• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Celeb Selfie Hack – WSWiR Episode 120

September 5, 2014 By Corey Nachreiner

Software Patches, Home Depot Breach, and Celebrity Selfie Hack

If you need a quick source for all your information security (infosec) news, you’ve come to the right place. I summarize the most important infosec news in this weekly video, and provide links to other security stories as well.

Unfortunately, today’s episode includes a pretty creepy hack. The show covers next week’s upcoming software patches, another credit card leak that seems to come from Home Depot, and a gross story about hackers stealing hundreds of celebrities’ most private pictures. Find the details in the video below and see what you can learn from these unfortunate cyber attacks.

As always, check the Reference section if you are interested in other stories that I didn’t cover in the video. Also, I will be traveling the next few weeks, which means I may not be able to post this video as regularly as usual. Expect the video to turn up at irregular times, otherwise I may post a written version of the weekly summary instead. Have a great weekend, and stay safe online!

(Episode Runtime: 13:17)

Direct YouTube Link: https://www.youtube.com/watch?v=-mRjltM-tc0&

Episode References:

  • Software Updates:
    • Latest Firefox update fixes vulns and supports public-key pinning – Threatpost
    • Microsoft pre-announces next week’s Patch Day – Microsoft
    • Adobe to release critical Reader update next Tuesday – Computer World
  • Home Depot suffers major credit card data breach – Krebs on Security
    • All Home Depot stores likely affected – Krebs on Security
  • Celebrity Photo Hacking:
    • iCloud hacked to steal private celebrity pictures – The Telegraph
    • Researcher’s iBrute iCloud brute force tool – GitHub
    • Law enforcement use the same tool as iCloud hackers – The Next Web
    • How to set up Apple’s two factor authentication – Mac World
    • How to bypass Apple two-factor authentication – Gizmodo
    • Dan Kaminsky’s fantastically expressed thoughts on the celeb hacking – Dan Kaminsky Blog
    • Well documented notes on how the hack happened – Nikcub
    • Apple’s latest response to fix problems – Tech Radar

Extras:

  • Latest on the LizardSquad Drama – The Register
  • Mysterious lorem ipsum Google Translate hack? – Krebs on Security
  • What’s the best Mac AV software? – PC Magazine
  • Twitter introduces a bug bounty program for vulnerabilities – Hackerone.com
  • Angler exploit kit now capable of fileless infection – MDNC Blog
  • XSS and CSRF vulnerabilities plague some WordPress plugins – ThreatPost
  • CERT shares which Android apps don’t use SSL correctly – Google Docs
  • Vulnerability disclosures trending up, but Microsoft ones down – Microsoft
  • Akamai warns of Linux iptables infections used for DDoS – Help Net Security
  • Semalt botnet practices Blackhat SEO – Help Net Security
  • Researchers find more problems with WiFi WPS (Don’t use it) – Naked Security
  • Cyber attacks on hospitals are rising – MIT Technology Review
  • 90% of healthcare cloud services are risky – Forbes
  • NATO adopts new cyber defense policy; all for one – Computer Weekly
  • Namecheap hosts says Cybervor is hijacking user accounts – The Register
  • HP research highlights North Korea’s Cyber attack capability [PDF] – HP
  • Hackers use VirusTotal too  – Wired
  • Research paper on hackers using VirusTotal – Google Docs
  • A new piece of Mac malware converted from Windows threat – FireEye
  • Botnet sat on HealthCare.gov server for over a month – PC World

— Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Uncategorized Tagged With: Adobe, breaches, Data Loss, FindMyPhone, firefox, Hacking, Home Depot, iBrute, icloud, Infosec news, Malvertising, Reader, Security breach, Software vulnerabilities, Updates and patches

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • Here Come The Regulations
  • Successfully Prosecuting a Russian Hacker

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use