Podcasts about cryptominer

[Referências do Episódio] From Dormant to Dangerous: P2Pinfect Evolves to Deploy New Ransomware and Cryptominer - https://www.cadosecurity.com/blog/from-dormant-to-dangerous-p2pinfect-evolves-to-deploy-new-ransomware-and-cryptominer  New attack uses MSC files and Windows XSS flaw to breach networks - https://www.bleepingcomputer.com/news/security/new-grimresource-attack-uses-msc-files-and-windows-xss-flaw-to-breach-networks/  GrimResource -  Microsoft Management Console for initial access and evasion - https://www.elastic.co/security-labs/grimresource  페이스북과 MS관리콘솔을 활용한 Kimsuky APT 공격 발견 - https://www.genians.co.kr/blog/threat_intelligence/facebook  Polyfill supply chain attack hits 100K+ sites - https://sansec.io/research/polyfill-supply-chain-attack  Polyfill.io JavaScript supply chain attack impacts over 100K sites - https://www.bleepingcomputer.com/news/security/polyfillio-javascript-supply-chain-attack-impacts-over-100k-sites/  8220 Mining Gang's New Tool: k4spreader - https://blog.xlab.qianxin.com/8220-k4spreader-new-tool-en/  UAC-0184 Abuses Python in DLL Sideloading for XWORM Distribution - https://cyble.com/blog/uac-0184-abuses-python-in-dll-sideloading-for-xworm-distribution/  Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

https://discord.gg/qQvXnUyeH2 Shrnutí týdne 43/23. Kapitoly: 00:00 Úvod 01:08 Falešná Aplikace WhatsApp Šíří Spyware 02:30 Cloudový CryptoMiner 03:46 Sandworm Způsobil Výpadek Elekřiny na Ukrajině 05:18 Severní Korea Implantuje MacOS Malware 06:35 Vlády se Shodli Na Boji Proti Ransomwaru 07:41 Meme of The Week Odkazy a zdroje: Cryptocurrency Miner Leveraging Microsoft Azure | SafeBreach CanesSpy Spyware Discovered in Modified WhatsApp Versions (thehackernews.com) Vlády se shodly na koordinovaném boji proti ransomwaru - Computerworld www.stanovo.cz #ITBezpecnost #IT #Novinky #Bezpecnost #Česko #Kriminalita #Cloud #Cryptominer

Starting spanish school and also what is this ugly animal in my bathroom

This episode reports on a data-stealing gang that's added ransomware to its arsenal, a new UK law forcing social media platforms to police harmful content and more

I need to fart open your mouth & heart to me

This city is very unique with its own many different personalities

sharing some thoughts and reflections

Football coach, new life goals and expectations

This podcast was inspired by Rum

What up world

Overnighters, Episode 571: BlockGPT Rug Pull CryptoMiner Turns AI Data Center Atomic Wallet Hacked and More Collect the Cover:  awrd.gg/5218 The TL;DL   BlockGPT Rug Pull - BlockGPT, a Web3 company, has been exposed for a rug pull scam, defrauding users of $256,000 in pre-sale funds. The scam has drawn criticism towards Bloomberg for inadequate disclaimers. Atomic Wallet Hacked - Atomic Wallet, a decentralized wallet, has suffered a security breach, leading to significant losses for users. The specifics of the attack remain unknown, and investigations are ongoing. XRP Lawyer Hacked - John Deaton, a lawyer representing XRP tokenholders, experienced a phone hack during a cyberattack. The incident led to the dissemination of false information and misleading financial data. Uniswap Scam Alert - Hayden Adams, Uniswap's creator, has warned about a scam involving a fake Uniswap website. The elaborate scam included a deceptive video featuring individuals pretending to be Uniswap executives. Crypto Miner Turns AI Data Center - Microsoft has partnered with CoreWeave, a former Ethereum miner, to use its cloud computing infrastructure for AI services. The deal is expected to involve billions of dollars over multiple years. Elliptic Integrates ChatGPT - Cryptocurrency risk management firm Elliptic has integrated ChatGPT to enhance its ability to detect crypto threats. The integration aims to improve the speed and accuracy of identifying new risks. Crypto Overnighter Podcast (6/4/2023): Welcome back to the Crypto Overnighter with your host, Nikodemus. We provide nightly updates on cryptocurrency, NFTs, the metaverse, and the surrounding industry. Remember, this show does not offer financial advice. Email: nick@cryptoovernighter.com Salem Friends of Felines: https://sfof.org/ Twitter: https://twitter.com/CryptoCorvus1 Patreon: https://www.patreon.com/user?u=67416221

This will be one of my most offensive podcast to date. i try to find new ways to be offensive and disrespectful after it is social media THIS IS NOT REAL!!!!! lol relax crazies

these whores are super loco lol i hope this show is very offensive to you. it was your choise to listen to this foolishness

Where is he???

Good morning

It is amazing the amount of peace the dollar can provide when introduced to the best situations.

You tell me the description

Progress c ontinues to be made. I have so many things going at the same time. Yikes. I will share a portion with you

What kind of surprises do i have for todays show...........

Reflecting, exploring different life styles

I needed a mental break had to find a way to snap out of the funk I was in. #VIBEWITHME Join me on my journey through life's discoveries.

Whats up people Are mining MEWC Meow coin? HOLD HOLD HOLD

Stand with Ye "Kanye West" formerly known as. It dont matter if it "dont sound good" truth is the truth !!!!

Taking a dump and randomly recording the sounds of it

Video - https://youtu.be/gq_d48L7Nhw A popular Desktop App turns out to be Malware. It turns itself into a Cryptominer. If you find my videos helpful, please buy me a cup of coffee - https://ko-fi.com/bob3160 --- Support this podcast: https://anchor.fm/norbert-gostischa/support

Chat app used as a backdoor PyPi package drops crytominer Access to corporate networks sees a value dip Thanks to today's episode sponsor, 6clicks Protect your supply chain from third-party risk with the power of 6clicks. Organizations can better manage their vendor risk by automating the vendor assessment lifecycle and detecting vendor assessment findings. Users can identify and raise risks linked to vendors post-assessment and group them into risk registers. Then, manage, remediate and report on risks directly from 6clicks. For more information visit 6clicks.com/cisoseries.

AT&T SSN Database, Twilio Breach, PyPI Cryptominer, Log4j, CISA Warning & More Cybersecurity News CyberHub Podcast August 15th, 2022 Today's Headlines and the latest #cybernews from the desk of the #CISO: AT&T denies connection to database of 23 million SSNs Twilio: 125 customers affected by data breach, no passwords stolen Newly Uncovered PyPI Package Drops Fileless Cryptominer to Linux Systems CISA, FBI Warn Organizations of Zeppelin Ransomware Attacks Log4j problem is not over, may take ‘a decade or longer' Chinese Cyberspies Use Supply Chain Attack to Deliver Windows, macOS Malware Story Links: https://therecord.media/att-denies-connection-to-database-of-23-million-ssns-says-it-may-be-tied-to-credit-agency-breach/ https://www.bleepingcomputer.com/news/security/twilio-125-customers-affected-by-data-breach-no-passwords-stolen/ https://thehackernews.com/2022/08/newly-uncovered-pypi-package-drops.html https://www.securityweek.com/cisa-fbi-warn-organizations-zeppelin-ransomware-attacks https://therecord.media/dhs-undersecretary-log4j-problem-is-not-over-may-take-a-decade-or-longer/ https://www.securityweek.com/chinese-cyberspies-use-supply-chain-attack-deliver-windows-macos-malware “The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine The Practitioner Brief is sponsored by: Your BRAND here - Contact us for opportunities today! ****** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Digital Debate, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-azar-a1655316/ Telegram: CyberHub Podcast ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/c/TheCyberHubPodcast Rumble: https://rumble.com/c/c-1353861 s Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure. Thank you for watching and Please Don't forget to Like this video and Subscribe to my Channel! #cybernews #infosec #cybersecurity #cyberhubpodcast #practitionerbrief #cisotalk #ciso #infosecnews #infosec #infosecurity #cybersecuritytips #podcast #technews #tinkertribe #givingback #securitytribe #securitygang #informationsecurity

A daily look at the relevant information security news from overnight - 07 July, 2022Episode 260 - 07 July 2022North Korean Maui Zowie- https://www.zdnet.com/article/fbi-these-hackers-are-targeting-healthcare-records-and-it-systems-with-maui-ransomware/ Linux and Windows RedAlert - https://www.bleepingcomputer.com/news/security/new-redalert-ransomware-targets-windows-linux-vmware-esxi-servers/CuteBoi NPM Mining - https://thehackernews.com/2022/07/over-1200-npm-packages-found-involved.htmlSHI Attacked- https://www.bleepingcomputer.com/news/security/it-services-giant-shi-hit-by-professional-malware-attack/Linux in OrBit - https://thehackernews.com/2022/07/researchers-warn-of-new-orbit-linux.htmlHi, I'm Paul Torgersen. It's Thursday July 7th 2022, and this is a look at the information security news from overnight. From ZDNet.comSeveral US agencies have issued an alert that North Korean sponsored attackers are targeting healthcare and public health organizations with the Maui ransomware. The warnings say these attacks have been going on since at least May of 2021, but they are still not sure of the initial attack vector. Early analysis suggests the malware is designed for attackers to manually select files for encryption, as opposed to encrypting all files wholesale. Details and a link to the advisory in the article. From BleepingComputer.com:A new ransomware operation called RedAlert, or N13V, targets both Windows and Linux VMWare ESXi servers with command-line options that allow the threat actors to shut down any running virtual machines before encrypting files. Victims are directed to a TOR site to pay a ransom in Monero to receive the decryptors. Details in the article. From TheHackerNews.com:Researchers have found a large-scale crypto mining campaign targeting the NPM JavaScript package repository. The malicious activity, attributed to a threat actor called CuteBoi, involves an array of 1,283 rogue modules from over 1,000 different user accounts using automation which includes the ability to pass the NPM 2FA challenge. Much of the source code in this attack is nearly identical to EazyMiner. From BleepingComputer.comSHI International has confirmed that a malware attack forced them to bring some of their systems, including email and public websites, offline. They described it as a coordinated and professional malware attack. The company says no customer data was exfiltrated and that third party systems in its supply chain were unaffected. No word on the threat actor or malware strain involved. And last today, from TheHackerNews.comResearchers have uncovered a new Linux threat dubbed OrBit, the fourth Linux targeting malware discovered in the past three months. This one can be installed either with persistence capabilities or as a volatile implant, and implements advanced evasion techniques. It ultimately provides the threat actors with remote access capabilities over SSH, harvests credentials, and logs TTY commands. Details on the article. That's all for me today. Have a great rest of your day. Like and subscribe, and until tomorrow, be safe out there.

Getting ready for cvc next week. Come have a listen to some randomness

A daily look at the relevant information security news from overnight - 30 June, 2022Episode 255 - 30 June 2022OpenSea Makes Waves- https://techcrunch.com/2022/06/30/nft-opensea-data-breach/ XFiles XPands - https://www.bleepingcomputer.com/news/security/xfiles-info-stealing-malware-adds-support-for-follina-delivery/8220 Miner Upgrade- https://www.zdnet.com/article/microsoft-warning-this-malware-that-targets-linux-just-got-a-big-update/Brocade Broken - https://www.securityweek.com/brocade-vulnerabilities-could-impact-storage-solutions-several-major-companiesAstraLocker Attack - https://www.bleepingcomputer.com/news/security/astralocker-20-infects-users-directly-from-word-attachments/Dangling Chromium - https://portswigger.net/daily-swig/chromium-browsers-vulnerable-to-dangling-markup-injectionHi, I'm Paul Torgersen. It's Thursday June 30th 2022, happy birthday Jayden, and this is a look at the information security news from overnight. From TechCrunch.comNFT marketplace OpenSea, has suffered a massive data breach. It seems a staffer at their vendor Customer.io shared the entire email database with a third party. If you have shared your email with OpenSea at any time in the past, you should assume you were impacted. Be on the lookout for targeted phishing emails coming your way. From BleepingComputer.com:These next two are quick hits on malware strains upgrading their exploits. The XFiles info-stealer has added a delivery module that exploits the Windows Follina vulnerability. On a side note, XFiles has also recruited new members recently and is launching new products. Details in the article. From ZDNet.com:Along those same lines, Microsoft is warning about notable updates to malware targeting Linux servers to install cryptominers and IRC bots. The 8220 gang has added new functionality to exploit the recent Confluence vulnerability, as well as an old 2019 WebLogic bug. Details in the article. From SecurityWeek.com:Broadcom revealed that the Brocade SANnav storage area network is affected by nine vulnerabilities, some of which could impact the products of their partner companies, such as HPE, NetApp, Oracle, Dell, Fujitsu, IBM, Lenovo and others. There is no evidence as of yet that these have been exploited in the wild, but get your patch on kids. From BleepingComputer.comThe ransomware strain called AstraLocker has recently released its second major version that drops its payload directly from email attachments. Specifically Word docs. Obviously this smash and grab type of attack is looking for quick payouts and not trying for persistence or lateral movement. Full write up in the article. And last today, from PortSwigger.netA recently-patched security hole in Chromium browsers allowed attackers to bypass safeguards against dangling markup injection, and extract sensitive information from webpages. While dangling markup injection is well-known and -addressed in Chrome, the new attack took advantage of an unaddressed case in how the browser upgrades unsafe HTTP connections. You know where to find the details. That's all for me today. Have a great rest of your day. Like and subscribe, and until tomorrow, be safe out there.

WOW how did we finish how did I finish YIKES!!!!!!

WOW put in some work. Updating my targets and goals

Grinding in this clan verses clan tourny in Raid Shadow Legends. As well as reading up on some crypto industry "news" and perspectives

My goodess it has a been a long week and day already

Im sitting in my bathroom taking a huge crap right now

Oh and another thing.....

about to hit these streets Get this bike ride in ad enjoy the sun shinning on my beautiful black skin

It's the weekend baby! Stay safe enjoy yourselfs and share my show!!!!

Wow my appologies to my subscribers and listeners on other platforms. Everything is fixed and you should be getting notified of new shows now!!

Reviewing the champions on my account as well as random thoughts about life, crypto, women and life and women

Chilling in this clan v clan challenge. As well watching money get sucked out of the crypto ecosystem. NO WORRIES "sell may & walk away" as they say lol

Chilling learing how to dominate Raid Shadow Legends while also dollar cost averaging on a few of my crypto positions

Talking about the random thoughts that come in my mind as I record live and think about cryto, and play Raid Shadow Legends #raidshadowlegends

ETH 2.0 MINER POOL TEST #VIBEWITHME Son of a tech leading charge right off the cliff

Take a dump smoking a blunt

Reading an article published by Tron Black read from tronblack.medium.com

These are the manufacturer's site and they are endorsed by Helium HNT, so go here for your miners:

"Zwei Stunden Ablenkung" So und nicht anders ist der Metercast 189 zu verstehen. Hier kann die Hörerschaft einmal den Kopf frei bekommen. Wir hoffe das ihr etwas Freude mit dieser Ausgabe des Metercast habt. Die großen Themen stehen in der Kapitelliste. Wir wünsche gute Unterhaltung. 00:07:00 #met189 00:12:24 Glasfaser 00:21:48 AirPods Pro 00:27:59 Apple-Event am 8. März: „Peek Performance“ 00:32:58 Sim Sim Sim 00:36:14 WLan neue Config 00:43:02 Steam Deck 01:09:01 Horizon Forbidden West 01:24:06 Mittel 01:37:45 Elden Ring 01:46:04 Rawiioli - Der "krumme" Ryzen 5 3600 01:49:41 Esport - #EintrachtSpandau 01:54:05 Zurück ins Office 01:58:08 Ausklang Metercast 189 auf YouTube https://youtu.be/miEMeXbfQeI Tags: #ITProbleme,#Glasfaser, #1000Synchron, #Kabelnetz, #Starlink, #Trapper, #AirPodPro, #3DAudio, #AppleReplace, #BluetoothPairing, #AppleEvent, #PeakPerformance, #FingerPrintReader, #e-Sim, #WlanRepeater, #Mesh, #AVM, #Spiegelsaal, #SteamDeck, #SpeicherUpdate, #CloudGaming, #CryptoMiner, #GraKa, #GamePass, #Konsolero, #PSPAtch, #Horizon, #DialogHerausforderung, #DieStory, #DigitalesFeedback, #Immersion, #DerGestuetzeSchuss, #Schmerztabletten, #Focus, #Kanabis, #Rauch, #Geselligkeit, #EldenRing, #LoveCraft, #SoulReaver, #Ryzen5, #LoL, #Esport, #EintrachtSpandau, #NeverEndingCovid https://www.metercast.de

Are you looking to declutter your digital life in 2022? Then we have some top tips for you! Tune in as we share how a digital declutter can improve your security in the New Year.

Norton 360, a popular antivirus product, has installed a cryptocurrency mining program on its customers' computers, some cities in Texas have been hit with a phishing scam designed to get users to pay through fraudulent QR code stickers on public parking meters, and how Facebook is still collecting data about you even if you deactivate […] The post Norton 360 Cryptominer, Fake QR Codes on Parking Meters, Facebook Account Deactivation appeared first on The Shared Security Show.

This week Bryan and Tony discuss life, antiques, Bob Sagat dying, Golden Girls, Book of Boba Fett, man arrested with lit bbq pit in his truck, parents leave an 11 year old home alone for weeks, Norton sneaks a cryptominer into its antivirus, THE QoftheW, and more!    Salty Merch: https://www.teepublic.com/user/saltylanguagepods Our Patreon: Patreon.com/saltylanguage   Links: 1. Intoxicated man arrested with lit bbq pit on his truck https://dfw.cbslocal.com/2022/01/06/texas-law-enforcement-officials-arrest-dwi-suspect-driving-with-lit-bbq-pit-in-truck-bed/ 2. Parents leave 11 year old home alone for weeks https://abcnews.go.com/US/wireStory/sheriff-couple-left-11-year-son-home-weeks-82074814 3. Norton put a cryptominer in its antivirus https://www.wired.com/story/norton-antivirus-cryptominer-nft-thefts-security-roundup/ QoftheW: What will immediately ruin a movie for you?     Subscribe / rate / review us on Apple Podcasts! Visit us at: saltylanguage.com Apple Podcasts: https://podcasts.apple.com/us/podcast/salty-language/id454587072?mt=2 Spotify: https://open.spotify.com/show/3GnINOQglJq1jedh36ZjGC iHeart Radio: http://www.iheart.com/show/263-Salty-Language/ Google Play Music: https://play.google.com/music/listen#/ps/Ixozhhniffkdkgfp33brnqolvte facebook.com/saltylanguage @salty_language / saltylanguage@gmail.com http://salty.libsyn.com/webpage  / http://www.youtube.com/user/SaltyLanguagePod Instagram: SaltyLanguage Reddit: r/saltylanguage Stitcher: https://www.stitcher.com/podcast/salty-language tangentboundnetwork.com Share with your friends!

It's the start of a brand new calendar year! And therefore it's time to engage in that annual ritual of planning to do better this year by making our list of New Year's Resolutions. To help you with the cybersecurity and privacy items on your list (an area where we all need major improvement), I will share with you my personal list of cyber goals for 2022. Yes, even security advocates can suffer from the "do as I say, not as I do" syndrome. We're all human, and there are plenty of things that I still need to get done - things that you probably need to do, too. I'll also catch you up on the latest security and privacy news: several articles popped up about a supposed data breach at LastPass that turned out to be incorrect; the US Federal Trade Commission is getting very serious about fining companies with lax cybersecurity practices in light of the Log4J/Log4Shell nightmare; clever scammers in Texas are tricking motorists into paying the wrong people for parking; Norton 360 and other antivirus software packages have started pre-installing cryptocurrency mining software on their customers' computers; TurboTax is the second major tax-filing software service to drop out of the federal Free File program; Google's adoption of the Manifest V3 specification gives users yet another reason not to use their Chrome browser; and a lawsuit in California alleges that Google's exclusive search engine deal with Apple is stifling competition and harming consumers. Article Links LastPass says there's no data breach, so your passwords were not hacked https://bgr.com/tech/lastpass-says-theres-no-data-breach-so-your-passwords-were-not-hacked/?bgr-partner=flipboard FTC to Go After Companies that Ignore Log4j https://threatpost.com/ftc-pursue-companies-log4j/177368/ QR code scammers hitting on-street parking in Texas cities https://www.click2houston.com/news/local/2022/01/05/qr-code-scammers-hitting-on-street-parking-in-texas-cities-this-is-what-houston-officials-want-you-to-know/ Norton 360 Now Comes With a Cryptominer https://krebsonsecurity.com/2022/01/norton-360-now-comes-with-a-cryptominer/ 500M Avira Antivirus Users Introduced to Cryptomining https://krebsonsecurity.com/2022/01/500m-avira-antivirus-users-introduced-to-cryptomining/ Want to file your tax return for free? TurboTax opts out of major program https://www.freep.com/story/money/personal-finance/susan-tompor/2022/01/05/how-file-your-tax-return-free-turbotax/9077019002/ Podcast on Free File report from Pro Publica: https://podcast.firewallsdontstopdragons.com/2020/01/13/why-free-file-isnt-free/ Google makes the perfect case for why you shouldn't use Chrome https://www.techrepublic.com/article/google-makes-the-perfect-case-for-why-you-shouldnt-use-chrome/ Google Basically Pays Apple to Stay Out of the Search Engine Business, Class Action Lawsuit Alleges https://www.macrumors.com/2022/01/05/google-pays-apple-stay-out-of-search/ Betty White on MFA: https://www.youtube.com/watch?v=DmIDtDAYTPA  Further Info Annual listener survey: https://bit.ly/Firewalls-survey-2022Subscribe to the newsletter: https://firewallsdontstopdragons.com/newsletter/new-newsletter/Become a Patron! https://www.patreon.com/FirewallsDontStopDragons Would you like me to speak to your group about security and/or privacy? http://bit.ly/Firewalls-SpeakerGenerate secure passphrases! https://d20key.com/#/

On this lunar mission to the Darkside, we talk to CryptoEnthusiast, CryptoMiner, CryptoConsultant, and passive-income superfan Jason Leit. We learn how he went from buying a rig to building multiple rigs to helping others build rigs. We discover who forced him to sell his ETH pre-pump and why he's a fan of MimbleWimble and coins like BEAM. We also learn about his CryptoCoinClub and why he's thinking about holding a Crypto Class in New England. Hit play to get BEAMed to the DSOTHM. https://twitter.com/jmasscoins

A daily look at the relevant information security news from overnight.Episode 221 - 20 December 2019Hornet’s nest stings - https://www.zdnet.com/article/this-grab-bag-hacking-attack-drops-six-different-types-of-malware-in-one-go/Connect(un)Wise - https://www.bleepingcomputer.com/news/security/screenconnect-msp-software-used-to-install-zeppelin-ransomware/Honda exposure - https://www.technadu.com/honda-exposes-976-million-records-containing-pii-vehicle-owners/87906/DLL hijack fixed - https://www.bleepingcomputer.com/news/software/adwcleaner-801-fixes-dll-hijacking-vulnerability/Emotet hits Germany - https://www.zdnet.com/article/frankfurt-shuts-down-it-network-following-emotet-infection/

A daily look at the relevant information security news from overnight.Episode 206 - 29 November 2019Prosegur crippled - https://www.zdnet.com/article/security-firm-prosegur-weve-shut-our-it-network-after-ryuk-ransomware-attack/Magento exposed - https://www.infosecurity-magazine.com/news/magento-marketplace-breach-exposes/imminent Monitor crushed - https://www.bleepingcomputer.com/news/security/law-enforcement-shuts-down-imminent-monitor-malware-makes-arrests/Dexphot spreads - https://threatpost.com/dexphot-malware-cryptocurrency/150634/Phishing season - https://www.bleepingcomputer.com/news/security/beware-of-thanksgiving-ecard-emails-distributing-malware/

A daily look at the relevant information security news from overnight.Episode 176 - 17 October 2019Malware WAV - https://www.bleepingcomputer.com/news/security/attackers-hide-backdoors-and-cryptominers-in-wav-audio-files/Android PoC - https://www.zdnet.com/article/security-researcher-publishes-proof-of-concept-code-for-recent-android-zero-day/Big Oracle patch - https://www.scmagazine.com/home/security-news/vulnerabilities/oracle-patches-218-security-vulnerabilities/WordPress patches - https://www.scmagazine.com/home/security-news/vulnerabilities/wordpress-patches-6-bugs/Scum of the earth arrested - https://www.zdnet.com/article/us-south-korea-officials-trace-bitcoin-transactions-to-take-down-massive-child-porn-site/

MedusaHTTP Malware https://isc.sans.edu/forums/diary/Recent+example+of+MedusaHTTP+malware/25234/ Cryptominer uses DuckDNS for C&C https://www.varonis.com/blog/monero-cryptominer/ Intel NUC Vulnerabilities https://www.intel.com/content/www/us/en/security-center/default.html HTTP/2 Vulnerabilities https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md

A daily look at the relevant information security news from overnight.Episode 132 - 15 August 2019All Windows vuln - https://threatpost.com/20-year-old-bug-legacy-microsoft-windows-users/147336/Miner on Task - https://www.zdnet.com/article/this-new-cryptojacking-malware-uses-a-sneaky-trick-to-remain-hidden/Intel patches - https://www.bleepingcomputer.com/news/security/intel-updates-nuc-firmware-to-patch-high-severity-bug/Biometrics leak - https://www.zdnet.com/article/major-biometrics-data-leak-impacts-police-banks-enterprise-companies/Phishing with Google - https://www.bleepingcomputer.com/news/security/phishing-campaign-uses-google-drive-to-bypass-email-gateways/

MedusaHTTP Malware https://isc.sans.edu/forums/diary/Recent+example+of+MedusaHTTP+malware/25234/ Cryptominer uses DuckDNS for C&C https://www.varonis.com/blog/monero-cryptominer/ Intel NUC Vulnerabilities https://www.intel.com/content/www/us/en/security-center/default.html HTTP/2 Vulnerabilities https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md

A daily look at the relevant information security news from overnight.Episode 127 - 08 August 2019Smominru expands - https://threatpost.com/smominru-cryptominer-scrapes-credentials-half-million-machines/147038/Clipsa the brute - https://www.zdnet.com/article/new-windows-malware-can-also-brute-force-wordpress-websites/LokiBot adds steganography - https://www.bleepingcomputer.com/news/security/lokibot-uses-image-files-to-hide-code-for-unpacking-routine/State Farm brute = https://www.zdnet.com/article/state-farm-says-hackers-confirmed-valid-usernames-and-passwords-in-credentials-stuffing-attack/Leapfrog too chatty - https://www.digitaltrends.com/news/leapfrog-flaw-could-have-exposed-childrens-info-and-location/

VLC not Vulnerable to libebml Vulnerablity https://threader.app/thread/1153963312981389312 Cryptominer With BlueKeep Scanner https://www.intezer.com/blog-watching-the-watchbog-new-bluekeep-scanner-and-linux-exploits/ Elasticsearch Vulnerabilities used to install DDoS Bot https://blog.trendmicro.com/trendlabs-security-intelligence/multistage-attack-delivers-billgates-setag-backdoor-can-turn-elasticsearch-databases-into-ddos-botnet-zombies/ May People Be Considered As IOC? https://isc.sans.edu/forums/diary/May+People+Be+Considered+as+IOC/25166/

VLC not Vulnerable to libebml Vulnerablity https://threader.app/thread/1153963312981389312 Cryptominer With BlueKeep Scanner https://www.intezer.com/blog-watching-the-watchbog-new-bluekeep-scanner-and-linux-exploits/ Elasticsearch Vulnerabilities used to install DDoS Bot https://blog.trendmicro.com/trendlabs-security-intelligence/multistage-attack-delivers-billgates-setag-backdoor-can-turn-elasticsearch-databases-into-ddos-botnet-zombies/ May People Be Considered As IOC? https://isc.sans.edu/forums/diary/May+People+Be+Considered+as+IOC/25166/

Researchers at Guardicore Labs have been tracking an unusual cryptominer that seems to be based in China and is targeting Windows MS-SQL and phpMyAdmin servers. Some elements of the exploit make use of sophisticated components previously associated with nation-state actors. Ophir Harpaz and Daniel Goldberg are members of the Guardicore Labs team, and they join us to explain their findings. The research can be found here -  https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/

Researchers at Guardicore Labs have been tracking an unusual cryptominer that seems to be based in China and is targeting Windows MS-SQL and phpMyAdmin servers. Some elements of the exploit make use of sophisticated components previously associated with nation-state actors. Ophir Harpaz and Daniel Goldberg are members of the Guardicore Labs team, and they join us to explain their findings. The research can be found here -  https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/ The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.  

This episode focuses on topics introduced by the following TechGenix articles: - Move over, ransomware: Cryptominer malware now ‘No. 1 threat’ - Crucial lessons for the IT world from recent data breaches - Cloud migration: Yes, there’s always some measure of risk involved

In today's podcast, we hear that ProtonMail was hit this morning by an Apophis Squad DDoS attack. Rancor cyberespionage campaign observed in Southeast Asia. PythonBot serves up adware and cryptojacking. WannaCry-themed protection racket is all bark and no bite. EU organizing a joint cyber incident response force. FBI and international partners make arrests in an Africa-based business email compromise racket. Reality Winner's guilty plea. Emily Wilson from Terbium labs with a story of a six-year-old dealing with identity theft. Guest is Paul Aubin from Varonis on the protection of federal systems. 

We discuss Apple's recent operating system updates - and the one they didn't update - cover some new malware, and then take a close look at using parental controls on the Mac and on iOS. iCloud security overview (for Messages in the Cloud) (https://support.apple.com/en-us/HT202303) AirPlay 2 (https://www.apple.com/airplay/) Apple HomePod Review: Superior Sound, but Limited by Siri How to Choose the Right Hard Disk for Your Mac 4 Types of Backup Hard Drives for Mac Russian hackers mass-exploit routers in homes, govs, and infrastructure (https://arstechnica.com/tech-policy/2018/04/russian-hackers-mass-exploit-routers-in-homes-govs-and-infrastructure/) Hackers infect 500,000 consumer routers all over the world with malware (https://arstechnica.com/information-technology/2018/05/hackers-infect-500000-consumer-routers-all-over-the-world-with-malware/) FBI tells router users to reboot now to kill malware infecting 500k devices (https://arstechnica.com/information-technology/2018/05/fbi-tells-router-users-to-reboot-now-to-kill-malware-infecting-500k-devices/) Cryptominer ‘mshelper’ Targets macOS: What You Need to Know Episode #30: What Is a Firewall, and How Does it Work? Tit (Wikipedia) (https://en.wikipedia.org/wiki/Tit_(bird)) What’s the Difference Between macOS Parental Controls and Intego ContentBarrier? Intego ContentBarrier X9 Get 60% off Intego's Mac Premium Bundle X9 with the code INTEGOPODCAST. Download now and try it for free at intego.com. Intego Mac Security Podcast Survey: Win a $100 gift card (https://www.surveymonkey.com/r/integopodcast)

Welcome to the Trusted Security Podcast – a podcast dedicated to bringing the latest news on information security and the industry. This episode features the following members: Geoff Walton, Rob Simon, Scot Berner, and Adrian Crenshaw. Show links: Calendar 2 tried turning Macs into cryptocurrency mining rigs, swiftly rolled back Mac App Store update following reviews https://letsencrypt.org/2017/07/06/wildcard-certificates-coming-jan-2018.html https://krebsonsecurity.com/2018/03/look-alike-domains-and-visual-confusion https://www.cnet.com/news/amd-has-a-spectre-meltdown-like-security-flaw-of-its-own Tool Time Notes: https://github.com/securitywithoutborders/hardentools/releases

In today's podcast, we hear that the Shadow Broker exploits have now been found to be more exploitable. Cryptocurrency miners are recognized as a problem: MacUpdate sustained a brief infestation late last week, and a new Android mining campaign takes a page from Mirai's playbook. Smominru botnet rakes in $3.6 million. T-Mobile warns of SIM-hijacking. Comment period extended for NIST Special Publication 800-171. New paycard skimmer found in Pennsylvania stores. Emily Wilson from Terbium Labs on tax fraud issues. Guest is Woody Shea from Covata on S3 bucket leaks. And a tsunami false alarm on the US East Coast.