Archive by Author

Yosemite 0day – Daily Security Byte EP.130

It’s pretty impressive to know an 18 year old Italian teenager is already finding vulnerabilities in OS X. However, I hope he learns to disclose them responsibly, and starts informing vendors first. This week, news surfaced of a zero day privileges escalation flaw in the latest version of OS X Yosemite. Click play below to learn all about it.

(Episode Runtime: 1:30)

Direct YouTube Link: https://www.youtube.com/watch?v=6WmdmY9kHks

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Ashley Madison Hemorrhaging Data – Daily Security Byte EP.129

As if yesterday’s Ashley Madison data dump wasn’t bad enough, the attackers have released new stolen data. Learn what new information is at stake, and what you can do to protect your data in today’s video.

(Episode Runtime: 1:39)

Direct YouTube Link: https://www.youtube.com/watch?v=4Yk7OOST1ag

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

IE 0day & AM Hack Update – Daily Security Byte EP.128

I missed yesterday’s daily video due to an offsite meeting, so today’s episode contains two important stories; an emergency update to fix a zero day vulnerability in Internet Explorer (IE) and the latest update to the Ashley Madison breach. If you run a Microsoft network, or you know anyone that had an account on Ashley Madison, you’ll want to watch the video below to learn what you can do to protect yourself from attackers.

(Episode Runtime: 2:18)

Direct YouTube Link: https://www.youtube.com/watch?v=w9CI3Fk5NiE

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Global Mobile Hack – Daily Security Byte EP.127

The Australian 60 Minutes unveiled a piece on how attackers can track and intercept the calls from any mobile, as long as they know its number. However, others say the researchers demonstrating this attack had special access to carrier networks. Watch today’s video to learn how real this threat is, and whether or not you can do something about it.

(Episode Runtime: 3:34)

Direct YouTube Link: https://www.youtube.com/watch?v=G63kB987kyg

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Black Hat & DEF CON Aftermath – WSWiR Episode 160

Two weeks ago, the Black Hat and DEF CON conferences unveiled tons of new security research, which means last week was packed with interesting security stories. If you find yourself falling behind on security news, and need a “one stop shop” to keep you up to date, this weekly video does just that.

Last week’s stories included many car hacks, a OS X firmware worm, a big UK breach, tons of patches, and more. If you don’t watch my Daily Bytes, you can catch up all at once with the weekly video below. More importantly, I couldn’t cover many other interesting stories from last week, so if you are interested in those, check out the Reference section below.

(Episode Runtime: 15:10)

Direct YouTube Link: https://www.youtube.com/watch?v=AAIiPp3os1k

EPISODE REFERENCES:

EXTRAS:

— Corey Nachreiner, CISSP (@SecAdept)

Cisco iOS ROMMON hacks – Daily Security Byte EP.126

Cisco is warning its customers that attackers have been overwriting the iOS ROMMON firmware of some of their customers routers, replacing it with a malicious firmware trojan. Watch today’s video to learn more about this attack, and what Cisco says you can do.

(Episode Runtime: 2:09)

Direct YouTube Link: https://www.youtube.com/watch?v=49hPCvBygiE

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Car Hacking Revolution – Daily Security Byte EP.125

Weeks ago, I shared a story about a scary remote car hack researchers were previewing before Black Hat. Not only did those researchers release all the details about that attack, but many other researchers have also found significant automotive security flaws. Today’s video highlights a number of new car attacks disclosed in the past few weeks.

(Episode Runtime: 4:03)

Direct YouTube Link: https://www.youtube.com/watch?v=F4OXgxbYzMI

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Piles of August Patches – Daily Security Byte EP.124

While there’s lots of interesting security stories I could share today, one of the most practical infosec actions you can take is to keep your software patched. Yesterday was Microsoft and Adobe patch day, and Mozilla also recently released a pretty important Firefox update. Watch the video to learn about these important fixes, and more importantly, follow the links below to learn how to apply the relevant updates.

UPDATE: On Thursday, Apple released a hand full of security advisories and updates as well, fixing flaws in iOS, OS X, and Safari. This wasn’t covered in the video, but check the links below for more info on those updates.

(Episode Runtime: 2:25)

Direct YouTube Link: https://www.youtube.com/watch?v=yZ6A09t5oWA

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Thunder Strikes Mac Firmware Again – Daily Security Byte EP.123

You probably know that USB devices can be malicious, but did you know that infected Thunderbolt devices could spread a firmware worm to all your Macbooks? In today’s security video, I cover the ThunderStrike 2 attack that researchers disclosed at this year’s Black Hat and DEF CON conferences. Watch to learn what this attack does, and how the industry can fix it.

(Episode Runtime: 4:01)

Direct YouTube Link: https://www.youtube.com/watch?v=1kF9T4Ugz8Q

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Follow

Get every new post delivered to your Inbox.

Join 8,025 other followers

%d bloggers like this: