Tag Archives: apple

YiSpecter iOS Malware – Daily Security Byte EP.154

Another piece of iOS malware is affecting Chinese and Taiwanese users. It works against non-jailbroken devices and uses Apple’s private APIs to hide its malicious activities. Watch today’s video to learn more about it, and what users should do to avoid it.

(Episode Runtime: 3:17)

Direct YouTube Link: https://www.youtube.com/watch?v=1lAUaPeiHCo


— Corey Nachreiner, CISSP (@SecAdept)

Researcher Storms Gatekeeper- Daily Security Byte EP.152

Today, Apple fixed a few security flaws but also suffered from a new one. A researcher has found a new way to bypass Gatekeeperthe OS X component that’s supposed to keep suspicious software off Macs. Watch the video below to learn a bit about this flaw.

(Episode Runtime: 2:11)

Direct YouTube Link: https://www.youtube.com/watch?v=LvZ3zN7D4Ng


— Corey Nachreiner, CISSP (@SecAdept)

iOS 9 Lockscreen Bypass – Daily Security Byte EP.149

Apple’s not having a great security week. First the XcodeGhost issue, which infected their App Store with malware, now a new iOS 9 lockscreen bypass vulnerability. A Spanish speaking YouTuber disclosed a new lockscreen bypass flaw this week. Today’s episode covers how an attacker might exploit this flaw, and what you can do to mitigate it until Apple patches.

(Episode Runtime: 2:29)

Direct YouTube Link: https://www.youtube.com/watch?v=umKip1ZpS6I


— Corey Nachreiner, CISSP (@SecAdept)

XcodeGhost Pwns App Store – Daily Security Byte EP.147

A booby-trapped version of XcodeApple’s development toolkitis spreading on Chinese forums, and adding a malicious backdoor to any app made with it. Watch today’s video to learn more about XcodeGhost, and what developers and users should do to avoid it.

(Episode Runtime: 2:30)

Direct YouTube Link: https://www.youtube.com/watch?v=BC_oyFg7AnA


— Corey Nachreiner, CISSP (@SecAdept)

HTTPS Masks Malvertising – Daily Security Byte EP.145

A new malvertising campaign went undetected for three weeks due to advertisers adopting HTTPS. Learn how secure web communications might introduce unexpected new risks in today’s daily video.

(Episode Runtime: 2:57)

Direct YouTube Link: https://www.youtube.com/watch?v=u3DURxAy7Lw


— Corey Nachreiner, CISSP (@SecAdept)

Apple Patches iOS & iTunes – Daily Security Byte EP.144

Today is Apple Patch Day. They released security updates for iTunes, iOS, Xcode, and OS X Server. iOS 9 is the big news, since it’s a pretty big feature update. However, it also fixes a critical AirDrop flaw. Press play below to learn about these updates, and the major AirDrop issue.

(Episode Runtime: 1:39)

Direct YouTube Link: https://www.youtube.com/watch?v=iuokQxztLtw


— Corey Nachreiner, CISSP (@SecAdept)

Yosemite 0day – Daily Security Byte EP.130

It’s pretty impressive to know an 18 year old Italian teenager is already finding vulnerabilities in OS X. However, I hope he learns to disclose them responsibly, and starts informing vendors first. This week, news surfaced of a zero day privileges escalation flaw in the latest version of OS X Yosemite. Click play below to learn all about it.

(Episode Runtime: 1:30)

Direct YouTube Link: https://www.youtube.com/watch?v=6WmdmY9kHks


— Corey Nachreiner, CISSP (@SecAdept)

Black Hat & DEF CON Aftermath – WSWiR Episode 160

Two weeks ago, the Black Hat and DEF CON conferences unveiled tons of new security research, which means last week was packed with interesting security stories. If you find yourself falling behind on security news, and need a “one stop shop” to keep you up to date, this weekly video does just that.

Last week’s stories included many car hacks, a OS X firmware worm, a big UK breach, tons of patches, and more. If you don’t watch my Daily Bytes, you can catch up all at once with the weekly video below. More importantly, I couldn’t cover many other interesting stories from last week, so if you are interested in those, check out the Reference section below.

(Episode Runtime: 15:10)

Direct YouTube Link: https://www.youtube.com/watch?v=AAIiPp3os1k



— Corey Nachreiner, CISSP (@SecAdept)

Piles of August Patches – Daily Security Byte EP.124

While there’s lots of interesting security stories I could share today, one of the most practical infosec actions you can take is to keep your software patched. Yesterday was Microsoft and Adobe patch day, and Mozilla also recently released a pretty important Firefox update. Watch the video to learn about these important fixes, and more importantly, follow the links below to learn how to apply the relevant updates.

UPDATE: On Thursday, Apple released a hand full of security advisories and updates as well, fixing flaws in iOS, OS X, and Safari. This wasn’t covered in the video, but check the links below for more info on those updates.

(Episode Runtime: 2:25)

Direct YouTube Link: https://www.youtube.com/watch?v=yZ6A09t5oWA


— Corey Nachreiner, CISSP (@SecAdept)

Thunder Strikes Mac Firmware Again – Daily Security Byte EP.123

You probably know that USB devices can be malicious, but did you know that infected Thunderbolt devices could spread a firmware worm to all your Macbooks? In today’s security video, I cover the ThunderStrike 2 attack that researchers disclosed at this year’s Black Hat and DEF CON conferences. Watch to learn what this attack does, and how the industry can fix it.

(Episode Runtime: 4:01)

Direct YouTube Link: https://www.youtube.com/watch?v=1kF9T4Ugz8Q


— Corey Nachreiner, CISSP (@SecAdept)


Get every new post delivered to your Inbox.

Join 8,091 other followers

%d bloggers like this: