Tag Archives: apple

WireLurker – WSWiR Episode 128

Mega Patch Day, Password Hijack, and WireLurker

What new security updates do I need? Are attackers exploiting new zero day attacks that affect me? Should I be concerned with any new attack campaigns? What can I learn from the latest network breaches? If you’ve asked yourself these questions, but don’t have time to find the answers, this is the weekly video for you. In it, I summarize the biggest security news from the week and explore what we might learn from it.

Today’s episode talks about the upcoming humongous Microsoft Patch day, explores a password hijack that succeeded despite good security practices, and covers two major threats that affect Apple’s OS X and iOS devices. Watch the video for details, and check out the links below for other interesting stories.

Have a safe and fun weekend!

(Episode Runtime: 11:20)

Direct YouTube Link: https://www.youtube.com/watch?v=PXJ1t23K5hY

Episode References:


— Corey Nachreiner, CISSP (@SecAdept)

Evil Tor Exit Node – WSWiR Episode 127

Security FUD, Black Energy, and Tor Terror

Happy Halloween!

The Internet “threatscape” has changed drastically over the past few years, with many more cyber security incidents each year and tons of information security (infosec) news in the headlines. Can you keep up? If not, maybe my weekly infosec video will help.

In today’s quick update, I rant a bit about infosec misinformation, share the latest on the Black Energy ICS attack campaign, and talk about an Evil Tor exit node that dynamically adds malware to downloads. Press play for the scoop, and enjoy your spooky Halloween weekend.

(Episode Runtime: 10:44)

Direct YouTube Link: https://www.youtube.com/watch?v=HjejYd_9Oik

Episode References:


— Corey Nachreiner, CISSP (@SecAdept)

Cryptowall Malvertising – WSWiR Episode 126

Windows 0day, iCloud MitM, and Cryptowall Rises

You’re a busy IT guy that barely has time to brush your teeth before running off to work, so who has time to follow security news too? Does this sound like you? If so, let our short weekly video inform you of the most important security news in the time it takes you to enjoy your first cup of coffee.

Today’s episode covers another Microsoft zero day flaw, a recent man-in-the-middle (MitM) attack against iCloud, and the latest developments with a nasty piece of ransomware called CryptoWall. Press play below to learn about all that and more, and peruse the Reference section for other stories.

(Episode Runtime: 8:40)

Direct YouTube Link: https://www.youtube.com/watch?v=0y5lBIQ0CEI

Episode References:


— Corey Nachreiner, CISSP (@SecAdept)

POODLE Bites SSL – WSWiR Episode 125

October Patch Bonanze, Leaky Apps, and POODLE

Cyber security has gone main stream, which means we’re getting a lot more security news each week than we used to. This week was even busier than usual, with updates fixing hundreds and hundreds of security vulnerabilities, as well as a significant vulnerabilities in a encryption standards. If you’re having trouble keeping track of the most important security info on your own, let our week video summary do it for you.

Today’s episode covers a ton of updates for October’s Patch Day, data leaks affecting SnapChat and DropBox, and a relatively serious SSL vulnerability called POODLE. The video is a bit longer than usual in order to better describe the POODLE flaw. Press play to learn more, and check the references for other interesting stories.

Enjoy your weekend, and beware what you click online.

(Episode Runtime: 16:37)

Direct YouTube Link: https://www.youtube.com/watch?v=AFX9DXDizu4

Episode References:


— Corey Nachreiner, CISSP (@SecAdept)

Printer Doom Hack – WSWiR Episode 122

Apple Patches, Kindle XSS, and Doom Printer Hack

If you want to stay current with the Internet “threatscape,” our weekly video can help. It summarizes each week’s top information and network security news in one convenient place. Subscribe today!

Today’s episode covers, Apple and Adobe security updates, a cross-site scripting flaw that affects Kindle users, and an interesting printer hack that allowed an attacker to run doom on a printer. Watch the video for details and see the Reference section below for more info.

Enjoy your weekend!

(Episode Runtime: 5:39

Direct YouTube Link: https://www.youtube.com/watch?v=aZ7-LdlMYHc

Episode References:


— Corey Nachreiner, CISSP (@SecAdept)

Hardware Malware – WSWiR Episode 112

Tons of Patches, Facebook Botnets, and Infected Hand Scanners

After a couple weeks of hiatus, we’re finally back with our weekly security news summary video. If you want to learn about all the week’s important security news from one convenience resource, this is the place to get it.

This episode covers the latest popular software security updates from the last two weeks, and interesting Litecoin mining botnet that Facebook helped eradicate, and an advanced attack campaign that leverages pre-infected hardware products. Watch the video for the details, and check out the Reference’s for more information, and links to many other interesting InfoSec stories.

Enjoy your summer weekend, and stay safe!

(Episode Runtime: 7:37)

Direct YouTube Link: https://www.youtube.com/watch?v=oAHYUW1KkM0

Episode References:


— Corey Nachreiner, CISSP (@SecAdept)

This Month’s Apple Updates Fix Mavericks and iTunes Security Flaws

As much as Apple would like you to think otherwise, their products are not immune to security vulnerabilities. If you use OS X Mavericks or iTunes, you’d best update.

This week, Apple released two security updates to fix vulnerabilities in OS X Mavericks and iTunes. The updates fix a wide range of vulnerabilities, including memory corruption flaws attackers could use to execute code. If you use OS X Mavericks or iTunes, you should download and install Apple’s updates immediately, or let their automatic Software Updater do it for your.

See the links below for more information about each update:

If you’d like to keep up with Apple’s latest security updates, be sure to bookmark their Security page, and you can find links to all their patches on the Download page.— Corey Nachreiner, CISSP (@SecAdept)

Apple Releases Critical OS X, iOS, and Apple TV Patches

Hey Apple users; it’s time to patch.

This week, Apple released three security updates to fix vulnerabilities in OS X, iOS, and Apple TV. The updates fix a wide range of vulnerabilities, including memory corruption flaws attackers could use to execute code, and something called a “triple handshake attack,” which attackers could leverage in man-in-the-middle (MitM) attacks against your SSL sessions. If you use OS X, iOS, or Apple TV, you should download and install Apple’s updates immediately, or let their automatic Software Updater do it for your.

See the links below for more information about each update:

If you’d like to keep up with Apple’s latest security updates, be sure to bookmark their Security page, and you can find links to all their patches on the Download page.

In a related note, Kristin Paget, an ex-Apple security researcher, published a blog post criticizing Apple’s patching process. Apparently, Apple had already released updates to OS X previously that fix the same Webkit vulnerabilities that iOS 7.1.1. fixes this month. Paget argues that Apple needs to release all the like fixes at the same, otherwise attackers could reverse the patches from OS X to exploit against iOS, or vice versa. This is good advice, which I hope Apple adopts in the future — Corey Nachreiner, CISSP (@SecAdept)

Broken Apple SSL – WSWiR Text Edition

RSA 2014, EMET Bypass, and Broken SSL

This week I attended the 2014 RSA Security Conference, one of the biggest information security (and cryptography) conferences of the year. This was the busiest RSA Conference in the show’s history, which suggests that more and more businesses, governments, and organizations are becoming increasingly concerned about cyber security. As a side effect, the show also kept me too busy to produce my normal infosec news video. Instead, I offer a written summary of this week’s major security news and RSA stories below.

  • Apple fixes serious SSL vulnerability in their OSs – This week, Apple released security updates for iOS 6.x and 7.x, OS X, Quicktime, Safari, and Apple TV. Though these updates fix a wide swath of vulnerabilities in those forenamed products, the most astonishing fix corrects a very serious SSL/TLS vulnerability that affects the iOS and OS X operating systems (OS). SSL/TLS is designed to protect and encrypt your network communications, but this flaw allows anyone on the same network as you to intercept and read your communications in a Man-in-the-Middle attack. In short, if you use Apple products, you SSL communications have been open to interception for the last few months, making it especially scary if you joined any open Wifi networks. Apple’s updates fix the issue, and many more, so be sure to go get them. See Apple’s security update summary page for more details.
  • EMET suffers from a bypass vulnerability – EMET—short for Enhanced Mitigation Experience Toolkit—is a free Microsoft tool designed to make it harder for cyber attackers to actually exploit memory corruption type vulnerabilities. I doesn’t prevent a product from having a memory corruption flaw, rather it adds various memory protection mechanisms (like stronger Address Space Layout Randomization or ASLR) to make it harder for attackers to injection their malicious shell code into certain memory locations. It’s a tool I often recommend users install to help mitigate the risk of many vulnerabilities. Well this week, researchers at Bromium Labs proved that EMET is not bulletproof. They released a paper [PDF] showing how attackers could bypass some of EMET’s protections. Microsoft has acknowledged the flaws, and also has a new version in beta (EMET v5.0) that plugs some of the holes.
  • Academic researchers disclose the first AP virus – Researchers from a number of universities in Europe released a paper describing the first ever wireless access point (WAP) virus, which they dub Chameleon. Chameleon first tries to find unsecured wireless APs (for instance, ones using weak WEP encryption, or no encryption). Once it can access the victim AP’s wireless network, it then leverages flaws in the AP firmware to try and infect the AP with its virus. Then it continues scanning for new victim APs. As a research project, this attack was only done in a lab environment, and has never been seen in the wild. However, now that it’s out I suspect criminal hackers might copy this technique in the real world one day.
  • RSA Security Conference Summary – Here are a few of the big themes and news from this year’s RSA Conference.
    • Government and the NSA have broken our trust – In general, the buzz on the show floor was how governments around the world, especially the U.S. and the NSA, have broken our trust with their spying campaigns. While many agree that some sort of international spy agency should exist, most think the NSA has crossed the line with the amount of data they are collecting; which includes data from normal private citizens. The lack of transparency in these government cyber espionage operations has poisoned the industry’s confidence in all online security and communications, making it difficult to know what to trust. Many speakers at the conference criticized these government operations, especially when the governments in question designed malware which they released into the wild.
    • Destructive attacks get more real – In one session, researchers from CrowdStrike demonstrated a vulnerability in Apple computers that they could exploit to actually cause your device to overheat, potentially catching on fire. One of my predictions this year was to expect more destructive malware, and this example may unfortunately help that prediction come true. As an aside, other researchers at the show also demonstrated an attack against Apple iOS devices that allows malicious programs to log touch input—kind of like a keylogger for finger swipes.
    • Lots of vulnerabilities in RSA mobile app – A few weeks before the show, researchers at IOActive checked out the RSA mobile app for the 2014 conference. Turns out it suffered from six vulnerabilities that attackers could leverage to do many things, including disclose the personal information of some of the attendees, or to inject additional code into the app to phish credentials, and other bad things. Check out IOActive’s blog for more details, but it’s ironic that a security conference’s app suffers from the flaws the conference is supposed to educate against.

Well that’s all I have time for this week. However, if you’d like links to other security stories from the week, check out the extra below. I’ll return with my normal video updates next Friday.

Extras Stories:

— Corey Nachreiner, CISSP (@SecAdept)

Hackers Lose Rights – WSWiR Episode 82

PHP.Net Hijack, Rooted ReadyNAS, and Harassed “Hacker”

This week you get two Infosec videos for the price of one! Of course, free plus free is still… well, free.

Last week, I had a busy travel schedule in the Middle East and Holland, and I did not find the time to produce my weekly security news summary on Friday. And yet, there was still plenty of security news to cover, so I didn’t want to leave you hanging. Hopefully, you can still learning something interesting, even if it comes a few days late.

Last week’s much belated episode includes, news of Cheney’s cardiac defibrillator hacking scare, a PHP.net watering hole attack, yet another rooted consumer router, and a story about how just calling yourself a hacker may cost you some Constitutional rights. Watch the video below, and check the Reference section for more details.

Thanks for watching and I’ll see you again in two days, when I post this week’s video!

(Episode Runtime: 7:07)

Direct YouTube Link: http://www.youtube.com/watch?v=rqD01VqkYmI

Episode References:


— Corey Nachreiner, CISSP (@SecAdept)


Get every new post delivered to your Inbox.

Join 7,840 other followers

%d bloggers like this: