• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Plane Hacking & Crypto Logjams – WSWiR Episode 153

May 22, 2015 By Corey Nachreiner

Are you too busy provisioning new servers and reseting your users’ Windows passwords to keep up with information security news? If so, we have a quick solution for you. Learn the most important security issues in under ten minutes with our weekly security review video.

Today’s episode talks about the latest plane hacking drama, a new cryptographic weakness, and a data breach affecting a popular “adult” online dating site. Watch the video for the details, as well as some security tips, and check the references below for more news.

(Episode Runtime: 8:50)

Direct YouTube Link: https://www.youtube.com/watch?v=nN3q6KWYKrc

EPISODE REFERENCES:

  • Monday: Plane Hacking Hijinks – Daily Security Byte EP.85
    • Latest details about FBI’s investigation into RSA plane hacker – Techdirt
    • Opinion piece on Robert’s Plane pen-testing – Information Week
    • Eccentric John McAfee supports Roberts – Motherboard
    • Roberts claims of controlling the plane may be overstated – Bloomberg
  • Tuesday: Missed due to travel
  • Wednesday: Missed due to travel
  • Thursday: Cryptography Logjam – Daily Security Byte EP.86
    • Primary Logjam FAQ page – WeakDH.org
    • Academic Logjam vulnerability whitepaper [PDF] – WeakDH.org
    • Logjam proof-of-concept examples – WeakDH.org
    • Logjam mitigation strategies – WeakDH.org
    • Media article covering the Logjam vulnerabilities – Ars Technica
  • Friday: Adult Friend Pwner – Daily Security Byte EP.87
    • Post by researcher who discovered stolen Adult Friend Finder data – TekSecurity Blog
    • Media article on the Adult Friend Finder data breach – Ars Technica
    • Friend Finder Network confirms they have heard about the potential leak – FFN

EXTRAS:

  • Malvertising (malicious ads) more than doubled last year – PC Advisor
  • Safari flaw could help phishers – Ars Technica
  • Oracle’s response to the VENOM vulnerability – V3.co.uk
  • Another big healthcare related data breach – Time
  • High school student DDoSes his school – Slashgear
  • Ransomware increasing on Android devices – SC Magazine
  • Domain registrar suffers from sophisticated DNS attack – GeekWire
  • Create fake password vaults to protect your real one – Network World
  • Alleged Russian hacker fired his lawyer before trial – Seattle Times
  • Hacker hold Darknet market for Ransom – Motherboard
  • Researchers find flaws in Google App Engine – Ars Technica
  • Technical post on how researcher exploited MS15-011 – Core Security
  • Ebay fixed a flaw that could help phishers – Threatpost
  • NSA tried to hack Google and Samsung’s app stores – V3.co.uk
  • Don’t want government backdoors? Write the President – Security Search
  • Teen plead guilty to swatting female gamer – Business Insider
  • Researcher uses Starbuck hack to buy a chicken sandwich – The Register
  • NetUSB vulnerability affects many routers – Sec-Consult
  • iWatch update fixes security flaws – Business Insider

— Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Uncategorized Tagged With: Diffie-Hellman, Hacking, Infosec news, LogJam, man-in-the-middle attack, MitM, online dating, password leak, Plane Hacking, RSA, Security breach, Software vulnerabilities, United

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • 3CX Supply Chain Attack
  • Here Come The Regulations

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • 3CX Supply Chain Attack
  • The NSA’s Guidance on Securing Authentication
  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use