Tag Archives: apple

Hacking Team Updates and RC4 Insecurity – WSWiR Text Edition

 RC4’s Dead and White House On Security

Last week, I was in the UK attending a WatchGuard Partner conference, and as a result I only shot two videos and skipped my weekly summary. Nonetheless, there was still plenty of interesting information security (infosec) news, which I don’t want you to miss. So to make up for it, let me quickly share three infosec stories I would have covered if I had had more time:

  1. Lots of The Hacking Team breach updates: Through the week, we learned a lot more about The Hacking Team organization from the 400GBs of data made public by their network breach. For instance, they had more zero day exploits that first suspected; They leveraged BGP flaws to launch man-in-the-middle attacks, and they worked with both the FBI and DEA to snoop out TOR users. If you’re following this infosec drama, Wikileaks has made all The Hacking Team’s stolen email public. Check out the links below to learn the latest Hacking Team gossip.
  2. The White House brags about cybersecurity: Last week, the White House released a CyberSecurity Fact Sheet detailing everything the US government has done this year to improve the nation’s cybersecurity stance. Highlights include creating a new office in charge of the problem, and encouraging the government and private industry to share threat intelligence. Check out the references if you’d like more details.
  3. RC4 gets another nail in its coffin: RC4 is a very popular hashing algorithm we’ve used for decades. Unfortunately, over the years it has been proven weak due to many vulnerabilities in this old function. Most security experts already consider RC4 dead, that said, new research [PDF] has proven RC4 even weaker. Without going into the details, this new discovery mean bad guys can break RC4 in days instead of months. If you are using RC4, it’s time to move on.

Those are the stories I missed, but the week included many others. If you are interested in all of them, feel free to peruse the Reference section below. I’ll get back to my regularly scheduled videos this week.

References:

 

— Corey Nachreiner, CISSP (@SecAdept)

June Apple Patch Day – Daily Security Byte EP.107

If you use Apple productson Mac or PCknow that today is Apple Patch Day. The popular software company released six security advisories (originally five, but they had a late breaking advisory) fixing many security flaws in most of their most popular products. Watch today’s video to learn which products are affected, and what you should patch (or check the Reference section for a link to the page with all the details).

As an aside: Sorry about the bad links yesterday, and thanks for those that informed me. If you go to the blog, the link for yesterday’s video is corrected there.

(Episode Runtime: 1:24)

Direct YouTube Link: https://www.youtube.com/watch?v=KwyHlFUPga4

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Hacking Nation States & Crashing iPhones – WSWiR Episode 154

Unfortunately, lots of security news suggests lots of cyber crime. If you want to stay protected, you need to keep up to date; but who has time? Hopefully our weekly InfoSec video can help.

Last Friday’s episode covered an IRS data leak, a mysterious text message that crashed iPhones, some scary new crowd-sourced ransomware, and more. Watch the YouTube video below for all the details, and check out the References for other stories.

(Episode Runtime: 11:53)

Direct YouTube Link: https://www.youtube.com/watch?v=85fEsnnTf7E

Show Note: I’ll be traveling for the next two weeks to attend various security conference. I’ll try to keep up with semi-daily videos, but will not post as regularly, or at the normal times. 

EPISODE REFERENCES:

EXTRAS:

— Corey Nachreiner, CISSP (@SecAdept)

iOS Crash Text – Daily Security Byte EP.89

High schoolers around the nation likely woke up to randomly rebooting iPhones due to pranksters exploiting a mysterious new flaw triggered by a simple text message. The news of this malicious text started on Reddit, but quickly spread as security researchers and the press jumped on the issue. Learn more about it in today’s video.

 

(Episode Runtime: 2:20)

Direct YouTube Link: https://www.youtube.com/watch?v=td8mOon5nVw

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Patches, APT Gangs, and Sony Wikileaks- WSWiR Episode 148

Want to know what went on this week in the InfoSec world? Well then, check out my weekly security news recap video. This week I cover a ton of software security patches, news of China’s DDoS and man-in-the-middle tool, and the latest drama in the Sony breach saga. Press play to learn more, and enjoy your weekend.

(Episode Runtime: 13:25)

Direct YouTube Link: https://www.youtube.com/watch?v=uBeOUz40tws

EPISODE REFERENCES:

 

EXTRAS:

— Corey Nachreiner, CISSP (@SecAdept)

TV5Monde Pwned, White House Hack, and Snowden – WSWiR Episode 147

Information security threats and attacks are evolving faster than IT generalists can keep up with. If you’re falling behind in your InfoSec news, and need a quick summary, this weekly video can help.

Topics from today’s episode include, more details on an old White House breach, cyber attackers blacking out a French broadcaster, and a funny yet enlightening Snowden interview. Press play to get informed.

(Episode Runtime: 10:38)

Direct YouTube Link: https://www.youtube.com/watch?v=tLbtqmNIGsQ

EPISODE REFERENCES:

EXTRAS:

— Corey Nachreiner, CISSP (@SecAdept)

April Apple Patches – Daily Security Byte EP.63

Apple released a bunch of security fixes for their most popular products yesterday. Learn about them quickly in this video, and then go patch your Macs.

 

(Episode Runtime: 1:26)

Direct YouTube Link: https://www.youtube.com/watch?v=foEyHOsLbig

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Patches and Pwns – WSWiR Episode 143

What do DRAM, Jamie Oliver, Half Life 2, Apple, and Microsoft all have in common? They were all affected by information security issues this week. The amount of information security news coming out each day is off the charts. If you need help keeping up, check out this weekly video summary.

Today’s show covers Apple and Microsoft security updates, a new science fiction-like DRAM hack, some gamer focused ransomware, and much more. Learn about it in the video, or peruse the References section for details if you prefer.

(Episode Runtime: 10:55)

Direct YouTube Link: https://www.youtube.com/watch?v=SG5xRcNMZbc

EPISODE REFERENCES:

EXTRAS:

 

— Corey Nachreiner, CISSP (@SecAdept)

Follow

Get every new post delivered to your Inbox.

Join 7,998 other followers

%d bloggers like this: