使用Player FM应用程序离线!
Apple attack, Conti hits Parker, iPhone vuln, and more.
已归档的系列专辑 ("不活跃的收取点" status)
When? This feed was archived on May 25, 2023 16:09 (). Last successful fetch was on July 29, 2022 18:35 ()
Why? 不活跃的收取点 status. 我们的伺服器已尝试了一段时间,但仍然无法截取有效的播客收取点
What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.
Manage episode 328770595 series 2478053
Episode 238 - 17 May 2022
Apple attack - https://www.bleepingcomputer.com/news/security/apple-emergency-update-fixes-zero-day-used-to-hack-macs-watches/
Conti hits Parker -
https://www.infosecurity-magazine.com/news/parker-conti-ransomware/
Tesla BLE - https://www.bleepingcomputer.com/news/security/hackers-can-steal-your-tesla-model-3-y-using-new-bluetooth-attack/
Card skimming - https://www.zdnet.com/article/fbi-hackers-used-malicious-php-code-to-grab-credit-card-data/
iPhone vulv- https://threatpost.com/iphones-attack-turned-off/179641/
Hi, I’m Paul Torgersen. It’s Tuesday May 17th, 2022, and this is a look at the information security news from overnight.
From BleepingComputer.com:
Apple has released security updates to address a zero-day vulnerability that threat actors can exploit in attacks targeting Macs and Apple Watches. The flaw is an out-of-bounds write issue in the AppleAVD, the kernel extension for audio and video decoding. Apple says it is likely this has already been exploited in the wild.
From Infosecurity-magazine.com:
US manufacturer Parker-Hannifin has announced a data breach exposing employees’ PII after being the target of a Conti ransomware attack. The company said that an unauthorized third party gained access to its IT systems between 11 and 14 of March this year. On the plus side, if you‘re information was involved, you just got two free years of identity theft monitoring.
From BleepingComputer.com:
Security researchers at the NCC Group have developed a tool to carry out a Bluetooth Low Energy relay attack that bypasses all existing protections to authenticate on target devices. What target devices, you ask? Teslas. Details in the article.
From ZDNet.com:
The FBI put out a warning that someone is scraping credit card data from the checkout pages of US businesses' websites. The bad actor is injecting malicious PHP Hypertext Preprocessor code into the business' online checkout page and sending the scraped data to a server that spoofed a legitimate card processing server. They also left a backdoor into the victims system.
And last today, from ThreatPost.com
Because of how Apple implements standalone wireless features such as Bluetooth, Near Field Communication and Ultra-wideband technologies, researchers have found that iPhones are vulnerable to malware loading attacks even when the device is turned off. The root cause of the issue is how iPhones implement low power mode for wireless chips. No comment yet from Apple, but there is a link to the research report in the article.
That’s all for me today. Remember to LIKE and SUBSCRIBE. And as always, until next time, be safe out there.
221集单集
已归档的系列专辑 ("不活跃的收取点" status)
When? This feed was archived on May 25, 2023 16:09 (). Last successful fetch was on July 29, 2022 18:35 ()
Why? 不活跃的收取点 status. 我们的伺服器已尝试了一段时间,但仍然无法截取有效的播客收取点
What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.
Manage episode 328770595 series 2478053
Episode 238 - 17 May 2022
Apple attack - https://www.bleepingcomputer.com/news/security/apple-emergency-update-fixes-zero-day-used-to-hack-macs-watches/
Conti hits Parker -
https://www.infosecurity-magazine.com/news/parker-conti-ransomware/
Tesla BLE - https://www.bleepingcomputer.com/news/security/hackers-can-steal-your-tesla-model-3-y-using-new-bluetooth-attack/
Card skimming - https://www.zdnet.com/article/fbi-hackers-used-malicious-php-code-to-grab-credit-card-data/
iPhone vulv- https://threatpost.com/iphones-attack-turned-off/179641/
Hi, I’m Paul Torgersen. It’s Tuesday May 17th, 2022, and this is a look at the information security news from overnight.
From BleepingComputer.com:
Apple has released security updates to address a zero-day vulnerability that threat actors can exploit in attacks targeting Macs and Apple Watches. The flaw is an out-of-bounds write issue in the AppleAVD, the kernel extension for audio and video decoding. Apple says it is likely this has already been exploited in the wild.
From Infosecurity-magazine.com:
US manufacturer Parker-Hannifin has announced a data breach exposing employees’ PII after being the target of a Conti ransomware attack. The company said that an unauthorized third party gained access to its IT systems between 11 and 14 of March this year. On the plus side, if you‘re information was involved, you just got two free years of identity theft monitoring.
From BleepingComputer.com:
Security researchers at the NCC Group have developed a tool to carry out a Bluetooth Low Energy relay attack that bypasses all existing protections to authenticate on target devices. What target devices, you ask? Teslas. Details in the article.
From ZDNet.com:
The FBI put out a warning that someone is scraping credit card data from the checkout pages of US businesses' websites. The bad actor is injecting malicious PHP Hypertext Preprocessor code into the business' online checkout page and sending the scraped data to a server that spoofed a legitimate card processing server. They also left a backdoor into the victims system.
And last today, from ThreatPost.com
Because of how Apple implements standalone wireless features such as Bluetooth, Near Field Communication and Ultra-wideband technologies, researchers have found that iPhones are vulnerable to malware loading attacks even when the device is turned off. The root cause of the issue is how iPhones implement low power mode for wireless chips. No comment yet from Apple, but there is a link to the research report in the article.
That’s all for me today. Remember to LIKE and SUBSCRIBE. And as always, until next time, be safe out there.
221集单集
所有剧集
×欢迎使用Player FM
Player FM正在网上搜索高质量的播客,以便您现在享受。它是最好的播客应用程序,适用于安卓、iPhone和网络。注册以跨设备同步订阅。