VMware recently released a patch on November 12th for CVE-2019-5540, an identified vulnerability within vmnetdhcp. When first reading this, I didn’t think much of it considering the “dhcp” inclusion. However, when reading the summary of the vulnerability on VMware’s website, my opinion of this changed and I thought it’d be important to briefly discuss this further. Per … [Read more...]
Hackers Lose Rights – WSWiR Episode 82
PHP.Net Hijack, Rooted ReadyNAS, and Harassed "Hacker" This week you get two Infosec videos for the price of one! Of course, free plus free is still... well, free. Last week, I had a busy travel schedule in the Middle East and Holland, and I did not find the time to produce my weekly security news summary on Friday. And yet, there was still plenty of security news to cover, so … [Read more...]
WatchGuard Security Week in Review: Episode 43 – Tumblr Worm
Tumblr Worm, Spoofed Tweets, and Madcap McAfee Wow. I knew information security news was picking up over the past few years, but lately it seems like our own little industry reality show; complete with mysterious murders, border-crossing heists, and random heart attacks (not to mention, colorful personalities). This week's security news episode covers updates on the John … [Read more...]
WatchGuard Security Week in Review: Episode 42 – Vulnerability Markets
Vuln Market 0day, Printer Backdoors, and Downed Internet We're back from hiatus. After a two week break, our weekly security news podcast has returned. This week's episode covers interesting new malware that leverages new command & control channels or targets specific victims, lots of zero day exploits being sold on vulnerability markets, a security industry murder … [Read more...]
WatchGuard Security Week in Review: Episode 41 – Coke Cracked
Coca-Cola Cracked, Fawkes Day Fail, and Lots of Updates This week's security news round-up includes a story about an old Coca-Cola network breach, the results of Anonymous' Fawkes Day fiasco, a little Twitter password hiccup, and lots of software security updates. If you have a little extra time on Fridays to catch up on the latest information security news, watch the video … [Read more...]