Evasive Malware & No More Patch Day – WSWiR Episode 151

In one short week there’s been two new variants of evasive malware, a zero day flaw in a popular blogging framework, some proof-of-concept GPU malware, and a major change to the biggest OS vendor’s patching cycle. How is one poor IT guy to keep up with this every changing Information Security (InfoSec) news? Don’t worry. We got you covered in our weekly InfoSec news round up!

Last week’s episode details that evasive malware and how WatchGuard helps, informs you of the important changes in Microsoft Patch Day, and warns you about the latest Lenovo security flaws. Watch the video for all the details, and check out the Reference section if you’re curious what else happened last week.

As an aside, I’m experimenting with the timing of this weekly blog post. While I will continue to post the weekly video on Friday, I will schedule this blog post the Monday after. If you’d rather see the video on Friday, be sure to subscribe to the YouTube channel.

(Episode Runtime: 14:03)

Direct YouTube Link: https://www.youtube.com/watch?v=hGEPKUqR1mU

EPISODE REFERENCES:

EXTRAS:

— Corey Nachreiner, CISSP (@SecAdept)

WatchGuard Sees Evasive Malware – Daily Security Byte EP.79

A few days ago, I told you about Rombertik, an evasive threat that can sneak past signature antivirus, and some sandboxes. This week we also learned about a new variant of Dyre, that uses similar evasive techniques against sandboxes as well. In today’s video, learn why WatchGuard’s sandbox is not fooled by these new evasions.

 

(Episode Runtime: 2:42)

Direct YouTube Link: https://www.youtube.com/watch?v=RXDOyntnVnQ

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Lenovo Security Fail – Daily Security Byte EP.78

A few months ago, some of Lenovo’s preinstalled adware got them into security hot water. Looks like their pre-installed software has struck again. Watch today’s video to learn about the latest Lenovo vulnerabilities and what you can do about them.

 

(Episode Runtime: 1:54)

Direct YouTube Link: https://www.youtube.com/watch?v=2jU2b42iVY4

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Bye Bye Patch Day – Daily Security Byte EP.77

On October 2003almost twelve years ago, Microsoft launched their monthly Patch Day. This week, at the their Ignite Conference, they announced that they plan to stop doing monthly patches with Windows 10. If you’re a Microsoft administrator, watch our vlog to learn what this means to you.

 

(Episode Runtime: 2:26)

Direct YouTube Link: https://youtu.be/I1fOZeyFYI0

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Rombertik Destruction – Daily Security Byte EP.76

Last year I predicted an increase in destructive malware, and with the Sony Pictures breach we’re certainly seeing signs that this prediction is coming true. Today, researchers at Cisco’s Talos have found yet another malware variant that continues this trend. Watch today’s Byte to learn about Rombertik’s destruction and evasive capabilities, and to learn how to protect your network from these kinds of destructive threats.

 

(Episode Runtime: 5:15)

Direct YouTube Link: https://www.youtube.com/watch?v=DlUqzwHMjDY

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Political Trojans, WordPress 0day, and Tool Fails- WSWiR Episode 150

Another week, another flood of security news. Do you find yourself falling behind of the latest InfoSec news? Than this weekly video should help you catch up.

This week’s video covers the latest on the White House breach, a new security tool that got hacked a day later, and an old trojan that has received some politically-motivated updates. Press play to learn about all that and more; and don’t forget the references to other stories below.

As an aside, I’m experimenting with the timing of this weekly blog post. While I will continue to post the weekly video on Friday, I will schedule this blog post the Monday after. If you’d rather see the video on Friday, be sure to subscribe to the YouTube channel.

(Episode Runtime: 10:12)

Direct YouTube Link: https://www.youtube.com/watch?v=EmIr30YlLDA

EPISODE REFERENCES:

EXTRAS:

— Corey Nachreiner, CISSP (@SecAdept)

Bedep Trojan Gets Political – Daily Security Byte EP.74

The Bedep trojan (or botnet client) has been around for a long time, allowing hackers to steal information and make money. However, new research shows that it now has political motives as well. Watch today’s video to learn what it’s up to.

 

(Episode Runtime: 2:12)

Direct YouTube Link: https://www.youtube.com/watch?v=Ja22Rx1c9Us

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Password Alert Fail – Daily Security Byte EP.73

Yesterday, I recommended a free Google Chrome extension that could help spot phishing attacks, but today a security researcher has already figured out how to bypass it. Press play to learn what he did, and whether or not this extension is still worthwhile.

 

(Episode Runtime: 1:24)

Direct YouTube Link: https://www.youtube.com/watch?v=TdzYtcmLpao

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Prevent Phishing with Password Alert – Daily Security Byte EP.72

In today’s extra short daily vlog I recommend a free security tool rather than cover the InfoSec news. If you use Chrome, watch the video to learn how Password Alert can inform you of phishing attempts.

 

(Episode Runtime: 1:02)

Direct YouTube Link: https://www.youtube.com/watch?v=gYuJN8H6Dog

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Follow

Get every new post delivered to your Inbox.

Join 7,927 other followers