The popular TV show, Mr. Robot gets hacking so right. Unfortunately, the folks that made the show's web site haven't gotten the message. In this video, I share the ironic story of this web vulnerability, and talk about how you can protect your site from cross-site scripting (XSS) flaws. (Episode Runtime: 2:39) Direct YouTube … [Read more...]
0Day WordPress XSS – Daily Security Byte EP.71
A really, really long comment could allow an attacker to hijack your WordPress blog. Watch today's quick video to learn about the zero day XSS flaw reported by a Finnish security researcher, and what you can do about it. (Episode Runtime: 1:48) Direct YouTube Link: https://www.youtube.com/watch?v=H2XR2tnm0yQ EPISODE REFERENCES: Researchers blog post on 0day WordPress XSS - … [Read more...]
SSL FREAK Out – WSWiR Episode 142
Did you catch all the important information security news this week? Do you know what you might learn from it? If not, watch our weekly security recap video to catch up. Today's episode covers yet another SSL vulnerability, explores a new Android worm, and mentions a controversy around Turbo Tax-related fraud. Watch the video for the details and check out the Reference section … [Read more...]
Snowden, PowerOffHijack, and Router Phishing – WSWiR Episode 141
From nation state espionage, to Internet rights, to router hijacking emails, each week is packed full on information security (infosec) news. Even if you don't have time to follow it in depth, you can't afford to miss the latest intelligence. Let our weekly summary video fill you in. Today, we cover Snowden's public interview on Reddit, a dangerous sounding Android threat … [Read more...]
Phishing Pops Routers – Daily Security Byte EP.33
Can a simple link in a phishing email allow hackers to pwn hundreds of consumer routers in an automated attack. Find out why some Brazilian organizations know the answer to that question in today's Daily Byte video. (Episode Runtime: 1:47) Direct YouTube Link: https://www.youtube.com/watch?v=9hdrE93lID8 EPISODE REFERENCES: Spam campaign targets routers of specific carrier … [Read more...]