エピソード
-
A daily look at the relevant information security news from overnight.
Episode 225 - 31 December 2019
Not so Special - https://www.bleepingcomputer.com/news/security/special-olympics-new-york-hacked-to-send-phishing-emails/
Heritage ransomed - https://www.scmagazine.com/home/security-news/ransomware/ransomware-shuts-down-the-heritage-company/
Chrome SQL patch - https://threatpost.com/google-chrome-affected-by-magellan-2-0-flaws/151446/
Blue Bear breach - https://www.scmagazine.com/home/security-news/data-breach/school-software-vendor-active-network-suffers-data-breach/
Microsoft hits Thallium - https://www.zdnet.com/article/microsoft-takes-down-50-domains-operated-by-north-korean-hackers/ -
A daily look at the relevant information security news from overnight.
Episode 224 - 30 December 2019
FIN7 BIOLOAD - https://www.bleepingcomputer.com/news/security/fin7-hackers-bioload-malware-drops-fresher-carbanak-backdoor/
Not so Wyze - https://www.zdnet.com/article/iot-vendor-wyze-confirms-server-leak/
Moss Adams mess - https://www.scmagazine.com/home/security-news/data-breach/names-social-security-numbers-exposed-in-moss-adams-breach/
Ryuk hits port - https://www.bleepingcomputer.com/news/security/us-coast-guard-says-ryuk-ransomware-took-down-maritime-facility/
Making a Ruckus - https://techcrunch.com/2019/12/28/ruckus-wireless-routers-flaws/ -
エピソードを見逃しましたか?
-
A daily look at the relevant information security news from overnight.
Episode 222 - 23 December 2019
Huge citrix risk - https://www.technadu.com/citrix-vulnerability-80000-companies-around-the-world-at-risk/88242/
Greta gangsters - https://threatpost.com/greta-thunberg-emotet-person-of-the-year/151351/
Mozi on in - https://www.bleepingcomputer.com/news/security/new-mozi-p2p-botnet-takes-over-netgear-d-link-huawei-routers/
Twitter tweak - https://www.zdnet.com/article/twitter-to-android-users-weve-just-patched-this-nasty-bug-so-update-your-app-asap/
ToTok is terrible - https://www.technadu.com/apple-google-remove-totok-spying-allegations/88179/ -
A daily look at the relevant information security news from overnight.
Episode 222 - 23 December 2019
Wawa whacked - https://www.scmagazine.com/home/security-news/data-breach/wawa-pos-system-compromised-for-10-months-cybersecurity-pros-weigh-in/
Facebook user cache - https://threatpost.com/267m-facebook-phone-numbers-exposed-online/151327/
Android malvertisers - https://www.cyberscoop.com/play-store-adware-white-ops/
Olympic phishing - https://www.bleepingcomputer.com/news/security/tokyo-2020-staff-warns-of-phishing-disguised-as-official-emails/
Ring roster - https://www.zdnet.com/article/hackers-keep-dumping-ring-credentials-online-for-the-giggles/ -
A daily look at the relevant information security news from overnight.
Episode 221 - 20 December 2019
Hornet’s nest stings - https://www.zdnet.com/article/this-grab-bag-hacking-attack-drops-six-different-types-of-malware-in-one-go/
Connect(un)Wise - https://www.bleepingcomputer.com/news/security/screenconnect-msp-software-used-to-install-zeppelin-ransomware/
Honda exposure - https://www.technadu.com/honda-exposes-976-million-records-containing-pii-vehicle-owners/87906/
DLL hijack fixed - https://www.bleepingcomputer.com/news/software/adwcleaner-801-fixes-dll-hijacking-vulnerability/
Emotet hits Germany - https://www.zdnet.com/article/frankfurt-shuts-down-it-network-following-emotet-infection/ -
A daily look at the relevant information security news from overnight.
Episode 220 - 19 December 2019
Another blackmail ransom - https://www.zdnet.com/article/another-ransomware-strain-is-now-stealing-data-before-encrypting-it/
Data lost and found - https://www.androidpolice.com/2019/12/17/google-fixes-chrome-bug-that-broke-local-storage-for-some-web-and-android-apps-no-data-is-lost/
Dumb smart tracker - https://techcrunch.com/2019/12/18/cloud-flaws-millions-child-watch-trackers/
More cities ransomed - https://www.scmagazine.com/home/security-news/ransomware/galt-st-lucie-police-hit-with-ransomware/
Beware free wifi - https://www.zdnet.com/article/fbi-warns-against-using-free-wifi-networks-while-traveling/ -
A daily look at the relevant information security news from overnight.
Episode 219 - 18 December 2019
Botnet gains Momentum - https://www.scmagazine.com/home/security-news/malware/momentum-botnet-spotted-in-the-wild/
Lazarus Dacls trojan - https://www.zdnet.com/article/lazarus-pivots-to-linux-attacks-through-dacls-trojan/
Intel RST patch - https://www.bleepingcomputer.com/news/security/update-intels-rapid-storage-app-to-fix-bug-letting-malware-evade-av/
ACER, ASUS oops - https://www.securityweek.com/privilege-escalation-flaws-found-preinstalled-acer-asus-software
Dudell Asian attack - https://www.bleepingcomputer.com/news/security/chinese-rancor-apt-refreshes-malware-kit-for-espionage-attacks/ -
A daily look at the relevant information security news from overnight.
Episode 218 - 17 December 2019
TP-Link Archer flaw - https://www.bleepingcomputer.com/news/security/tp-link-router-bug-lets-attackers-login-without-passwords/
Firefox forces 2FA - https://www.zdnet.com/article/mozilla-to-force-all-add-on-devs-to-use-2fa-to-prevent-supply-chain-attacks/
Conor leaks - https://www.zdnet.com/article/south-african-it-firm-conor-behind-the-leak-of-1-million-web-browsing-records/
LightInTheBox loses data - https://www.scmagazine.com/home/security-news/data-breach/1-6-billion-lightinthebox-customer-records-left-exposed/
Ugly sweater Emotet - https://www.bleepingcomputer.com/news/security/emotet-trojan-is-inviting-you-to-a-malicious-christmas-party/ -
A daily look at the relevant information security news from overnight.
Episode 217 - 16 December 2019
WordPress vulnerability - https://threatpost.com/critical-bug-in-wordpress-plugins-open-sites-to-hacker-takeovers/151123/
Visa warning - https://www.scmagazine.com/home/retail/visa-warns-against-new-pos-attacks-fin8-fingered-as-the-culprit/
Rooster Teeth breached - https://www.bleepingcomputer.com/news/security/attackers-steal-credit-cards-in-rooster-teeth-data-breach/
Facebook leak - https://www.theregister.co.uk/2019/12/13/facebook_data_loss/
New Orleans ransom - https://www.zdnet.com/article/new-orleans-hit-by-ransomware-city-employees-told-to-turn-off-computers/ -
A daily look at the relevant information security news from overnight.
Episode 216 - 13 December 2019
EchoBot widens attack - https://www.bleepingcomputer.com/news/security/new-echobot-variant-exploits-77-remote-code-execution-flaws/
Process hollowing trick - https://www.zdnet.com/article/monero-miners-can-lurk-undetected-through-new-process-hollowing-technique/
Siemens power plant bugs - https://threatpost.com/critical-remote-code-execution-global-power-plants/151087/
Smishing smasher - https://www.zdnet.com/article/google-rolls-out-verified-sms-and-spam-protection-in-android/
Ransom / blackmail - https://www.bleepingcomputer.com/news/security/another-ransomware-will-now-publish-victims-data-if-not-paid/ -
A daily look at the relevant information security news from overnight.
Episode 215 - 12 December 2019
Zeppelin attack - https://www.zdnet.com/article/this-new-ransomware-is-targeting-health-and-tech-companies-across-europe-and-north-america/
iKrampus - https://threatpost.com/krampus-3pc-malware-iphone-users/151043/
Lazarus rents TrickBot - https://www.zdnet.com/article/trickbot-gang-is-now-a-malware-supplier-for-north-korean-hackers/
Turkey card sale - https://www.bleepingcomputer.com/news/security/batch-of-460-000-payment-cards-sold-on-black-market-forum/
KeyWe (un)smart lock - https://www.theregister.co.uk/2019/12/11/f_secure_keywe/ -
A daily look at the relevant information security news from overnight.
Episode 214 - 11 December 2019
OAuth phishing - https://www.bleepingcomputer.com/news/security/phishing-attack-hijacks-office-365-accounts-using-oauth-apps/
SGX vs PlunderVolt - https://www.zdnet.com/article/new-plundervolt-attack-impacts-intel-cpus/
Don’t Blink - https://threatpost.com/amazon-blink-smart-camera-flaws/150962/
AirDoS patch - https://techcrunch.com/2019/12/10/ios-airdrop-lock-up-iphones/
WIndows zero-day patch - https://www.zdnet.com/article/microsoft-december-2019-patch-tuesday-plugs-windows-zero-day/
Adobe critical patches - https://threatpost.com/adobe-fixes-critical-acrobat-photoshop-brackets-flaws/150970/ -
A daily look at the relevant information security news from overnight.
Episode 213 - 10 December 2019
Ryuk flaw - https://www.zdnet.com/article/ryuk-ransomware-contains-a-bug-causing-data-loss-for-some-victims/
Snatch trick - https://www.bleepingcomputer.com/news/security/snatch-ransomware-reboots-to-windows-safe-mode-to-bypass-av-tools/
iPR nightmare - https://threatpost.com/ge-dunkin-forever21-internal-doc-leak/150920/
Birth to death exposed - https://techcrunch.com/2019/12/09/birth-certificate-applications-exposed/
Pensacola attack - https://www.scmagazine.com/home/security-news/pensacola-hit-with-cyberattack-hours-after-shooting-at-naval-base/ -
A daily look at the relevant information security news from overnight.
Episode 212 - 09 December 2019
Car makers targeted - https://www.zdnet.com/article/bmw-and-hyundai-hacked-by-vietnamese-hackers-report-claims/
Info stealing VPN - https://www.bleepingcomputer.com/news/security/fake-vpn-site-pushes-cryptbot-and-vidar-info-stealing-trojans/
Facebook sues - https://www.scmagazine.com/home/security-news/legal-security-news/company-sued-for-allegedly-hijacking-facebook-accounts-to-serve-ads/
NVIDIA patches - https://www.bleepingcomputer.com/news/security/nvidia-patches-severe-flaws-in-mercedes-infotainment-system-chips/
MacOS trojan - https://threatpost.com/stealthy-macos-malware-lazarus-apt/150881/ -
A daily look at the relevant information security news from overnight.
Episode 211 - 06 December 2019
VPN hijack - https://www.bleepingcomputer.com/news/security/new-linux-vulnerability-lets-attackers-hijack-vpn-connections/
CyrusOne ransomed - https://www.zdnet.com/article/ransomware-attack-hits-major-us-data-center-provider/
HackerOne pays bounty - https://www.scmagazine.com/home/security-news/vulnerabilities/cookie-leak-allows-white-hat-researcher-to-access-hackerone-vulnerability-reports/
OpenBSD quick patch - https://www.zdnet.com/article/openbsd-patches-severe-authentication-bypass-privilege-escalation-vulnerabilities/
VC BEC SOL - https://www.theregister.co.uk/2019/12/05/vcs_tricked_mitm/ -
A daily look at the relevant information security news from overnight.
Episode 210 - 05 December 2019
Buer a best buy - https://threatpost.com/buer-loader-underground-markets/150807/
Sprint slip - https://techcrunch.com/2019/12/04/sprint-contractor-cell-phone-bills-exposed/
Salesforce skimmers - https://www.bleepingcomputer.com/news/security/salesforce-s-heroku-used-to-host-magecart-skimmers-stolen-cards/
Python pirates - https://www.zdnet.com/article/two-malicious-python-libraries-removed-from-pypi/
Sweaty Betty sweatin’ - https://www.bleepingcomputer.com/news/security/uk-retailer-sweaty-betty-hacked-to-steal-customer-payment-info/ -
A daily look at the relevant information security news from overnight.
Episode 209 - 04 December 2019
MageCart shoots - https://www.scmagazine.com/web-services-security-e-commerce-security/magecart-skimmer-group-guns-for-smith-wessons-black-friday-sales/
No ‘Droid perma-DoS - https://threatpost.com/google-critical-android-permanent-dos-flaw/150764/
Extensions snipped - https://www.bleepingcomputer.com/news/software/avast-and-avg-firefox-extensions-pulled-from-mozilla-addons-site/
Bad chat - https://www.zdnet.com/article/this-new-android-malware-comes-disguised-as-a-chat-app/
FTC fake - https://www.bleepingcomputer.com/news/security/ftc-warns-of-ongoing-scam-spreading-scary-terrorism-allegations/ -
A daily look at the relevant information security news from overnight.
Episode 208 - 03 December 2019
PyXie dusted - https://www.zdnet.com/article/this-trojan-malware-is-being-used-to-steal-passwords-and-spread-ransomware/
Azure (N)OAuth - https://threatpost.com/microsoft-oauth-flaw-azure-takeover/150737/
Cookie monster - https://www.bleepingcomputer.com/news/security/facebook-ads-manager-targeted-by-new-info-stealing-trojan/
TrueDialog insecure - https://threatpost.com/insecure-database-exposes-millions-of-private-sms-messages/150706/
StrandHogg gone wild - https://www.zdnet.com/article/android-new-strandhogg-vulnerability-is-being-exploited-in-the-wild/ -
A daily look at the relevant information security news from overnight.
Episode 207 - 02 December 2019
All Steamed up - https://www.bleepingcomputer.com/news/security/fake-steam-skin-giveaway-site-steals-your-login-credentials/
Mixcloud mess - https://techcrunch.com/2019/11/29/mixcloud-data-breach/
Datrix fast phish - https://www.theregister.co.uk/2019/11/28/datrix_phishing_attack/
Oyster shucked - https://www.zdnet.com/article/got-an-oyster-card-tfl-just-locked-your-account-to-make-you-reset-your-password/
Mongo CStealer - https://www.bleepingcomputer.com/news/security/new-chrome-password-stealer-sends-stolen-data-to-a-mongodb-database/ -
A daily look at the relevant information security news from overnight.
Episode 206 - 29 November 2019
Prosegur crippled - https://www.zdnet.com/article/security-firm-prosegur-weve-shut-our-it-network-after-ryuk-ransomware-attack/
Magento exposed - https://www.infosecurity-magazine.com/news/magento-marketplace-breach-exposes/
imminent Monitor crushed - https://www.bleepingcomputer.com/news/security/law-enforcement-shuts-down-imminent-monitor-malware-makes-arrests/
Dexphot spreads - https://threatpost.com/dexphot-malware-cryptocurrency/150634/
Phishing season - https://www.bleepingcomputer.com/news/security/beware-of-thanksgiving-ecard-emails-distributing-malware/ - もっと表示する
