• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Baseball Hacks and Mobile Threats – WSWiR Episode 157

June 22, 2015 By Corey Nachreiner

Do you want to know about the latest security threats, but find yourself too busy solving business critical IT problems to keep up to date? Well maybe our videos can help. This weekly video summarizes the most interesting InfoSec news from the week. Or if you prefer, you can catch the shorter dailies.

Last Friday’s episode covered a cracked cloud password vault, an unusual baseball franchise data breach, and a couple threats affecting the most popular mobile platforms. Press play in the window below to learn more.

(Episode Runtime: 9:19)

Direct YouTube Link: https://www.youtube.com/watch?v=n1fnylUcBzk

EPISODE REFERENCES:

  • Monday:LastPass Hacked – Daily Security Byte EP.98
    • LastPass, the password vault vendor, had a network breach – The Guardian
    • LastPass’s official announcement on the network breach – LastPass
  • Thursday: Baseball Cyber Espionage – Daily Security Byte EP.99
    • Original article about the Astros data breach – NY Times
    • How the baseball attack is similar to nation state attacks – The Washington Post
    • Baseball gets a rude awakening to the age of cyber espionage – Five Thirty Eight
  • Friday:Two Mobile Platform Threats – Daily Security Byte EP.100
    • Researcher disclose vulnerabilities to steal iOS and OS X passwords – MacRumors
    • XARA password stealing flaws – ThreatPost
    • What you need to know about XARA – iMore
    • A detailed, layman friendly, description of the XARA flaws – iMore
    • The complete XARA research paper (very technical) [PDF] – Google Drive
    • 600M Samsung mobiles vulnerable to new vulnerability – BGR
    • Samsung promises to fix the flaw – Samsung Tomorrow
    • Many Android apps fail at HTTPS login – Ars Technica

EXTRAS:

  • OPM breach allegedly tied to Chinese intelligence – Reuters
  • Sites not moving to HTTPS have no excuse – ZDNet
  • Reddit defaults to HTTPS – SC Magazine
  • A 2015 botnet research report [PDF] – Level 3
  • Duqu 2.0 allegedly uses a stolen signature from Foxconn – Ars Technica
  • Interesting documentary on Romania’s Hackerville – Motherboard
  • Drupal fixes critical OpenID vulnerabilities – The Register
  • Anonymous DDoSes Canadian government web sites – NBC
  • The Sunday Times claims Snowden leaks docs to Russia: Others disagree – Ars Technica
  • Stegoloader hides malicious communications in images – IT Pro Portal

— Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Uncategorized Tagged With: Apple, cyber attack, Cyber Espionage, FBI, Google, hacker, Houston Astros, HTTPS, Infosec news, keychain, lastpass, login, Mobile, Password Vault, passwords, Samsung, Security breach, Software vulnerabilities, St. Louis Cardinals, SwiftKey, XARA, Zero day exploit

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • The Qakbot Takedown
  • iPhone’s Latest 0-Day
  • Meta’ One Good Deed

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Meta’ One Good Deed
  • iPhone’s Latest 0-Day
  • The Qakbot Takedown
  • Weaponizing WinRAR
  • U.S. Cyber Trust Mark
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use