Podcasts about 0days

SOF Bundle Sale - 25% off all products (Ends 16 Jun At Midnight)Today's topicsExtreme vs. gradual cutFitness maintenance at OSUT (clip w/ Jon H)Programming for Opt. 40 (RASP)Exercise sequence in JG2.0Days per week to train (SFAS prep)Best TTM program for new momsRe-introducing training after hiatusTraits of great GB officers (power)Rack chin ups vs. pull upsTerrain at SFAS (run time effects)12 week triathlon programOvercoming foot issues to crush rucks+ 40 lbs bench on JGTraits that make a shit GBFollowing 2&5 mile back 2 back (2023)Maxing plank (programming)1 year plan pre OSUT (18x)18D knowledge in my current jobTFVooDoo programming vs. minePros and cons of fastingSpoken Supplements: Code terminator_trainingCwench supplements: Code terminator_trainingNew Program: Jacked Gazelle 2.0EBook: SOF Selection Recovery & Nutrition GuidePrograms, articlesNew Training Team on TrainHeroic: T-850 Rebuilt (try a week for free!)terminatortraining.com2 & 5 Mile Run Program - run improvement program w/ strength workKickstart- beginner/garage gym friendlyTime Crunch- Workouts for those short on timeHypertrophy- intermediate/advancedJacked Gazelle- Hybrid athleteSFAS Prep- Special forces train-upTrainHeroic- App based bodybuilding programFollow me:SubstackNewsletter Sign UpIG: terminator_trainingTwitter: @ksterminatortmyoutube: Terminator Training MethodFacebook: Terminator Training

Episode 118: In this episode of Critical Thinking - Bug Bounty Podcast we cover a host of news, including clientside tidbits, “Credentialless” iframes, prototype pollution, and what constitutes a polyglot in llms.txt.Follow us on XShoutout to YTCracker for the awesome intro music!====== Links ======Follow Rhynorater and Rez0 on X====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at https://ctbb.show/discord!You can also find some hacker swag!====== Resources ======p4fg passed 1 Million!/reports/:id.json - $25K CritHacking Crypto pt1The art of payload obfuscationAnalyzing the Next.js Middleware BypassNahamsec's Merch storellms.txt polyglot prompt injectionReact Router and the Remix'ed pathPre-Authentication SQL Injection in Halo ITSMPwning Millions of Smart Weighing MachinesMCP Server OauthCline“Credentialless” iframesTiny XSS PayloadsTypes of Pollution====== Timestamps ======(00:00:00) Introduction(00:05:56) Next.js Middleware bypass & Polyglots in llms.txt(00:16:35) CPDoS on React Router(00:24:26) Loose Types Sink Ships & Pwning Smart Scales(00:32:30) MCP Server Oauth & Cline(00:39:40) Clientside Tidbits & Prototype Pollutions

Three Buddy Problem - Episode 40: On the show this week, we look at the technical deficiencies and opsec concerns around the use of Signal for ultra-sensitive communications. Plus, some speculation on who's behind Kaspersky's ‘Operation Forum Troll' report, Chinese discussion on NSA/CIA mobile networks exploitation, and the return of ‘Lab Dookhtegan' hack-and-leak exposures. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Costin Raiu (https://twitter.com/craiu) and Ryan Naraine (https://twitter.com/ryanaraine).

Three Buddy Problem - Episode 29: Another day, another Ivanti zero-day being exploited in the wild. Plus, China's strange response to Volt Typhoon attribution, Japan blames China for hacks, a Samsung 0-click vulnerability found by Project Zero, Kim Zetter's reporting on drone sightings and a nuclear scare. Plus, hijacking abandoned .gov backdoors and Ukrainian hacktivists wiping a major Russian ISP. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Costin Raiu (https://twitter.com/craiu) and Ryan Naraine (https://twitter.com/ryanaraine).

Three Buddy Problem - Episode 23: Volexity founder Steven Adair joins the show to explore the significance of memory analysis and the technical challenges associated with memory dumping and forensics. We dig into Volexity's “nearest neighbor” Wi-Fi hack discovery, gaps in EDR detection and telemetry, and some real-talk on the Volt Typhoon intrusions. We also cover news on a Firefox zero-day exploited on the Tor browser, the professionalization of ransomware, ESET's discovery of a Linux bootkit (we have a scoop on the origins of this!), Binarly research on connections to LogoFAIL, and major visibility gaps in the firmware ecosystem. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs) (SentinelLabs), Costin Raiu (https://twitter.com/craiu) (Art of Noh) and Ryan Naraine (https://twitter.com/ryanaraine) (SecurityWeek). Honorary buddy: Steven Adair (https://twitter.com/sadair) (Volexity)

On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news, including: Microsoft introduces some sensible sounding post-Crowdstrike changes Palo Alto patches hella-stupid bugs in its firewall management webapp CISA head Jen Easterly to depart as Trump arrives AI grandma tarpits phone scammers in family-tech-support hell Academic research supports your gut-reaction; phishing training doesn't work And much, much more. This week's episode is sponsored by Greynoise. The always excitable Andrew Morris joins to remind us that the edge-device vulnerabilities Pat and Adam complain about on the show are in fact actually even worse than we make them out to be. Andrew also tells us about a zero-day Greynoise' AI system truffle-pigged out of their data set. This episode is also available on Youtube. Show notes Windows security and resiliency: Protecting your business | Windows Experience Blog Microsoft revamps how it will disclose vulnerabilities | Cybersecurity Dive NIST says exploited vulnerability backlog cleared but end-of-year goal for full list unlikely Pots and Pans, AKA an SSLVPN - Palo Alto PAN-OS CVE-2024-0012 and CVE-2024-9474 Palo Alto Networks customers grapple with another actively exploited zero-day | Cybersecurity Dive Unpatched zero-days in Fortinet and Palo Alto Networks software Palo Alto Networks' customer migration tool hit by trio of CVE exploits | Cybersecurity Dive Readout of President Joe Biden's Meeting with President Xi Jinping of the People's Republic of China | The White House Easterly to step down from CISA director role on Inauguration Day | Cybersecurity Dive Top White House cyber official urges Trump to focus on ransomware, China Ransomware gang Akira leaks unprecedented number of victims' data in one day Hacker Is Said to Have Gained Access to File With Damaging Testimony About Gaetz 1,400 Pegasus spyware infections detailed in WhatsApp's lawsuit filings NSO Group admits cutting off 10 customers because they abused its Pegasus spyware, say unsealed court documents | TechCrunch Ransomware gang Akira leaks unprecedented number of victims' data in one day Ohio man behind Helix cryptocurrency mixer gets 3-year sentence O2 unveils Daisy, the AI granny wasting scammers' time - Virgin Media O2 Understanding the Efficacy of Phishing Training in Practice Bunnings facial recognition cameras breach Privacy Act, retailer to challenge ruling | news.com.au — Australia's leading news site Nudity, punches in newly released Bunnings CCTV as company found to breach Privacy Act | news.com.au — Australia's leading news site Bitfinex Hack Launderer Heather 'Razzlekhan' Morgan Sentenced to 18 Months in Prison

Three Buddy Problem - Episode 18: This week's show covers the White House's new Traffic Light Protocol (TLP) guidance, Reuters expose of Appin as a hack-for-hire mercenary company, Fortinet zero-day exploitation and missing CSRB investigations, major cryptocurrency heists, Apple opening Private Cloud Compute to public inspection, Russians removed from Linux kernel maintenance and China's Antiy beefing with Sentinel One over APT reporting. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs) (SentinelLabs), Costin Raiu (https://twitter.com/craiu) (Art of Noh) and Ryan Naraine (https://twitter.com/ryanaraine) (SecurityWeek).

In this edition of Between Two Nerds Tom Uren and The Grugq look at Google's review of 0days in 2023. They discuss what this kind of information tells us and how Google's perspective influences the report.

In this podcast, I interview Michael Ness about bug bounty automation and scaling 0 days to get multiple payouts for a single bug. We also talk about how to make the automation better and about some tips to upcoming bug hunters.

Guess who's back with a brand new ra..Podcast. Its Ed, Alex and Will! In this episode we bring you cyber news topics; LAPSUS$ hacking T-Mobile, Google/Mandiant 0day reports and Russian hackers new money laundering challenges. Topic of the week discusses breach notification, using Troy Hunt's recent fun with Avvo as an example. Secrets from the SOC is one of our favourites - We ask each other what SOC tools we WISH we had, that don't exist today. We would love to hear from you: info@hackableyou.com

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/ddr4-rowhammer-azure-bugs-essential-0days-and-backdoored-ida.html North Korea is at it again targeting researchers, 0day hoarding, breaching secure hardware, and fuzzing on this weeks episode. [00:01:15] Spot the Vuln - Beyond the Grave [00:03:50] ESET Research discovered a trojanized IDA Pro installer, distributed by the #Lazarus APT group [00:12:39] Why Zero-Days Are Essential to Security - Randori [00:29:32] Blacksmith - Rowhammer Returns [00:43:04] Fuzzing Microsoft's RDP Client using Virtual Channels: Overview & Methodology [00:57:45] Microsoft Azure Sphere Security Monitor SMSyscallCommitImageStaging stage-without-manifest denial of service vulnerability [01:04:53] Microsoft Azure Sphere Kernel GPIO_SET_PIN_CONFIG_IOCTL information disclosure vulnerability The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week: Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits. The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec You can also join our discord: https://discord.gg/daTxTK9 Or follow us on Twitter (@dayzerosec) to know when new releases are coming.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/ios-0days-apache-dubbo-rces-and-npm-bugs.html Some of Apple's XPC services are leaking information, Finder has an RCE, and some CodeQL use to find many RCEs in Apache Dubbo. [00:00:38] macOS Finder RCE [00:06:11] AWS WorkSpaces Remote Code Execution [CVE-2021-38112] [00:10:09] Disclosure of three 0-day iOS vulnerabilities and critique of Apple Security Bounty program [00:26:51] 5 RCEs in npm for $15,000 [00:42:32] Apache Dubbo: All roads lead to RCE The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week: Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits. The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec You can also join our discord: https://discord.gg/daTxTK9 Or follow us on Twitter (@dayzerosec) to know when new releases are coming.

If you scroll through the headlines in cybersecurity, you will often see topics that grab the readers' attention. Correct me if I am wrong, but you've probably read a lot about State-sponsored APT attacks, ransomware, bug bounty programs, disclosure of 0Days, zero day usage, what color hat a hacker is. While I could go on with topics, I think that we are on the same page. One of the things that we often don't discuss when it comes to this topic is what is and what is NOT ethical. Subscribers to the Kaspersky Transatlantic Cable podcast may remember that this was a topic that David and I tapped into with Ivan Kwiatkowski discussed on a podcast a few weeks ago. Over the past few months, Ivan and I have been discussing this quite regularly and decided to hop into the topic in some more depth. After crossing all the T's and dotting the I's with our internal stakeholders, we were able to pull together a crew to discuss and debate some of the topics that play into this space. Our guests included my usual co-host David Buxton, Aseel Kayal and Runa Sandvik – make sure to follow these folks on the Twitter. During our near 2-hour conversation, we discuss a wide ranging of topics, including: • Competetive collaboration between infosec vendors • Disclosure • Role of government and private companies for user security • Attribution • Does threat intelligence help adversaries? • Governments hoarding 0days There is much more in there and will definitely help pique the interest of anyone working within the space.

Twitter: mpgn: https://twitter.com/mpgn_x64 itm4n: https://twitter.com/itm4n Blog: https://itm4n.github.io/ Github projects: PrivescCheck: https://github.com/itm4n/PrivescCheck FullPowers: https://github.com/itm4n/FullPowers PrintSpoofer: https://github.com/itm4n/PrintSpoofer

Twitter: mpgn: https://twitter.com/mpgn_x64 itm4n: https://twitter.com/itm4n Blog: https://itm4n.github.io/ Github projects: PrivescCheck: https://github.com/itm4n/PrivescCheck FullPowers: https://github.com/itm4n/FullPowers PrintSpoofer: https://github.com/itm4n/PrintSpoofer

Major DELTA from today and strange coincidence surrounding it, plus perhaps an explanation of the !0Days of Darkness phrase, New details about incoming DECLAS and Haspel and Wray working together to block it PLUS a MAJOR REVELATION from Burma regarding Joe Biden and BRIBES! Plus Kayleigh McEnany test positive. THIS CHANNEL HAS BEEN DEMONETIZED, YOU CAN STILL SUPPORT WITH OPTIONS BELOW & FIND ME ON OTHER PLATFORMS: Use the FREE Cash App: Try Cash App using my code, and you’ll get $10 when you send $5! Click here: https://cash.me/app/JLVVXLX If you already have it, use my special code” One time donation with Cash App: $RedPill78 ► Donate to RedPill78: http://www.Paypal.me/RedPill78News  SEND AS FRIENDS AND FAMILY - NO FEES - UNCHECK THE GOODS & SERVICES BOX ► https://www.subscribestar.com/redpill78 ► Patreon: https://www.patreon.com/RedPill78 NEW REDPILL78 AUDIO PODCAST - https://cms.megaphone.fm/channel/redpillnews?selected=REP4109872238 If you wish to send a check or money order you can make it out to RedPill78, address below LBRY is a new blockchain video host that auto uploads all my videos, plus if you join this free service using my link, the system gives me free crypto: https://lbry.tv/$/invite/@RedPill78:e Follow me once you're there @RedPill78 FOLLOW ME ON GAB: https://gab.com/RedPill78 Parler: https://parler.com/profile/Redpill78/posts https://www.brighteon.com/channels/redpill78 https://www.bitchute.com/channel/ckAsk0HlOn5w/ PLEASE SUB TO BACKUP CHANNELS! IF SOMETHING HAPPENS I WILL PUBLISH THERE! ► https://www.youtube.com/channel/UCsLJ4pNyJ_xWyYQK14vGaXw ► https://www.youtube.com/channel/UCBuQpiTmgB7swLEjnVn0rTQ ► New RedPill78 Merch Store: https://teespring.com/stores/redpill78 ► Donate to M3thods: http://www.paypal.me/M3thods ► Digital Asset Donations if you know Crypto: 1AGKFmLt7qEEDawXKPiSKfVyYXixjdbozW Bitcoin Donations qqg9e623rtqrcym9wer32zj6sclptxx6ey938hgd74 BitcoinCash Donations 0xd13399E491c78195ea576295439889891DAC7374 Ethereum Donations LU66sxkwgg8tWQnecvrLA4qaBrWXQLcYW8 LiteCoin Donations RedPill78@protonmail.com RedPill78 993 “C” S. Santa Fe Ave  #245 Vista, CA  92083 Some video elements provided by: https://creativecommons.org/licenses/by/4.0/ https://royaltyfreetube.com Music: Fri. & Sat. Night Live Intro: Night Stalker by Wave Saver Outro: Alienated by Elfl Occams Razor/Comfy Sunday: Sunset Drive by Future Joust Outro: Arctic Peach by Luwaks Red Pill News: Edge of Discovery by Big Business

Special Guest Inês Narciso (@IWN_LX) – Ines worked in the Portuguese Intelligence Service for 12 years. She started up doing OSINT in 2008 and later became an OSINT and online undercover operations project manager. In 2019, she joined Iscte Iul a Lisbon University where she teaches Digital Methods and conducts research on disinformation. Since then, she's also built a company that uses OSINT to find people's ancestors and build family trees. In her spare time, she also helps pro bono fellow journalists in Portugal and abroad in their investigations and women who have been a victim of revenge porn or intimate image abuse. People in this Episode Micah Hoffman (@webbreacher) Nico (@DutchOSINTGuy) Matthias Wilson (@mwosint) Nixintel Lorand Bodo Sector035 Ritu Gill (@OSINTTechniques) Links to what we discussed Protecting personal privacy against unauthorized deep learning models: https://sandlab.cs.uchicago.edu/fawkes/ Search for videos across 60 platforms: https://www.peteyvid.com/ Estimate the size of a crowd with this tool: https://www.mapchecking.com/ Twitter thread about the video conferencing platform Zoom: https://twitter.com/securitytrails/status/1284187387103457282 Great verification case study in French: https://ledesk.ma/desintox/le-bonimenteur-de-habanos-sa-encore-frappe-il-sest-paye-un-panama-paper/ Twitter search tricks: https://www.labnol.org/internet/twitter-search-tricks/13693/ Improved face detection software that even works on animals: https://www.omgubuntu.co.uk/2020/07/digikams-improved-face-detection-for-photos-even-works-on-animals Blog that has started dropping “0Days” with regards to the TOR project: https://www.hackerfactor.com/blog/index.php?/archives/888-Tor-0day-Stopping-Tor-Connections.html New Telegram update: https://telegram.org/blog/profile-videos-people-nearby-and-more Upcoming virtual OSINT Symposium between 10 and 13 October: https://www.osintsymposium.com/event-details/australian-osint-symposium-1 Self Promotion Learn more about Ines's work: https://medialab.iscte-iul.pt/ (in Portuguese with some English articles) The Open Source Intelligence Skills-building Conference (October 2020): https://www.osmosiscon.com/ German Open Source Intelligence Conference (GOCON): https://www.gosintcon.de/ – if you have any questions, reach out to Matthias (@mwosint) --- Support this podcast: https://anchor.fm/osintcurious/support

Are iOS 0days now worthless? Can you hack a satellite...or hackerone? Are WAFs worthwhile? And more on a fairly discussion heavy episode of DAY[0]. [00:00:52] [UPDATE] Huawei HKSP Introduces Trivially Exploitable Vulnerability https://github.com/cloudsec/aksp/blob/master/hksp.patch [00:11:59] iOS one-click chains prices likely to drop https://www.hackasat.com/ [00:33:30] Defcon Quals 2020 https://hxp.io/blog/72/DEFCON-CTF-Quals-2020-notbefoooled/ [00:46:33] vBulletin 5.6.1 SQL Injection [00:52:52] Subdomain takeover of resources.hackerone.com [01:01:11] MyLittleAdmin PreAuth RCE [01:06:13] DOM-Based XSS at accounts.google.com by Google Voice Extension. [01:16:47] Playing with GZIP: RCE in GLPI [CVE-2020-11060] [01:36:24] Reverse RDP - The Path Not Taken [01:44:19] PrintDemon: Print Spooler Privilege Escalation, Persistence & Stealth [CVE-2020-1048] https://twitter.com/VbScrub/status/1260598344650539009 [01:53:34] Security Flaws in Adobe Acrobat Reader Allow Malicious Program to Gain Root on macOS Silently [02:00:29] Cloud WAF Comparison Using Real-World Attacks https://medium.com/fraktal/cloud-waf-comparison-part-2-e6e2d25f558chttps://en.wikipedia.org/wiki/Server_Side_Includes [02:18:20] Fuzzing TLS certificates from their ASN.1 grammar [02:22:25] DHS CISA and FBI share list of top 10 most exploited vulnerabilities Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST) Or the video archive on Youtube (@DAY[0])

Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST) Or the video archive on Youtube (@DAY[0]) [00:05:23] Apple v. Corellium [00:12:04] Firefox to Discontinue Sideloaded Extensions [00:16:52] Delegated Credentials for TLS [00:23:02] North Korean Malware Found on Indian Nuclear Plant's Network [00:28:20] The Pirate Bay Downtime Caused by Malicious Search Queries [00:29:30] Web.com Breach (allegedly includes NetworkSolutions.com and Register.com) [00:32:28] BlueKeep attacks are happening, but it's not a worm https://www.kryptoslogic.com/blog/2019/11/bluekeep-cve-2019-0708-exploitation-spotted-in-the-wild/ [00:36:13] Untitled Goose Game - Insecure Deserialization [00:39:58] Two Chrome 0Days get Patched [00:42:45] NFC Beaming Bypasses Security Controls in Android [CVE-2019-2114] [00:45:43] Abusing HTTP Hop-by-hop Request Headers [00:50:54] Let's Make Windows Defender Angry: Antivirus Can be an Oracle! -icchy https://en.wikipedia.org/wiki/EICAR_test_file [00:56:54] rConfig v3.9.2 authenticated and unauthenticated RCE (CVE-2019-16663) and (CVE-2019-16662) [01:02:26] Making an Invisibility Cloak: Real World Adversarial Attacks on Object Detectors [01:07:26] Silhouette: Efficient Intra-Address Space Isolation for Protected Shadow Stacks on Embedded Systems [01:19:46] unfork(2) [01:23:51] Destroying x86_64 instruction decoders with differential fuzzing https://github.com/zyantific/zydis

Armed with iOS 0days, hackers indiscriminately infected iPhones for two years, Google throws bug bounty bucks at mega-popular third-party apps, How MuleSoft patched a critical security flaw and avoided a disaster, Jack Dorsey's Twitter account got hacked, Attackers are exploiting vulnerable WP plugins to backdoor sites, and much more! We then talk with Larry Alston, who is the GM of Cloud at Tufin. He will be talking about developing and enforcing security policies in the cloud. To learn more about Tufin, visit: https://securityweekly.com/tufin Full Show Notes: https://wiki.securityweekly.com/HNNEpisode232 Visit http://hacknaked.tv to get all the latest episodes!

Watch the DAY[0] podcast live on Twitch every Monday afternoon at 12:00pm PST (3:00pm EST) -- https://www.twitch.tv/dayzerosec [00:00:37] - Huawei Cyber Security Evaluation Report [00:14:22] - Assange Arrest [00:24:55] - Matrix Compromise [00:32:20] - Outlook Compromise [00:43:39] - Ghidra Source Release [00:49:18] - Relyze 3 Beta (Another Free Decompiler) [00:56:30] - Fracker (New PHP Tool) [01:01:11] - Discussion about EncryptCTF and challenge design [01:25:24] - Dragonblood/WPA3 Vulnerabilities [01:32:21] - CVE-2019-0211 Apache Root Privilege Escalation [01:41:27] - Detailing of CVE-2019-1636 and CVE-2019-6739 in QT [01:49:47] - Splitting Atoms in XNU [02:06:39] - PostgreSQL is it a CVE? [02:11:41] - RELOAD+REFRESH: Abusing Cache Replacement Policies to Perform Stealthy Cache Attacks [02:26:45] - The ROP Needle: Hiding Trigger-based Injection Vectors via Code Reuse [02:29:30] - Assessing Unikernel Security

This week, a Severe RCE vulnerability affected popular StackStorm Automation software, Crowdfense is willing to pay $3 Million for iOS and Android Zero-Days, Equifax neglected cyber security prior to breach, Google launches new Cloud Security services, and an unprotected MongoDB instance exposes 800 million emails! Jason Wood from Paladin Security joins us for expert commentary on how a researcher claims an Iranian APT is behind a 6TB Data Heist at Citrix!   Full Show Notes: https://wiki.securityweekly.com/HNNEpisode210 Visit https://www.securityweekly.com/hnn for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Severe RCE vulnerability affected popular StackStorm Automation software, Crowdfense is willing to pay $3 Million for iOS and Android Zero-Days, Equifax neglected cyber security prior to breach, Google launches new Cloud Security services, and an unprotected MongoDB instance exposes 800 million emails! Jason Wood from Paladin Security joins us for expert commentary on how a researcher claims an Iranian APT is behind a 6TB Data Heist at Citrix! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode210 Visit http://hacknaked.tv to get all the latest episodes!

This week, a Severe RCE vulnerability affected popular StackStorm Automation software, Crowdfense is willing to pay $3 Million for iOS and Android Zero-Days, Equifax neglected cyber security prior to breach, Google launches new Cloud Security services, and an unprotected MongoDB instance exposes 800 million emails! Jason Wood from Paladin Security joins us for expert commentary on how a researcher claims an Iranian APT is behind a 6TB Data Heist at Citrix!   Full Show Notes: https://wiki.securityweekly.com/HNNEpisode210 Visit https://www.securityweekly.com/hnn for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Welcome to another episode of Hack Naked TV recorded December 17th 2015. Aaron talks about the FBI using 0-Days, Drone Registration, Root DNS attack, and RCE in FireEye.

Welcome to another episode of Hack Naked TV recorded December 17th 2015. Aaron talks about the FBI using 0-Days, Drone Registration, Root DNS attack, and RCE in FireEye.