Are you feeling overwhelmed by your normal IT job, but wish you had time to keep up with information security (infosec)? No worries! Let our weekly security video fill you in. Every Monday, I quickly summarize the biggest network and information security stories from the previous week, so you can keep up with the latest threats.
Today’s episode includes a story about a teenager hacking the CIA Director’s email, a new Fitbit hack, a malicious Chrome lookalike, and lots of patches. Press play to learn more, and check the references for other stories.
(Episode Runtime: 13:27)
Direct YouTube Link: https://www.youtube.com/watch?v=aqb7WIjuv94
EPISODE REFERENCES:
- Monday: CIA Director’s Email Hacked – Daily Security Byte EP. 161
- Teen claims to have hacker CIA Director’s AOL account – New York Post
- CIA Director’s personal email had documents with SSN numbers – Motherboard
- Hacker shares some emails with Wikileaks – Wikileaks
- UPDATE: More details on how the 20yr old did it – Wired
- UPDATE: Brennan’s hacker doesn’t want to go to jail – Motherboard
- Tuesday: Oracle CPU for Oct. 2015 – Daily Security Byte EP. 162
- Wednesday: Malicious Chrome Look-alike – Daily Security Byte EP. 163
- PC Risk’s write up on the potentially malicious eFast browser – PC Risk
- Malware Bytes analysis on eFast’s file and URL associations – Malware Bytes
- Article on evil Chrome-browser look-alike – Network World
- Thursday: Apple’s October Updates – Daily Security Byte EP. 164
- Friday: Overstated Fitbit Hack – Daily Security Byte EP. 165
- The 10 second Fitbit hack – The Register
- Fitbit vulnerability allows trackers to spread malware – Darknet
- The actual Fitbit presentation released on Wednesday [PDF] – Hack.lu
- The Fitbit hack PoC video – YouTube
- The research admits limitation on Twitter – Twitter
- Fitbit denies that malware vector too – NBC
EXTRAS:
- You’re more likely to download something bad if you are multitasking – Phys.org
- Researchers hack and boil over iKettles – The Register
- Facebook will inform users of state sponsored hacking – BigThink
- Chinese attackers allegedly already break cyber pact – CBR Online
- HTTPS everywhere is a bit closer with free trusted certs – Lets Encrypt
- NSA Director’s three cyber security nightmares – Business Insider
- More threats and malware using the Dark Web to hide C&C – Motherboard
- Tim Cook says, “No!” to backdoors in Apple encryption – Ars Technica
- Apple identifies 256 apps collecting private data via ad SDK – Slashgear
- Anonymous DDoSes two Japanese airports for dolphin hunting – SC Magazine
- Sony’s settlement with employees for hack may reach $8M – Reuters
- How to make threat intel work for you – Computer World
- Support scams starting to plague Mac users – Ars Technica
- Flaw in self-encrypting HDs allow attackers to see your data – Network World
- Hackers can “Dox” non-connected people too – NYTimes
- Vulnerability found in a particular 1password feature – Apple Insider
- A few companies join battle against US CISA bill – Information Week
- Attackers DDoS and extort e-retailers in UK – Channel Register
- Avoid fake Apple refund phishing scam – Digital Spy
- Shakespeare can help you with strong passwords – Slate
- Interesting research on us how we fall for cyber scams – Phys
- CISA is advancing in US Senate – Reuters
- Congress’ car hacking bill not going well – Motherboard
- Cyber criminals targeting security researchers – Computing
- LowLevel04: New ransomware spreads via RDP – Bleeping Computer
- Bad David Pogue article about car hacking – Scientific America
- Just for fun: Remember the old Half-Life 2 source code hack – Kotaku
— Corey Nachreiner, CISSP (@SecAdept)
Leave a Reply