Tag Archives: WatchGuard Security Week in Review

iOS Bounties, Android Auto-root, and Guy Fawkes Day – WSWiR Episode 168

Nowadays, each week has more information security news that we used to have each month. If you find yourself falling behind, and need a shortcut to stay informed, this is the weekly video for you. Every Monday, I summarize our daily security video from last week.

Today’s episode covers a new Android malware variant, an iOS zero day that’s bad for the industry, a couple hacktivism campaigns, and more. Watch the YouTube video for all the details, and check out the references below to learn more.

(Episode Runtime: 13:13)

Direct YouTube Link: https://www.youtube.com/watch?v=z7Xgnd8CHQ8

EPISODE REFERENCES:

EXTRAS:

— Corey Nachreiner, CISSP (@SecAdept)

PWNed CIA, hacked Fitbit, and Fake Chrome- WSWiR Episode 167

Are you feeling overwhelmed by your normal IT job, but wish you had time to keep up with information security (infosec)? No worries! Let our weekly security video fill you in. Every Monday, I quickly summarize the biggest network and information security stories from the previous week, so you can keep up with the latest threats.

Today’s episode includes a story about a teenager hacking the CIA Director’s email, a new Fitbit hack, a malicious Chrome lookalike, and lots of patches. Press play to learn more, and check the references for other stories.

(Episode Runtime: 13:27)

Direct YouTube Link: https://www.youtube.com/watch?v=aqb7WIjuv94

EPISODE REFERENCES:

EXTRAS:

— Corey Nachreiner, CISSP (@SecAdept)

Patches, Drone Hacks, and Evil USB – WSWiR Episode 166

Did you miss last week’s security news since you were too busy keeping your network running? If so, you’re not alone. However, staying up to date with the latest threats is important, so let our short weekly security summary keep you informed. If you don’t have time to follow our daily security videos, I summarize them in this video every Monday.

Today’s episode includes a root vulnerability in popular consumer routers, a zero day Adobe Flash issue, and drone hacking. If that’s not enough, you should watch just to learn about last week’s Microsoft and Adobe patches. Watch the video for the details, and check the References section for links to other security stories from the past few weeks.

(Episode Runtime: 10:56)

Direct YouTube Link: https://www.youtube.com/watch?v=77R3I5fw9Ao

EPISODE REFERENCES:

EXTRAS:

— Corey Nachreiner, CISSP (@SecAdept)

Lots of Apple Hacks- WSWiR Episode 165

If you have no time to keep up with security news, but do want to know about the most concerning threats, our weekly video was made for you. It summarizes the biggest infosec stories each week (which I also cover in daily videos), and shares tips to protect your organization.

Today’s episode includes a couple of Apple software related threats, a new ATM malware variant, and the latest Flash update. Watch the video below, and check out the Reference section if you are hungry from more security news from the past week.

(Episode Runtime: 8:34)

Direct YouTube Link: https://www.youtube.com/watch?v=tuzi8SBq804

EPISODE REFERENCES:

EXTRAS:

— Corey Nachreiner, CISSP (@SecAdept)

Adult Ransomware and Hacked WhatsApp – WSWiR Episode 164

Do you have little time for security news, but wish you could keep abreast of the latest threats? In that case, our weekly summary video can help. Every Monday, we summarize last week’s infosec news for you, often in under ten minutes.

This week’s show includes Microsoft and Adobe patches, some adult-themed mobile ransomware, and a sneaky new malware command and control technique. Watch the episode below, and don’t forget to glance at the Reference section if you are interested in other news.

(Episode Runtime: 8:44)

Direct YouTube Link: https://www.youtube.com/watch?v=mnJivvR7nRw

EPISODE REFERENCES:

EXTRAS:

— Corey Nachreiner, CISSP (@SecAdept)

Apple Flaws and Cyber Sanctions – WSWiR Episode 163

Are you interested in the latest security news, but have no time to source it yourself? No problem! Let our weekly video summarize the latest for you in ten minutes or less. If you want to watch the video Friday, subscribe to our YouTube channel. Otherwise, we’ll post the weekly episode on the first day of the following week.

This week’s “traveling” episode included a story about US cyber sanctions, two different threats to Apple products, and news of a security breach to Mozilla’s bug tracking system. Watch below, and check out the references for more of last week’s infosec news.

(Episode Runtime: 7:55)

Direct YouTube Link: https://www.youtube.com/watch?v=sJ993RVG48s

EPISODE REFERENCES:

EXTRAS:

— Corey Nachreiner, CISSP (@SecAdept)

Hacking Team Updates and RC4 Insecurity – WSWiR Text Edition

 RC4’s Dead and White House On Security

Last week, I was in the UK attending a WatchGuard Partner conference, and as a result I only shot two videos and skipped my weekly summary. Nonetheless, there was still plenty of interesting information security (infosec) news, which I don’t want you to miss. So to make up for it, let me quickly share three infosec stories I would have covered if I had had more time:

  1. Lots of The Hacking Team breach updates: Through the week, we learned a lot more about The Hacking Team organization from the 400GBs of data made public by their network breach. For instance, they had more zero day exploits that first suspected; They leveraged BGP flaws to launch man-in-the-middle attacks, and they worked with both the FBI and DEA to snoop out TOR users. If you’re following this infosec drama, Wikileaks has made all The Hacking Team’s stolen email public. Check out the links below to learn the latest Hacking Team gossip.
  2. The White House brags about cybersecurity: Last week, the White House released a CyberSecurity Fact Sheet detailing everything the US government has done this year to improve the nation’s cybersecurity stance. Highlights include creating a new office in charge of the problem, and encouraging the government and private industry to share threat intelligence. Check out the references if you’d like more details.
  3. RC4 gets another nail in its coffin: RC4 is a very popular hashing algorithm we’ve used for decades. Unfortunately, over the years it has been proven weak due to many vulnerabilities in this old function. Most security experts already consider RC4 dead, that said, new research [PDF] has proven RC4 even weaker. Without going into the details, this new discovery mean bad guys can break RC4 in days instead of months. If you are using RC4, it’s time to move on.

Those are the stories I missed, but the week included many others. If you are interested in all of them, feel free to peruse the Reference section below. I’ll get back to my regularly scheduled videos this week.

References:

 

— Corey Nachreiner, CISSP (@SecAdept)

Grounded Airline, Snowden Leak, and Mr. Robot – WSWiR Episode 158

If you’re feeling behind on critical information security news, you’re not alone. There are so many new InfoSec stories each week that only a dedicated few can keep up with the latest. If you need a little help following what’s important, let our weekly security news summary video keep you informed.

Last Friday’s episode covered an 0day Flash flaw, the latest Snowden leak, my review of a cool new infosec related show, and more. Watch the video below for the details, and check out the References section for other stories.

(Episode Runtime: 11:20)

Direct YouTube Link: https://www.youtube.com/watch?v=cvZCDHCc4ec

EPISODE REFERENCES:

EXTRAS:

— Corey Nachreiner, CISSP (@SecAdept)

APTs, Updates, and OPM – WSWiR Episode 156

Information Security is a hot topic right now; unfortunately not for all the right reasons. Nowadays, it’s not unusual to have a big data breach, new zero day malware, and a ton of security updates all in the same week. If you’re part of an IT organization that’s concerned with protecting your network, but that doesn’t have time to keep up with the deluge of InfoSec news, this weekly video is for you.

Last week’s episode covered a nasty new variant of point-of-sale (POS) malware, Microsoft and Adobe’s monthly security updates, and a significant network breach of a well-respected security company. If you want to learn about all these stories and more, watch the episode below. Also, take a peek at the Reference section if you are interested in other InfoSec items from the week.

(Episode Runtime: 13:25)

Direct YouTube Link: https://www.youtube.com/watch?v=52reUvOR6FE

Show Note: On some occasions, I will not be able to post the blog update associated with these videos immediately, even though the video is already online. If you’d like to know about the latest video as soon as it’s posted, subscribe to my YouTube channel. Also, if you want email updates for each blog post, don’t forget to subscribe to this blog in the top right corner.

EPISODE REFERENCES:

EXTRAS:

— Corey Nachreiner, CISSP (@SecAdept)

Follow

Get every new post delivered to your Inbox.

Join 8,247 other followers

%d bloggers like this: