This week, a botnet that's targeting 1.5 million RDP servers worldwide, VLC Player gets patched for two highly severe bugs, thousands of images stolen from US border hack, Troy Hunt looks to sell I Been Pwnd, and a near-ubiquitous critical Microsoft RCE bugs affect all versions of Windows! In the expert commentary, we welcome back Jason Wood from Paladin Security to talk about how the Evolution of Extortion Emails continues! All that and more, on this episode of Hack Naked News! Full Show Notes:...
Jun 12, 2019•27 min
This week, SUPRA Smart TV flaw lets attackers hijack screens with no video, 20,000 Linksys routers leak historic record of every device ever connected, a new attack creates ghost taps on Android smartphones, and an Australian teenager that hacked into Apple twice to get a job! In the expert commentary, we welcome Winn Schwartau from the Security Awareness Company to talk about Ethical Bias in Artificial Intelligence-Based Security Systems! To learn more about SAC, visit: https://securityweekly.c...
Jun 04, 2019•23 min
This week, Microsoft brings hardware-based isolation to Chrome & Firefox, the U.S. border's license plate scanning technology hacked, crooks leverage WordPress and Joomla sites for malicious redirects, the Chinese military wants to replace Windows OS in fear of U.S. hacking, and how Google-protected mobile browsers were open to phishing for over a year! In the expert commentary, we welcome back Jason Wood from Paladin Security to talk about how almost one million are still vulnerable to the ...
May 28, 2019•25 min
This week, Unistellar attackers wiped over 12,000 MongoDB databases, a Slack bug that allows remote file hijacking, Baltimore ransomware nightmare could last weeks more, over 25,000 smart Linksys routers are leaking sensitive data, and Huawei's microchip vulnerability explained! In the expert commentary, we welcome Charles Thompson, Senior Director of Product Management at VIAVI to talk about Security Forensics! To learn more about VIAVI Solutions, visit: https://securityweekly.com/viavi Full Sh...
May 21, 2019•24 min
This week, hacking the unhackable eyeDisk USB stick, how to brick all Samsung mobile phones, how Twitter shared user location data through advertising, a 0-Day flaw used to install spyware on phones, and a Linux kernel flaw allows remote code execution! In the expert commentary, we welcome Marcin Szary, CTO at Secfense, to talk about Web Authentication! To learn more about Secfense, visit: https://securityweekly.com/secfense Full Show Notes: https://wiki.securityweekly.com/HNNEpisode218 Visit ht...
May 14, 2019•27 min
This week, software flaw exposed most dell computers to remote hacking, Israel neutralizes cyber attack by blowing up a building with hackers, an expert that found hundreds of vulnerable Jenkins plugins, a bug in Mirai code allows crashing C2 servers, and how researchers discovered a highly stealthy Microsoft Exchange Backdoor! In the expert commentary, the return of Jason Wood from Paladin Security, joins us to talk about how Japan is developing a computer virus to fight cyber attacks! Full Sho...
May 07, 2019•17 min
This week, how a politicians' kids accessed his laptop through facial recognition, critical flaws in WordPress and Qualcomm chips, how 2 million IoT security cameras and baby monitors are vulnerable to takeover, and how a new Emotet variant uses connected devices as proxy C2 servers! In the expert commentary, the return of Jason Wood from Paladin Security, joins us to talk about how Microsoft is telling IT admins to nix 'obsolete' password reset practices! Full Show Notes: https://wiki.securityw...
Apr 30, 2019•24 min
This week, a weather channel that was knocked off air by a malicious attack, how bad bots make up 20 percent of web traffic, ransomware ravages municipalities nationwide, a flaw in Shopify API exposed revenue and traffic data of thousands of stores, and how attackers are weaponizing more vulnerabilities than ever before! In the expert commentary, we welcome Itai Tevet, CEO of Intezer, to talk about Linus threats, recent Mirai variants, and general code reuse in the cyber space! To learn more abo...
Apr 23, 2019•28 min
This week, the Apache Tomcat Patches Important Remote Code Execution Flaw, New variants of Mirai botnet detected, targeting more IoT devices, Hackers used credentials of a Microsoft Support worker to access users' webmail, TicTocTrack Smartwatch Flaws Can Be Abused to Track Kids, Ecuador suffered 40 Million Cyber attacks after the Julian Assange arrest, Security weakness in popular VPN clients, and Open Source Tool From FireEye Automates Analysis of Flash Files! In the expert commentary, Jason W...
Apr 16, 2019•23 min
In-Depth Analysis of JS Sniffers Uncovers New Families of Credit Card-Skimming Code, Nvidia Fixes 8 High-Severity Flaws Allowing DoS, Code Execution, Computer virus alters cancer scan images, A Serious Apache server bug gives root to baddies in shared host environments, Cybercrime Groups Are Still Rampant on Facebook, 90% of OT organizations are cyberattack victims, Tenable Discloses Verizon Fios Router Vulnerabilities, and Samsung Galaxy S10 Fingerprint Sensor Duped With 3D Print! Neil Butchart...
Apr 09, 2019•33 min
This week, Asus pushes patch after hackers used updates to send malware, Microsoft announces Windows Defender ATP Antivirus for Mac, researchers find 36 new security flaws in LTE protocol, new settings let hackers easily pentest Facebook and Instagram Mobile Apps, and how researchers can get a free Tesla for spotting infotainment system bug! Sven Morgenroth from Netsparker joins us for expert commentary to discuss how Facebook stored hundreds of Millions of user passwords in plain text! To learn...
Mar 28, 2019•21 min
This week, Zero-Days in Counter Strike client could be used to build a major botnet, huge aluminum plants hit by 'severe' ransomware attack, Myspace loses 50 million songs in server migration, wifi signals can reveal your password, and PuTTY in your hands: an SSH client gets patched after RSA key exchange memory vulnerability was spotted! Ralf Hund from VMRay joins us for expert commentary to discuss the Evolution of GandCrab! To learn more about VMRay, visit: https://securityweekly.com/vmray Fu...
Mar 19, 2019•29 min
This week, a Severe RCE vulnerability affected popular StackStorm Automation software, Crowdfense is willing to pay $3 Million for iOS and Android Zero-Days, Equifax neglected cyber security prior to breach, Google launches new Cloud Security services, and an unprotected MongoDB instance exposes 800 million emails! Jason Wood from Paladin Security joins us for expert commentary on how a researcher claims an Iranian APT is behind a 6TB Data Heist at Citrix! Full Show Notes: https://wiki.securityw...
Mar 12, 2019•21 min
This week, millions of utility customers passwords stored in plain text, Google ditches passwords in latest android devices, online validation services vulnerable to digital signature spoofing attacks, flaws in 4G and 5G allow snooping on calls, and TurboTax hit with credential stuffing attack and tax returns were compromised! Nicholas Sciberras from Acunetix joins us for expert commentary on how hackers created social media work after a bug report was ignored! To GET A FREE 14-DAY TRIAL of Acun...
Feb 26, 2019•27 min
This week, Google paid out $3.4 million for vulnerabilities reported in 2018, hackers target WordPress sites via WP cost estimation plugin, Facebook paid $25,000 for CSRF exploit that leads to Account Takeover, and PoC Exploit Code for recent container escape flaw in runc published online! Jason Wood from Paladin Security joins us for expert commentary on Apple being sued over their two factor authentication! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode208 Visit https://www.securi...
Feb 19, 2019•18 min
This week, your Lenovo X is watching you & sharing information, a client-side DNS attack emerges from academic research, a macOS vulnerability leaks safari data, hackers hit VFEmail & wipe US servers and backups, and a check-in system flaw puts major airlines at risk! Jason Wood from Paladin Security joins us for expert commentary on how fraudsters are scamming teenage 'money mules' on Instagram and Snapchat! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode207 Visit https://ww...
Feb 12, 2019•20 min
This week, roughly 500,000 Ubiquiti devices may be affected by a flaw already exploited in the wild, Outlaw Shellbot infects Linux servers to mine for Monero, Apple's Siri shortcuts feature vulnerable to abuse, Google's new Chrome extension warns you about stolen passwords, and Google patches critical .png image bug! David Pearson from Awake Security joins us for expert commentary on recent news around Japan performing an IoT pentest on their public IPs! To learn more about Awake Security, visit...
Feb 06, 2019•28 min
This week, a tool that finds vulnerable robots on the Internet, a new exploit that threatens over 9,000 Cisco routers, apple turns of group FaceTime after an eavesdropping bug, wordpress sites under attack via Zero-Day in abandoned plugin, and OpenBMC caught with 'pantsdown' over a new security flaw! Jason Wood from Paladin Security joins us for expert commentary on Abusing Exchange: One API call away from Domain Admin! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode205 Visit https:/...
Jan 29, 2019•19 min
This week, a flaw in MySQL could allow rogue servers to steal files, a state agency exposes 3TB of data including FBI info, how cybercriminals clean their dirty money, a critical RCE flaw in Linux APT allows remote attackers to hack systems, and how to protect against a new breed of cyber attack! Jason Wood from Paladin Security joins us for expert commentary on how attackers used a LinkedIn job ad and Skype call to breach a bank's defense! Full Show Notes: https://wiki.securityweekly.com/HNNEpi...
Jan 23, 2019•22 min
This week, US Government shutdown leaves dozens of .gov sites vulnerable, Firefox 69 to disable Adobe Flash, an unpatched vCard flaw could leave your PCs open to attackers, Tesla's contest Pwn2Own could win you a Model 3, and how building site cranes are easier to hack than garage door openers! Jason Wood from Paladin Security joins us for expert commentary on how the Boston Hospital Attacker was sentenced to 10 years in prison, and more on this episode of Hack Naked News! Full Show Notes: https...
Jan 15, 2019•21 min
This week, Ethereum hit by Double Spend attack, NSA to release reverse engineering tool for free, a Skype glitch allowed Android Authentication Bypass, Zerodium offers $2 Million for remote iOS jailbreaks, and tens of thousands of hot tubs are exposed to hacking! Our CEO Matt Alderman joins us for expert commentary on how Container Security lags amidst DevOps enthusiasm, and more! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode202 Visit https://www.securityweekly.com/hnn for all the ...
Jan 08, 2019•21 min
This week, when meme's attack, how Google's taking steps to secure Kubernetes, suggestions for last minute Holiday IT gifts, Twitter fixes bug that exposed data, and how WordPress was targeted with clever SEO Injection Malware! Ed Sattar from Quickstart joins us for expert commentary on how to optimize your cyber security investment to maximize ROI, and more! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode201 Visit https://www.securityweekly.com/hnn for all the latest episodes! Visit...
Dec 18, 2018•31 min
This week, Google+ flaw leads Chocolate Factory to shut down early, 40,000 credentials for government portals found online, one tweak that can save you from NotPetya, ESET discovers 21 new Linux malware variants, and how this Phishing Scam group built a list of 50,000 execs to target! Jason Wood from Paladin Security joins us for expert commentary on how Microsoft is calling for facial recognition tech regulation! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode200 Visit https://www.s...
Dec 11, 2018•24 min
This week, hijacking printers to promote a YouTube channel, fake iOS apps that steal money, Google patches 11 critical RCE Android Vulnerabilities, Marriott hack hits 500 million Starwood guests, and getting Pwned through an oscilloscope! Jason Wood from Paladin Security joins us for expert commentary to discuss how the "Iceman" hacker was charged with running a drone-smuggling ring from jail, and more! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode199 Visit https://www.securityweek...
Dec 04, 2018•25 min
This week, disastrous Rowhammer bitflips, malicious developer steals Bitcoin with NodeJS module, Germany proposes router security guidelines, Uber fined 148$ Million for data breach cover-up, Microsoft yanks two buggy Office patches, and a malware advertising campaign that impacts millions of iOS users! Jason Wood from Paladin Security joins us for Expert Commentary to discuss how the FBI created a fake FedEx website to unmask a cybercriminal, and more on this episode of Hack Naked News! Full Sh...
Nov 27, 2018•21 min
This week, what happens when support won't change your password, Gmail glitch Phishing Attacks, stopping the Infiltration of Things, Make-A-Wish website serves a Cryptojacking Script, Instagram exposes user passwords, and DirtyCOW is back in backdoor attack targeting Drupal Web Servers! Jason Wood from Paladin Security joins us for expert commentary to discuss how Ford is eyeing the use of customers personal data to boost profits! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode197 Vi...
Nov 20, 2018•21 min
This week, Vulnerabilities in SSD Encryption, Bypassing Windows UAC, Botnet Pwns over 100,00 routers w/ ancient security flaw, Google hit with IP Hijack, and one thing you can do to make your Internet safer and faster! Jason Wood from Paladin Security joins us for expert commentary to discuss how Phineas Fisher got away with hacking Team Hacker! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode196 Visit https://www.securityweekly.com/hnn for all the latest episodes! Visit https://www.a...
Nov 13, 2018•20 min
This week, A one-liner exploit for X, the danger of searching for Chrome in Bing, exposing your Docker API, you can find sensitive data in the cloud, exploit users by embedded videos in Word documents, dead web apps, hacking BGP routes, a new DHCP vulnerability and hacking your brain! Jason Wood from Paladin Security joins us for expert commentary to discuss twelve malicious Python libraries found and removed from PyPI! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode195 Visit https:/...
Oct 30, 2018•22 min
This week, Critical Code execution flaws, WordPress working on wiping older versions from existence, Multiple serious flaws in Drupal, TCP/IP flaws leave IoT gear open to mass hijacking, jQuery plugin actively exploited for at least three years, Flaw in libssh leaves thousands of servers at risk of hijacking, and 8 adult websites exposes a bunch of "intimate" user data! Leonard Simon from Springboard joins us for expert commentary on how to get into the field of Information Security! Full Show N...
Oct 24, 2018•25 min
This week, Millions of voter records for sale on the Dark Web, Apple passcode bypass can access pictures and contacts, how Chrome and Firefox could ruin your business, Fake Adobe updates, Microsoft Zero-Day patch for JET bug incomplete, and 5 ways attackers are targeting the Healthcare Industry! Doug White joins us for expert commentary how China used a Tiny Chip to infiltrate America's top companies, and more on this episode of Hack Naked News! Full Show Notes: https://wiki.securityweekly.com/H...
Oct 17, 2018•26 min
