica.com/tech-policy/2017/08/malwaretechs-legal-defense-fund-bombarded-with-fraudul