Podcasts about WinRAR

If you like what you hear, please subscribe, leave us a review and tell a friend!

Another Israeli spyware vendor surfaces. Win11 to delete restore points more quickly. The EU accelerates its plans to abandon Microsoft Azure. The EU sets timelines for Post-Quantum crypto adoption. Russia to create a massive IMEI database. Canada and the UK create the "Common Good Cyber Fund". U.S. states crack down on Bitcoin ATMs amid growing scams. Congressional staffers cannot use WhatsApp on gov devices. LibXML2 and the problems with commercial use of OSS. A(nother) remote code execution vulnerability in WinRAR. Have-I-Been-Pwned gets a cool data visualization site. How is ransomware getting in? Windows to offer "safe" non-kernel endpoint security? Proactive age verification coming to porn sites. How? Canada (also) says "bye bye" to Hikvision. Germany will be banning DeekSeek. The whole EU may follow. Cloudflare throttled in Russia? What must the U.S. do to compete in global exploit acquisition? Show Notes - https://www.grc.com/sn/SN-1033-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: expressvpn.com/securitynow Melissa.com/twit 1password.com/securitynow hoxhunt.com/securitynow canary.tools/twit - use code: TWIT

Another Israeli spyware vendor surfaces. Win11 to delete restore points more quickly. The EU accelerates its plans to abandon Microsoft Azure. The EU sets timelines for Post-Quantum crypto adoption. Russia to create a massive IMEI database. Canada and the UK create the "Common Good Cyber Fund". U.S. states crack down on Bitcoin ATMs amid growing scams. Congressional staffers cannot use WhatsApp on gov devices. LibXML2 and the problems with commercial use of OSS. A(nother) remote code execution vulnerability in WinRAR. Have-I-Been-Pwned gets a cool data visualization site. How is ransomware getting in? Windows to offer "safe" non-kernel endpoint security? Proactive age verification coming to porn sites. How? Canada (also) says "bye bye" to Hikvision. Germany will be banning DeekSeek. The whole EU may follow. Cloudflare throttled in Russia? What must the U.S. do to compete in global exploit acquisition? Show Notes - https://www.grc.com/sn/SN-1033-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: expressvpn.com/securitynow Melissa.com/twit 1password.com/securitynow hoxhunt.com/securitynow canary.tools/twit - use code: TWIT

Another Israeli spyware vendor surfaces. Win11 to delete restore points more quickly. The EU accelerates its plans to abandon Microsoft Azure. The EU sets timelines for Post-Quantum crypto adoption. Russia to create a massive IMEI database. Canada and the UK create the "Common Good Cyber Fund". U.S. states crack down on Bitcoin ATMs amid growing scams. Congressional staffers cannot use WhatsApp on gov devices. LibXML2 and the problems with commercial use of OSS. A(nother) remote code execution vulnerability in WinRAR. Have-I-Been-Pwned gets a cool data visualization site. How is ransomware getting in? Windows to offer "safe" non-kernel endpoint security? Proactive age verification coming to porn sites. How? Canada (also) says "bye bye" to Hikvision. Germany will be banning DeekSeek. The whole EU may follow. Cloudflare throttled in Russia? What must the U.S. do to compete in global exploit acquisition? Show Notes - https://www.grc.com/sn/SN-1033-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: expressvpn.com/securitynow Melissa.com/twit 1password.com/securitynow hoxhunt.com/securitynow canary.tools/twit - use code: TWIT

Another Israeli spyware vendor surfaces. Win11 to delete restore points more quickly. The EU accelerates its plans to abandon Microsoft Azure. The EU sets timelines for Post-Quantum crypto adoption. Russia to create a massive IMEI database. Canada and the UK create the "Common Good Cyber Fund". U.S. states crack down on Bitcoin ATMs amid growing scams. Congressional staffers cannot use WhatsApp on gov devices. LibXML2 and the problems with commercial use of OSS. A(nother) remote code execution vulnerability in WinRAR. Have-I-Been-Pwned gets a cool data visualization site. How is ransomware getting in? Windows to offer "safe" non-kernel endpoint security? Proactive age verification coming to porn sites. How? Canada (also) says "bye bye" to Hikvision. Germany will be banning DeekSeek. The whole EU may follow. Cloudflare throttled in Russia? What must the U.S. do to compete in global exploit acquisition? Show Notes - https://www.grc.com/sn/SN-1033-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: expressvpn.com/securitynow Melissa.com/twit 1password.com/securitynow hoxhunt.com/securitynow canary.tools/twit - use code: TWIT

Another Israeli spyware vendor surfaces. Win11 to delete restore points more quickly. The EU accelerates its plans to abandon Microsoft Azure. The EU sets timelines for Post-Quantum crypto adoption. Russia to create a massive IMEI database. Canada and the UK create the "Common Good Cyber Fund". U.S. states crack down on Bitcoin ATMs amid growing scams. Congressional staffers cannot use WhatsApp on gov devices. LibXML2 and the problems with commercial use of OSS. A(nother) remote code execution vulnerability in WinRAR. Have-I-Been-Pwned gets a cool data visualization site. How is ransomware getting in? Windows to offer "safe" non-kernel endpoint security? Proactive age verification coming to porn sites. How? Canada (also) says "bye bye" to Hikvision. Germany will be banning DeekSeek. The whole EU may follow. Cloudflare throttled in Russia? What must the U.S. do to compete in global exploit acquisition? Show Notes - https://www.grc.com/sn/SN-1033-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: expressvpn.com/securitynow Melissa.com/twit 1password.com/securitynow hoxhunt.com/securitynow canary.tools/twit - use code: TWIT

Another Israeli spyware vendor surfaces. Win11 to delete restore points more quickly. The EU accelerates its plans to abandon Microsoft Azure. The EU sets timelines for Post-Quantum crypto adoption. Russia to create a massive IMEI database. Canada and the UK create the "Common Good Cyber Fund". U.S. states crack down on Bitcoin ATMs amid growing scams. Congressional staffers cannot use WhatsApp on gov devices. LibXML2 and the problems with commercial use of OSS. A(nother) remote code execution vulnerability in WinRAR. Have-I-Been-Pwned gets a cool data visualization site. How is ransomware getting in? Windows to offer "safe" non-kernel endpoint security? Proactive age verification coming to porn sites. How? Canada (also) says "bye bye" to Hikvision. Germany will be banning DeekSeek. The whole EU may follow. Cloudflare throttled in Russia? What must the U.S. do to compete in global exploit acquisition? Show Notes - https://www.grc.com/sn/SN-1033-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: expressvpn.com/securitynow Melissa.com/twit 1password.com/securitynow hoxhunt.com/securitynow canary.tools/twit - use code: TWIT

Another Israeli spyware vendor surfaces. Win11 to delete restore points more quickly. The EU accelerates its plans to abandon Microsoft Azure. The EU sets timelines for Post-Quantum crypto adoption. Russia to create a massive IMEI database. Canada and the UK create the "Common Good Cyber Fund". U.S. states crack down on Bitcoin ATMs amid growing scams. Congressional staffers cannot use WhatsApp on gov devices. LibXML2 and the problems with commercial use of OSS. A(nother) remote code execution vulnerability in WinRAR. Have-I-Been-Pwned gets a cool data visualization site. How is ransomware getting in? Windows to offer "safe" non-kernel endpoint security? Proactive age verification coming to porn sites. How? Canada (also) says "bye bye" to Hikvision. Germany will be banning DeekSeek. The whole EU may follow. Cloudflare throttled in Russia? What must the U.S. do to compete in global exploit acquisition? Show Notes - https://www.grc.com/sn/SN-1033-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: expressvpn.com/securitynow Melissa.com/twit 1password.com/securitynow hoxhunt.com/securitynow canary.tools/twit - use code: TWIT

Another Israeli spyware vendor surfaces. Win11 to delete restore points more quickly. The EU accelerates its plans to abandon Microsoft Azure. The EU sets timelines for Post-Quantum crypto adoption. Russia to create a massive IMEI database. Canada and the UK create the "Common Good Cyber Fund". U.S. states crack down on Bitcoin ATMs amid growing scams. Congressional staffers cannot use WhatsApp on gov devices. LibXML2 and the problems with commercial use of OSS. A(nother) remote code execution vulnerability in WinRAR. Have-I-Been-Pwned gets a cool data visualization site. How is ransomware getting in? Windows to offer "safe" non-kernel endpoint security? Proactive age verification coming to porn sites. How? Canada (also) says "bye bye" to Hikvision. Germany will be banning DeekSeek. The whole EU may follow. Cloudflare throttled in Russia? What must the U.S. do to compete in global exploit acquisition? Show Notes - https://www.grc.com/sn/SN-1033-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: expressvpn.com/securitynow Melissa.com/twit 1password.com/securitynow hoxhunt.com/securitynow canary.tools/twit - use code: TWIT

Scans for Ichano AtHome IP Cameras A couple days ago, a few sources started scanning for the username super_yg and the password 123. This is associated with Ichano IP Camera software. https://isc.sans.edu/diary/Scans%20for%20Ichano%20AtHome%20IP%20Cameras/32062 Critical Netscaler Security Update CVE-2025-5777 CVE 2025-5777 is a critical severity vulnerability impacting NetScaler Gateway, i.e. if NetScaler has been configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server. https://www.netscaler.com/blog/news/critical-security-updates-for-netscaler-netscaler-gateway-and-netscaler-console/ WinRar Vulnerability CVE-2025-6218 WinRar may be tricked into extracting files into attacker-determined locations, possibly leading to remote code execution https://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=276&cHash=b5165454d983fc9717bc8748901a64f9

In this episode of Cybersecurity Today, host Jim Love covers important security updates and warnings including critical flaws in WinRAR, a patch for a high severity zero-day vulnerability in Windows CLFS, and a security vulnerability in WhatsApp's Windows desktop application. He urges users to update their software to protect against exploits. Additionally, Jim discusses Identity Management Day and the concerning findings from an OKTA survey revealing Canadians' growing worries about identity theft. He announces his plan to create a special segment on new identity solutions to address these concerns. The episode also includes a shout-out to the BSides Calgary event for information security professionals. 00:00 Introduction and Event Announcement 00:51 Critical Flaws in Compression Utility 03:33 Microsoft Patches Zero-Day Exploits 05:01 WhatsApp Security Vulnerability 06:46 Identity Management Day Insights 10:13 Conclusion and Contact Information

Haugh fired from leadership of NSA and Cyber Command WinRAR flaw bypasses Windows Mark of the Web security alerts Researcher creates fake passport using ChatGPT Thanks to our episode sponsor, Nudge Security Nudge Security helps you mitigate security risks stemming from SaaS sprawl by discovering every SaaS account ever created by anyone in your org within minutes of starting a free trial. And, you can automate on-going governance tasks like security posture checks, user access reviews, employee offboarding, and more. Start a free 14-day trial Find the stories behind the headlines at CISOseries.com.  

Exploring Statistical Measures to Predict URLs as Legitimate or Intrusive Using frequency analysis, and training the model with honeypot data as well as log data from legitimate websites allows for a fairly simple and reliable triage of web server logs to identify possible malicious activity. https://isc.sans.edu/diary/Exploring%20Statistical%20Measures%20to%20Predict%20URLs%20as%20Legitimate%20or%20Intrusive%20%5BGuest%20Diary%5D/31822 Critical Unexploitable Ivanti Vulnerability Exploited CVE-2025-22457 In February, Ivanti patched CVE-2025-22457. At the time, the vulnerability was not considered to be exploitable. Mandiant now published a blog disclosing that the vulnerability was exploited as soon as mid-march https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-exploiting-critical-ivanti-vulnerability/ WinRAR MotW Vulnerability CVE-2025-31334 WinRAR patched a vulnerability that would not apply the Mark of the Web correctly if a compressed file included symlinks. This may make it easier to trick a victim into executing code downloaded from a website. https://nvd.nist.gov/vuln/detail/CVE-2025-31334 Microsoft Warns of Tax-Related Scam With the US personal income tax filing deadline only about a week out, Microsoft warns of commonly deployed scams that they are observing related to income tax filings https://www.microsoft.com/en-us/security/blog/2025/04/03/threat-actors-leverage-tax-season-to-deploy-tax-themed-phishing-campaigns/ Oracle Breach Update https://www.bloomberg.com/news/articles/2025-04-02/oracle-tells-clients-of-second-recent-hack-log-in-data-stolen

Parmi les nombreux systèmes d'exploitation existants, ReactOS fait figure d'exception. Initié en 1996, ce projet ambitieux vise à exécuter nativement les applications Windows, en reproduisant l'architecture et les fonctionnalités de Windows NT. Concrètement, ses développeurs ont recréé une grande partie des interfaces de programmation du système de Microsoft, permettant aux logiciels Windows d'interagir avec ReactOS comme s'ils tournaient sur leur plateforme d'origine.Malgré près de 30 ans de développement, ReactOS est toujours en phase alpha, mais il a prouvé sa compatibilité avec plusieurs logiciels, comme d'anciennes versions de Microsoft Office, des lecteurs multimédias comme VLC ou Winamp, des jeux rétro ou encore des utilitaires comme WinRAR. Son noyau hybride gère les ressources matérielles, la mémoire et les processus, en tentant d'émuler au mieux le comportement du noyau de Windows NT. Pour élargir encore sa compatibilité, il intègre également Wine, un autre projet permettant de faire fonctionner des applications Windows sous Linux.En 2023, l'équipe a surpris en annonçant la compatibilité de ReactOS avec les smartphones Lumia, grâce à la prise en charge de l'UEFI 64-bit (AMD64 et ARM64). Plus récemment, elle a ajouté la stack audio de Windows, même si un bug empêche pour l'instant son bon fonctionnement. Autre avancée : les versions nightly build peuvent désormais être exécutées sur un LiveUSB, sans nécessiter d'installation complète. Une prochaine mise à jour élargira encore cette possibilité, rendant le test du système plus accessible. Si ReactOS reste un projet de niche, il continue de séduire les passionnés de rétrocompatibilité et les adeptes d'alternatives libres à Windows. Hébergé par Acast. Visitez acast.com/privacy pour plus d'informations.

Esce finalmente la versione 3 di Gimp. La definizione di IA open source. Simulazione IA di civilizzazioni. La fuga da X dei giornalisti. App per foto senza IA. Queste e molte altre le notizie tech commentate nella puntata di questa settimana.Dallo studio distribuito di digitalia:Franco Solerio, Michele Di Maio, Giulio CupiniProduttori esecutivi:Jacopo Pellerin, XFCJK, Andrea Guido, Nicola Grilli, Giuliano Arcinotti, Umberto Marcello, Simone Podico, Vincenzo Ingenito, Enrico Carangi, Carlo Tomas, Marco Grechi, Idle Fellow, Paolo Tegoni, Mario Cervai, Alessandro Gheda, Paolo Bernardini, @Ppogo, Roberto A., Michelangelo Rocchetti, Alessio Ferrara, Edoardo Volpi Kellerman, Jacopo Pellarin, Manuel Zavatta, Enrico Facchin, Arzigogolo, Fabio Brunelli, Antonio Taurisano, Stefano Bonuccelli, Andrea Nicola Vasile, Diego Arati, Michele Olivieri, @Akagrinta, Ivan, Roberto Medeossi, Emanuele Libori, Letizia Calcinai, Denis Grosso, Michele Francesco Falzarano, Donato Gravino, Ftrava, Alessandro Stevanin, @Jh4Ckal, Mario Giammona, Davide Tinti, Gianluca Trevisani, Calogero Augusta, Luca Ubiali, Daniele Bastianelli, Ekaterina Zakaryukina, Capitan Harlock, Alessandro Morgantini, Georg Wenter, Cristian Pastori, Giorgio Puglisi, Nicola Fort, Mario Omodeo, Andrea Giovacchini, Andrea Malesani, Miriana NovellaSponsor:Links:GIMP 3.0 took two decadesWe finally have an 'official' definition for open source AINew 'Open Source AI Definition' Criticized for Not Opening Training DataDebian General Resolution drafted opposing OSI's Open Source AI Definitionaltera-al/project-sidNow theres an anti-AI camera app for Android tooAnthropic hires its first AI welfare researcherArs Live: Our first encounter with manipulative AIPiracy Shield: dura critica del commissario Giomi al presidente AgcomAgcom ancora più divisa su Piracy ShieldI costi di Piracy ShieldDAZN blocca SmartOne IPTV su TV LG e SamsungOK, these videos are getting out of control

In today's episode, we explore the FlyingYeti campaign exploited by using a WinRAR vulnerability (CVE-2023-38831) to deliver COOKBOX malware in Ukraine, detailed by Cloudflare's Cloudforce One: https://thehackernews.com/2024/05/flyingyeti-exploits-winrar.html. Next, we discuss the unprecedented mystery malware attack that destroyed 600,000 routers from ISP Windstream, reported by Black Lotus Labs: https://arstechnica.com/security/2024/05/mystery-malware-destroys-600000-routers-from-a-single-isp-during-72-hour-span/. Finally, we dive into the Trend Micro study on CISOs facing pressure from corporate boards to downplay cyber risk: https://www.cybersecuritydive.com/news/cisos-pressure-boards-downplay-cyber-risk/717497/. Tags: WinRAR, COOKBOX, FlyingYeti, Cloudflare, cyber warfare, Ukraine, phishing attacks, malware, routers, ISP, threat actor, Trend Micro, CISOs, cyber risks, organizational security Search Phrases: WinRAR vulnerability explained COOKBOX malware detection and removal FlyingYeti cyber attack details Cloudflare security advisories Protecting against phishing attacks Malware impact on routers ISP security breach cases Trend Micro cybersecurity reports CISO corporate board pressure Organizational cybersecurity best practices May31 An unknown threat actor recently unleashed a devastating malware attack that obliterated over 600,000 routers from a single internet service provider in just 72 hours. Forcing the company to replace all of the affected devices, leaving their patrons in digital darkness. What the heck happened here and how will we recover from this? Under mounting pressure from corporate boards, nearly four and five chief information security officers or CSOs are being pushed to downplay the severity of cyber risks. As revealed by a recent trend micro study.. How can CSOs navigate the pressure from corporate boards while also maintaining robust security posture? And finally, sometimes I pick stories simply because the name is too good. So flying Yeti is exploiting a WinRAR vulnerability to deliver cookbook malware in Ukraine marking another alarming chapter in Russia, aligned cyber warfare. You're listening to the daily decrypt.. And just over 72 hour time period malware called Chalubo Rendered more than 600,000 routers permanently unusable. All of these routers belonged to a single internet service provider named Windstream. And this ISP is now forced to replace every single one of these routers. Now that is not a small task. And a lot of these routers live in rural areas, which would be a long drive for. ISP technicians to make. And there were only so many ISP technicians. Out there. Sure they can ship you these routers, but that's going to take a long time because no supply chain is equipped to handle a random 600,000. Product order. Overnight. So who knows how long these people will be without internet? The specific routers that were affected are action tech T 3,200 and Sage com. And users are reporting a static red light on their routers, which indicates failure. Wow. Black Lotus labs utilize the census search engine. To track these affected router models and noted that. Throughout that 72 hour time period. There was a 49% drop in connections for these routers. So almost half of these routers on the public internet. Went offline. And I had mentioned that a lot of these routers lived in rural areas. But the spread of this disaster is, is pretty wide and vast because. This internet service provider provided service specifically to. Rural areas. And what is out in rural areas, a lot of farming and agriculture. So who knows what sort of impact this will have? Over. Our food source in the coming months. ' cause even tractors nowadays rely on wifi. Which is a whole nother wormhole. That I won't get to on this episode, but if you're interested, go ahead and look up John Deere wifi. And cloud connectivity because I believe they actually locked down these devices. And you have to be connected to the cloud to use them or something crazy like that. And this will also affect emergency services, which are few and far between. Out in rural areas already. Which is just unfair. But I hope this ISP is doing okay. And has a solid disaster recovery plan for how to get. Their patrons back online. It's. As far as I can tell, pretty much not feasible to get 600,000 devices out to patrons in any sort of reasonable amount of time. So. Hopefully. They can provide their patrons with maybe Amazon gift cards and instructions on how to connect. Routers purchased on Amazon or best buy to the ISP network or, or some, some sort of creative solution to get internet back online. As of right now, researchers have not identified how the routers were initially infected. Some possible methods could include exploiting, unknown vulnerabilities or abusing weak credentials. Or even maybe accessing exposed administrative panels. And I'm sure we'll hear some more from security researchers in the coming weeks on how this happened. But it's pretty hard to pin down because routers are widely. Insecure. And unpatched and it could be a myriad of ways. That they were compromised. And on that note, how do you prevent this? Make sure your routers are regularly updated. It is probably not updating itself. So you're going to have to go in and you're going to have to find. That update button. I'm sorry. That totally sucks, but just do it. This is about the worst case that can happen other than being spied on. And in fact, I was actually traveling out of town and staying with a friend recently. And I asked his permission to go into his router just to see what was going on. I like to poke around and make sure my friends are secure. And I, while I was in there. Updated his router had never been updated. Wasn't automatically updating. And I went ahead and showed him how to do it himself. According to a study recently done by trend micro. Almost four and five CSOs report feeling pressured by corporate boards to downplay their company's cyber risk. Which is a conflict between executives and security professionals that we've seen a lot in the past, but we're really hoping. Is being remediated due to all the visibility on cybersecurity risk. But this study is showing that we still have a lot of work to do. According to this study, 43% of security leaders feel they are perceived as nagging. Or repetitive while 42% feel seen as overly negative about their cyber risk. In the United States, the sec mandates that publicly traded companies disclose significant cybersecurity incidents within four business days, which is only going to add pressure to these CSOs. To manage their board's expectations while also complying with regulations. That is not a job that I envy. In fact, the sec charged solar winds and its top cyber risk executives for misleading investors about their cyber resilience. Now any study done relies on the opinions and questions asked to the specific participants, right? So this. Is kind of contradicted by a similar study done by proof point earlier this year that shows that 84% of CSOs now feel aligned with their boards on cyber risk. Which would indicate the opposite of this study. Ear, regardless. If you're a CSO or if you're an aspiring CSO. It's hard. To confront the people that pay you and write your checks. But you owe it to yourself and you owe it to your company. And you owe it to cybersecurity as a whole to take a stand. And. Make sure that the cyber risk you're dealing with is identified and. Addressed to the best of your ability. Uh, my favorite leadership tactic or strategy or principle is. To not be afraid or to recognize that it would be your proudest moment to be fired for standing up for something you believe in. Which is almost the way you have to approach leadership. Nowadays, you're going to get a lot of pressure from above and you're going to get a lot of pressure from below. So unless you know what you stand for. You're probably going to pick the wrong side. So pick something, stand for it. Hopefully it follows moral grounds and make it your life's honor to get fired for standing up for what you believe in. So we all know what phishing is. And with the invent of generative AI and machine learning, et cetera, phishing is only on the rise. People are being. Provided with more and more tools that will help them fish more efficiently. So of course fishing is going to be on the rise. It's a very effective hacking technique. Well, further proof of that. Comes when. CloudFlare disrupted a phishing campaign by a Russia aligned group called flying Yeti. That has been targeting Ukraine with quote cook box malware. Lots of good visuals there. The attackers use debt themed, lures exploiting concerns over housing and utilities to trick victims. Once the fishing victim clicks the link. They're directed to a get hub page that mimics cube Coleman, Alta, which is a leading malicious RAR archive. Download. The cook box malware then uses PowerShell to control the infected system. Connecting to a DDNS domain for command and control. Flashpoint also noted that Russian apt groups are refining their tactics and expanding their targets. Using malware, like agent Tesla and snake key logger. To accomplish their cyber crime goals. And as I mentioned in the intro, I mostly picked this story because of the fun visuals of a flying Yeti. But. Keep yourself up to date on fishing tactics, know what to look for and how to avoid getting fished yourself. I was talking to a friend yesterday who was showing me an example of a phishing email that his company came across. And it looked really good. I couldn't actually identify it as a phishing email. So, what do you do in that case? You should be skeptical of any link you click in any email. Never click a link without first thinking about what you're clicking. It's a really hard habit, but it will save you a lot of time and money. By not getting fished. Right. So first thing, check the email address it was sent from. I think it was my dad recently who sent me an email that he thought might be fishing, but couldn't tell. And so he just forwarded it to me. And yeah, the first thing I did was open up and see the email address sent. Sometimes it'll show like an alias, like Facebook marketing, but then the actual email address is something different and yeah, in. In this case. It was something like cutie pie, thirty6@gmail.com. Sending an email. Requesting to reset your password on Facebook or something like that. Like that's never going to happen. It'll come from, I mean, Facebook does use some pretty sneaky domains. That look like fishing. So Hey, knock that off Facebook. But it'll never be from a Gmail. It'll always be from a Facebook or fb.me or something like that. And if the email looks legit, You can always. Google. Malware sandbox or something like that and find a service they're free and you can copy the link, paste it in there and see what it does. I did this for my dad's email as well. It was a PDF and I got to actually watch the PDF. On a screen like this, this virtual machine opened up the PDF. And I got to watch it, try to ex execute other programs. In the background. It was super cool. But yeah. Try to use a safe environment to open up that link, or if it's not necessary. To click the link. Like if you have to reset your Facebook password, you can just go log into Facebook and go to your settings and reset your own password. You don't have to click the link for convenience. If it's like pay your bill. Now you can just go to your account by typing in the URL yourself. And pay the bill. Don't click the link. Just try to avoid clicking links as much as you possibly can.

On this week's show Patrick and Adam discuss the week's security news, including: The SSH backdoor that dreams (or nightmares) are made of Microsoft gets a solid spanking from the CSRB Ukraine uses an old Russian WinRAR bug to hack Russia Push-notifications and social-engineering combined-arms vs Apple And much, much more. We have a special guest in this week's show, Andres Freund, the Postgres developer who discovered the backdoor in the xz Linux compression library. This week's show is brought to you by Island, a company that makes a security-focussed enterprise browser. Island's Bradon Rogers is this week's sponsor guest and he'll be joining us to talk about how people are swapping out their Virtual Desktop Infrastructure for enterprise-focussed browsers like theirs. Show notes Risky Biz News: Supply chain attack in Linuxland oss-security - Re: backdoor in upstream xz/liblzma leading to ssh server compromise Andres Freund (Tech) on X: "@binitamshah FWIW, I didn't actually start looking due to the 500ms - I started looking when I saw failing ssh logins (by the usual automated attempts trying random user/password combinations) using a substantial amount of CPU. Only after that I noticed the slower logins." / X Andres Freund (Tech) on X: "@riskybusiness Absurdly enough, I was listening to the episode on a cooking break while writing the xz issue up. Couldn't make it up." / X GitHub - amlweems/xzbot: notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094) research!rsc: The xz attack shell script DHS report rips Microsoft for ‘cascade' of errors in China hack - The Washington Post Review of the Summer 2023 Microsoft Exchange Online Intrusion Russian researchers say espionage operation using WinRAR bug is linked to Ukraine Recent ‘MFA Bombing' Attacks Targeting Apple Users – Krebs on Security Ransomware gang leaks stolen Scottish healthcare patient data in extortion bid Ross Anderson, professor and famed author of ‘Security Engineering,' passes away

On this week's show Patrick and Adam discuss the week's security news, including: The SSH backdoor that dreams (or nightmares) are made of Microsoft gets a solid spanking from the CSRB Ukraine uses an old Russian WinRAR bug to hack Russia Push-notifications and social-engineering combined-arms vs Apple And much, much more. We have a special guest in this week's show, Andres Freund, the Postgres developer who discovered the backdoor in the xz Linux compression library. This week's show is brought to you by Island, a company that makes a security-focussed enterprise browser. Island's Bradon Rogers is this week's sponsor guest and he'll be joining us to talk about how people are swapping out their Virtual Desktop Infrastructure for enterprise-focussed browsers like theirs. Show notes Risky Biz News: Supply chain attack in Linuxland oss-security - Re: backdoor in upstream xz/liblzma leading to ssh server compromise Andres Freund (Tech) on X: "@binitamshah FWIW, I didn't actually start looking due to the 500ms - I started looking when I saw failing ssh logins (by the usual automated attempts trying random user/password combinations) using a substantial amount of CPU. Only after that I noticed the slower logins." / X Andres Freund (Tech) on X: "@riskybusiness Absurdly enough, I was listening to the episode on a cooking break while writing the xz issue up. Couldn't make it up." / X GitHub - amlweems/xzbot: notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094) research!rsc: The xz attack shell script DHS report rips Microsoft for ‘cascade' of errors in China hack - The Washington Post Review of the Summer 2023 Microsoft Exchange Online Intrusion Russian researchers say espionage operation using WinRAR bug is linked to Ukraine Recent ‘MFA Bombing' Attacks Targeting Apple Users – Krebs on Security Ransomware gang leaks stolen Scottish healthcare patient data in extortion bid Ross Anderson, professor and famed author of ‘Security Engineering,' passes away

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.NSFOCUS Research Labs about how the DarkCasino APT group has leveraged a recently disclosed WinRAR zero-day vulnerability.G DATA CyberDefense is reporting on a threat actor using the ZPAQ archive and .wav file extension to infect systems with Agent Tesla.A technical analysis of DarkGate Malware-as-a-Service which is widely available on various cybercrime forums by the RastaFarEye persona.The Micrososft Threat Intelligence team has uncovered a supply chain attack by the North Korea-based threat actor Diamond Sleet involving a malicious variant of an application developed by CyberLink Corp.The Chinese hacker group “Chimera” broke into NXP - a Dutch chip maker - at the end of 2017 and had access to the manufacturer's systems until the spring of 2020.To learn more about the community initiative to help end domestic violence please visit cybersecurity-cares.com

El FBI desmantela la infraestructura del grupo de ciberdelincuentes conocido como Qakbot, peor no es suficiente para terminar con su actividad delictiva En conformidad con la costumbre arraigada de Halloween, os traemos un episodio de los más terrorifico, comenzamos! Notas y referencias en https://www.tierradehackers.com/episodio-110 👁️ YouTube: https://www.youtube.com/tierradehackers 👀 Twitch: https://www.twitch.tv/tierradehackers ➡️ Twitter: https://www.twitter.com/tierradehackers ➡️ LinkedIn: https://www.linkedin.com/company/tierradehackers ➡️ Instagram: https://www.instagram.com/tierradehackers ➡️ Facebook: https://www.facebook.com/tierradehackers ➡️ TikTok: https://www.tiktok.com/@tierradehackers No olvides unirte a nuestra comunidad de Discord: 👾 https://www.tierradehackers.com/discord Si te gusta lo que hacemos, considera apoyarnos en Patreon para que podamos seguir creciendo y crear aun más contenido 🫶 https://www.patreon.com/tierradehackers/ Gracias también a los patrocinadores de este episodio: 👉 Monad (https://www.monad.com)

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.Sentinel One talking about emerging trends and evolving techniques for macOS malware in 2023BlackCat operators recently announced new updates to their tooling, including a utility called MunchkinOn October 16, Cisco released an advisory regarding a critical zero-day privilege escalation vulnerability in their IOS XE Web UI software.WithSecure Labs is reporting that Vietnamese cybercrime groups are using multiple different Malware as a Service infostealers and Remote Access Trojans to target the digital marketing sector.The FBI in Phoenix is warning the public of a new scam dubbed “The Phantom Hacker.”Google's Threat Analysis Group has recently observed multiple government-backed hacking groups exploiting the known vulnerability, CVE-2023-38831.

This info-packed episode of TWiET dives into the hidden dangers of Google hosted ads with malware. Guest Adam Jacob shares his vision for a "second wave" of DevOps to achieve better collaboration and outcomes. Patch Winrar right now The most used IT Admin passwords Cisco reports 10,000 network devices backdoored with unpatched 0-day The global chip talent shortage and partnerships addressing it The risks of malicious Google ads using punycode to disguise fake URLs Adam Jacob, CEO of System Initiative and Co-founder of Chef talks about his vision for improving and rebuilding DevOps from the ground up. Hosts: Louis Maresca, Brian Chee, and Curtis Franklin Guest: Adam Jacob Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

This info-packed episode of TWiET dives into the hidden dangers of Google hosted ads with malware. Guest Adam Jacob shares his vision for a "second wave" of DevOps to achieve better collaboration and outcomes. Patch Winrar right now The most used IT Admin passwords Cisco reports 10,000 network devices backdoored with unpatched 0-day The global chip talent shortage and partnerships addressing it The risks of malicious Google ads using punycode to disguise fake URLs Adam Jacob, CEO of System Initiative and Co-founder of Chef talks about his vision for improving and rebuilding DevOps from the ground up. Hosts: Louis Maresca, Brian Chee, and Curtis Franklin Guest: Adam Jacob Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

This info-packed episode of TWiET dives into the hidden dangers of Google hosted ads with malware. Guest Adam Jacob shares his vision for a "second wave" of DevOps to achieve better collaboration and outcomes. Patch Winrar right now The most used IT Admin passwords Cisco reports 10,000 network devices backdoored with unpatched 0-day The global chip talent shortage and partnerships addressing it The risks of malicious Google ads using punycode to disguise fake URLs Adam Jacob, CEO of System Initiative and Co-founder of Chef talks about his vision for improving and rebuilding DevOps from the ground up. Hosts: Louis Maresca, Brian Chee, and Curtis Franklin Guest: Adam Jacob Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

This info-packed episode of TWiET dives into the hidden dangers of Google hosted ads with malware. Guest Adam Jacob shares his vision for a "second wave" of DevOps to achieve better collaboration and outcomes. Patch Winrar right now The most used IT Admin passwords Cisco reports 10,000 network devices backdoored with unpatched 0-day The global chip talent shortage and partnerships addressing it The risks of malicious Google ads using punycode to disguise fake URLs Adam Jacob, CEO of System Initiative and Co-founder of Chef talks about his vision for improving and rebuilding DevOps from the ground up. Hosts: Louis Maresca, Brian Chee, and Curtis Franklin Guest: Adam Jacob Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

Chris Rock is a Cyber Mercenary who has worked in the Middle East, US and Asia for the last 30 years working for both government and private organizations. ˇHe is the Chief Information Security Officer and co-founder of SIEMonster. Chris has presented three times at the largest hacking conference in the world, DEFCON in Las Vegas on controversial vulnerabilities. Chris is also the author of the Baby Harvest, a book based on criminals and terrorists using virtual babies and fake deaths for financing. He has also been invited to speak at TED global. In the Security News: Fried squid is tasty, but the squid proxy is vulnerable, Flipper zero and other tools can now BLE Spam more than just Apple devices, Cisco IOS vulnerability in the web interface, again, is Signal vulnerable?, WinRAR being exploit, still, Math.Random is not really all that random, get your malware samples, and my inside look into Android TV devices, malware, and the horrors of the supply chain! All that and more on this episode of Paul's Security Weekly! Visit https://www.securityweekly.com/psw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/psw-803

Nation-states exploit the WinRAR vulnerability. Criminals leak more stolen 23andMe data. QR codes as a risk. NSA and partners offer anti-phishing guidance. A Ukrainian hacktivist auxiliary takes down Trigona privateers. Hacktivism and influence operations remain the major cyber features of the Hamas-Israeli war. On today's Threat Vector, David Moulton speaks with Kate Naunheim, Cyber Risk Management Director at Unit 42, about the new cybersecurity regulations introduced by the SEC. Our own Rick Howard talks with Jen Miller Osborn about the 10th anniversary of ATT&CKcon. And the epistemology of open source intelligence: tweets, TikToks, Instagrams–they're not necessarily ground truth. Threat Vector To delve further into this topic, check out this upcoming webinar by Palo Alto's Unit 42 team on November 9, 2023, "The Ransomware Landscape: Threats Driving the SEC Rule and Other Regulations." Please share your thoughts with us for future Threat Vector segments by taking our brief survey. To learn what is top of mind each month from the experts at Unit 42 sign up for their Threat Intel Bulletin.  For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/200 Selected reading. Government-backed actors exploiting WinRAR vulnerability (Google)  The forgotten malvertising campaign (Malwarebytes) Hacker leaks millions of new 23andMe genetic data profiles (BleepingComputer)  Exploring The Malicious Usage of QR Codes (SlashNext |)  How to Protect Against Evolving Phishing Attacks (National Security Agency/Central Security Service) GuidePoint Research and Intelligence Team's (GRIT) 2023 Q3 Ransomware Report Examines the Continued Surge of Ransomware Activity (GuidePoint) Ukrainian activists hack Trigona ransomware gang, wipe servers (BleepingComputer)  Navigating the Mis- and Disinformation Minefield in the Current Israel-Hamas War (ZeroFox) War Tests Israeli Cyber Defenses as Hack Attempts Soar (Bloomberg) U.S. says Israel ‘not responsible' for Gaza hospital blast; Biden announces ‘unprecedented' aid package in speech (Washington Post) Three clues the Ahli Arab Hospital strike came from Gaza (The Telegraph)  Who's Responsible for the Gaza Hospital Explosion? Here's Why It's Hard to Know What's Real (WIRED)  ‘Verified' OSINT Accounts Are Destroying the Israel-Palestine Information Ecosystem (404 Media) Learn more about your ad choices. Visit megaphone.fm/adchoices

mAI menü:Az oroszok már a WinRar-ban vannakMeredith Whittaker reaffirms that Signal would leave UK if forced by privacy billan HDMI Adapter That Demands Your Location...Kinyírják az NTLM-etIBM Cost of a Data Breach Report 2023Rendőrségi ügyintézési phishingExploit rovat: SPLUNK admin account takeoverElérhetőségeink:TelegramTwitterInstagramFacebookMail: info@hackeslangos.show

State-backed attackers exploit WinRAR zero-day Five Eyes warns of Chinese IP theft ServiceNow data exposure issue identified Huge thanks to our sponsor, Vanta Growing a business? That likely means more tools, third-party vendors, and data sharing — AKA, way more risk. Vanta's market-leading trust management platform brings GRC and security efforts together. Integrate information from multiple systems and reduce risks to your business and your brand — all without the need for additional staffing. And by automating up to 90% of the work for SOC 2, ISO 27001, and more, you'll be able to focus on strategy and security, not maintaining compliance. Join 5,000 fast-growing companies that leverage Vanta to manage risk and prove security in real-time. Our listeners get $1,000 off Vanta. Go to vanta.com/ciso to claim this discount.

In the Security News: Fried squid is tasty, but the squid proxy is vulnerable, Flipper zero and other tools can now BLE Spam more than just Apple devices, Cisco IOS vulnerability in the web interface, again, is Signal vulnerable?, WinRAR being exploit, still, Math.Random is not really all that random, get your malware samples, and my inside look into Android TV devices, malware, and the horrors of the supply chain! All that and more on this episode of Paul's Security Weekly! Show Notes: https://securityweekly.com/psw-803

Túnel cuántico con nanoantenas contra el cáncer / Un F-35 zombie se pierde / 5.500 copias de Winrar vendidas por un meme / Paint ahora es Mini Photoshop / Jefe de Surface ficha por Alexa Patrocinador: Si tu empresa necesita perfiles altamente cualificados, y no sabes por dónde empezar: llama a Randstad Professionals. En la consultora de selección del grupo Randstad te ayuda a seleccionarlos, ya sea de forma indefinida o temporal, a través de Interim Professionals. Túnel cuántico con nanoantenas contra el cáncer / Un F-35 zombie se pierde / 5.500 copias de Winrar vendidas por un meme / Paint ahora es Mini Photoshop / Jefe de Surface ficha por Alexa

Amanda joins us to discuss aspects of incident response, including how to get the right data to support findings related to an incident, SMB challenges, cloud event logging, and more! Amanda works for Blumira and is the co-author of "Defensive Security Handbook: Best Practices for Securing Infrastructure." In the Security News: How not to send all your browser data to Google, apparently Microsoft needs pressure to apply certain fixes, the mutli-hundred-billion-dollar-a-year industry that tries to secure everything above the firmware, security through obscrurity doesn't work, should you hire cybersecurity consultants, pen testing is key for compliance, defense contractor leaks, inside a McFlurry machine, Barracuda is still chasing hackers, why Linux is more secure than windows, more details on WinRar and middle-out compression, a Wifi worm?, CVE-2020-19909 is almost everything that is wrong with CVE, Tacos, and hacking through a Fire stick! All that and more on this episode of Paul's Security Weekly!  Visit https://www.securityweekly.com/psw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/psw-797

Picture of the Week: Steve shares a funny "what we say vs what we mean" image about tech support conversations. WinRAR v6.23 fixes: Steve explains that updating to the latest WinRAR is more important than initially thought, with two critical vulnerabilities being actively exploited by hackers since April to install malware. HTTPS for local networks: Responding to listener email, Steve agrees HTTP is fine for local network devices like routers but notes risks in larger corporate networks. Portable domains for email: Steve endorses a listener suggestion to purchase your own domain and use third-party services, retaining control if a provider shuts down. Google Topics and monopolies: Steve and Leo debate whether Topics favors large advertisers with greater reach to get user targeting data. Voyager 2 antenna analysis: A listener calculates the antenna beam width mathematically, showing 2 degrees off-axis may not be as remarkable as it sounded. Windows time settings: Steve clarifies the STS issue does not impact end users changing Windows clock settings, it's enterprise server-side. Unix time in TLS handshakes: The hosts discuss why Unix time stamps are sent but not required for TLS, tracing back to early nonce generation. Fake flash drives: Steve warns of a slew of fake high-capacity thumb drives flooding the market, explaining how SpinRite tests detected the flaw. Man-in-the-middle attacks: While agreeing HTTPS helps prevent malicious injection, Steve examines MITM attack practicality, arguing they are difficult for hackers to pull off. Show Notes - https://www.grc.com/sn/SN-937-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: kolide.com/securitynow canary.tools/twit - use code: TWIT Building Cyber Resilience Podcast

Picture of the Week: Steve shares a funny "what we say vs what we mean" image about tech support conversations. WinRAR v6.23 fixes: Steve explains that updating to the latest WinRAR is more important than initially thought, with two critical vulnerabilities being actively exploited by hackers since April to install malware. HTTPS for local networks: Responding to listener email, Steve agrees HTTP is fine for local network devices like routers but notes risks in larger corporate networks. Portable domains for email: Steve endorses a listener suggestion to purchase your own domain and use third-party services, retaining control if a provider shuts down. Google Topics and monopolies: Steve and Leo debate whether Topics favors large advertisers with greater reach to get user targeting data. Voyager 2 antenna analysis: A listener calculates the antenna beam width mathematically, showing 2 degrees off-axis may not be as remarkable as it sounded. Windows time settings: Steve clarifies the STS issue does not impact end users changing Windows clock settings, it's enterprise server-side. Unix time in TLS handshakes: The hosts discuss why Unix time stamps are sent but not required for TLS, tracing back to early nonce generation. Fake flash drives: Steve warns of a slew of fake high-capacity thumb drives flooding the market, explaining how SpinRite tests detected the flaw. Man-in-the-middle attacks: While agreeing HTTPS helps prevent malicious injection, Steve examines MITM attack practicality, arguing they are difficult for hackers to pull off. Show Notes - https://www.grc.com/sn/SN-937-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: kolide.com/securitynow canary.tools/twit - use code: TWIT Building Cyber Resilience Podcast

Picture of the Week: Steve shares a funny "what we say vs what we mean" image about tech support conversations. WinRAR v6.23 fixes: Steve explains that updating to the latest WinRAR is more important than initially thought, with two critical vulnerabilities being actively exploited by hackers since April to install malware. HTTPS for local networks: Responding to listener email, Steve agrees HTTP is fine for local network devices like routers but notes risks in larger corporate networks. Portable domains for email: Steve endorses a listener suggestion to purchase your own domain and use third-party services, retaining control if a provider shuts down. Google Topics and monopolies: Steve and Leo debate whether Topics favors large advertisers with greater reach to get user targeting data. Voyager 2 antenna analysis: A listener calculates the antenna beam width mathematically, showing 2 degrees off-axis may not be as remarkable as it sounded. Windows time settings: Steve clarifies the STS issue does not impact end users changing Windows clock settings, it's enterprise server-side. Unix time in TLS handshakes: The hosts discuss why Unix time stamps are sent but not required for TLS, tracing back to early nonce generation. Fake flash drives: Steve warns of a slew of fake high-capacity thumb drives flooding the market, explaining how SpinRite tests detected the flaw. Man-in-the-middle attacks: While agreeing HTTPS helps prevent malicious injection, Steve examines MITM attack practicality, arguing they are difficult for hackers to pull off. Show Notes - https://www.grc.com/sn/SN-937-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: kolide.com/securitynow canary.tools/twit - use code: TWIT Building Cyber Resilience Podcast

Picture of the Week: Steve shares a funny "what we say vs what we mean" image about tech support conversations. WinRAR v6.23 fixes: Steve explains that updating to the latest WinRAR is more important than initially thought, with two critical vulnerabilities being actively exploited by hackers since April to install malware. HTTPS for local networks: Responding to listener email, Steve agrees HTTP is fine for local network devices like routers but notes risks in larger corporate networks. Portable domains for email: Steve endorses a listener suggestion to purchase your own domain and use third-party services, retaining control if a provider shuts down. Google Topics and monopolies: Steve and Leo debate whether Topics favors large advertisers with greater reach to get user targeting data. Voyager 2 antenna analysis: A listener calculates the antenna beam width mathematically, showing 2 degrees off-axis may not be as remarkable as it sounded. Windows time settings: Steve clarifies the STS issue does not impact end users changing Windows clock settings, it's enterprise server-side. Unix time in TLS handshakes: The hosts discuss why Unix time stamps are sent but not required for TLS, tracing back to early nonce generation. Fake flash drives: Steve warns of a slew of fake high-capacity thumb drives flooding the market, explaining how SpinRite tests detected the flaw. Man-in-the-middle attacks: While agreeing HTTPS helps prevent malicious injection, Steve examines MITM attack practicality, arguing they are difficult for hackers to pull off. Show Notes - https://www.grc.com/sn/SN-937-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: kolide.com/securitynow canary.tools/twit - use code: TWIT Building Cyber Resilience Podcast

Picture of the Week: Steve shares a funny "what we say vs what we mean" image about tech support conversations. WinRAR v6.23 fixes: Steve explains that updating to the latest WinRAR is more important than initially thought, with two critical vulnerabilities being actively exploited by hackers since April to install malware. HTTPS for local networks: Responding to listener email, Steve agrees HTTP is fine for local network devices like routers but notes risks in larger corporate networks. Portable domains for email: Steve endorses a listener suggestion to purchase your own domain and use third-party services, retaining control if a provider shuts down. Google Topics and monopolies: Steve and Leo debate whether Topics favors large advertisers with greater reach to get user targeting data. Voyager 2 antenna analysis: A listener calculates the antenna beam width mathematically, showing 2 degrees off-axis may not be as remarkable as it sounded. Windows time settings: Steve clarifies the STS issue does not impact end users changing Windows clock settings, it's enterprise server-side. Unix time in TLS handshakes: The hosts discuss why Unix time stamps are sent but not required for TLS, tracing back to early nonce generation. Fake flash drives: Steve warns of a slew of fake high-capacity thumb drives flooding the market, explaining how SpinRite tests detected the flaw. Man-in-the-middle attacks: While agreeing HTTPS helps prevent malicious injection, Steve examines MITM attack practicality, arguing they are difficult for hackers to pull off. Show Notes - https://www.grc.com/sn/SN-937-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: kolide.com/securitynow canary.tools/twit - use code: TWIT Building Cyber Resilience Podcast

Picture of the Week: Steve shares a funny "what we say vs what we mean" image about tech support conversations. WinRAR v6.23 fixes: Steve explains that updating to the latest WinRAR is more important than initially thought, with two critical vulnerabilities being actively exploited by hackers since April to install malware. HTTPS for local networks: Responding to listener email, Steve agrees HTTP is fine for local network devices like routers but notes risks in larger corporate networks. Portable domains for email: Steve endorses a listener suggestion to purchase your own domain and use third-party services, retaining control if a provider shuts down. Google Topics and monopolies: Steve and Leo debate whether Topics favors large advertisers with greater reach to get user targeting data. Voyager 2 antenna analysis: A listener calculates the antenna beam width mathematically, showing 2 degrees off-axis may not be as remarkable as it sounded. Windows time settings: Steve clarifies the STS issue does not impact end users changing Windows clock settings, it's enterprise server-side. Unix time in TLS handshakes: The hosts discuss why Unix time stamps are sent but not required for TLS, tracing back to early nonce generation. Fake flash drives: Steve warns of a slew of fake high-capacity thumb drives flooding the market, explaining how SpinRite tests detected the flaw. Man-in-the-middle attacks: While agreeing HTTPS helps prevent malicious injection, Steve examines MITM attack practicality, arguing they are difficult for hackers to pull off. Show Notes - https://www.grc.com/sn/SN-937-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: kolide.com/securitynow canary.tools/twit - use code: TWIT Building Cyber Resilience Podcast

On Security Now, Steve Gibson and Leo Laporte discuss a recently discovered and patched WinRAR vulnerability that allowed attackers to execute malicious code when users extracted files from specially crafted archives. For the full episode go to: https://twit.tv/sn/937 Hosts: Steve Gibson and Leo Laporte You can find more about TWiT and subscribe to our podcasts at https://podcasts.twit.tv/ Sponsor: GO.ACILEARNING.COM/TWIT

https://youtu.be/BVbVwm0dMgg This week on the podcast we cover the latest evolutions of the North Korean threat actor Lazarus before covering an actively-exploited 0day vulnerability in the popular unarchiver WinRAR. We end the episode with an AI-related attack that doesn't actually use AI.

Rozmawiamy dzisiaj sporo o sztucznej inteligencji i jej roli w medycynie, filmie i innych aspektach naszego życia. Wspominam też o nowych newsach na temat iPhone’a 15 / Plus / Pro / Ultra, o włamach do Microsoftu i WinRAR oraz o … Czytaj dalej → The post 432: Sztuczna Inteligencja zmieni wszystko first appeared on Retro Rocket Network.

Jared has a long, and outstanding, history in cybersecurity. Today, he works for Microsoft helping them run and respond to bug bounty reports. The scale is massive and I think we can all learn a thing or two about vulnerability management and bug bounties! Segment Resources: https://www.microsoft.com/en-us/msrc/bounty?rtc=1 https://www.microsoft.com/en-us/msrc https://msrc.microsoft.com/report/vulnerability/new https://www.microsoft.com/en-us/msrc/bounty https://msrc.microsoft.com/blog/ https://jobs.careers.microsoft.com/global/en/search?q=msrc&l=en_us&pg=1&pgSz=20&o=Relevance&flt=true https://www.microsoft.com/bluehat/  In the Security News: Lora projects are popular, simple checksums are not enough, WinRAR: shareware or native OS?, ATM software is vulnerable, attackers could learn from security researchers (but lets hope they don't), NoFilter and behavior by design, Apple vs. A security researcher: there are no winners, sneaky npm packages, faster Nmap scans, kali on more phones, more LOl drivers, comparing security benchmarks to the real world, tunnelcrack and why VPNs are over-hyped, Ubuntu has lost its mind, and there's a Python in the sheets! All that and more on this episode of Paul's Security Weekly! Visit https://www.securityweekly.com/psw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly  Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/psw-796

Miss Manners confronts copy-and-paste. WinRAR patches bugs. When Airplane mode isn't. How many cryptographers to change a light bulb? Intro and outro music by Edith Mudge (www.edithmudge.com)

OpenSUSE goes private. Android to get satellite comms. SanDisk and Western Digital in hot water. You're asking for it: YouTube children's privacy. Whoopsie! 8Base. Where the money is. The TSSHOCK vulnerability. BitForge. A Quantum resilient security key. Removed Chrome extensions notifications. HTTPS by default? WinRAR 6.23 final released. Closing the Loop. When Heuristics Backfire. Show Notes - https://www.grc.com/sn/SN-936-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: panoptica.app kolide.com/securitynow joindeleteme.com/twit promo code TWIT

OpenSUSE goes private. Android to get satellite comms. SanDisk and Western Digital in hot water. You're asking for it: YouTube children's privacy. Whoopsie! 8Base. Where the money is. The TSSHOCK vulnerability. BitForge. A Quantum resilient security key. Removed Chrome extensions notifications. HTTPS by default? WinRAR 6.23 final released. Closing the Loop. When Heuristics Backfire. Show Notes - https://www.grc.com/sn/SN-936-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: panoptica.app kolide.com/securitynow joindeleteme.com/twit promo code TWIT

OpenSUSE goes private. Android to get satellite comms. SanDisk and Western Digital in hot water. You're asking for it: YouTube children's privacy. Whoopsie! 8Base. Where the money is. The TSSHOCK vulnerability. BitForge. A Quantum resilient security key. Removed Chrome extensions notifications. HTTPS by default? WinRAR 6.23 final released. Closing the Loop. When Heuristics Backfire. Show Notes - https://www.grc.com/sn/SN-936-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: panoptica.app kolide.com/securitynow joindeleteme.com/twit promo code TWIT

OpenSUSE goes private. Android to get satellite comms. SanDisk and Western Digital in hot water. You're asking for it: YouTube children's privacy. Whoopsie! 8Base. Where the money is. The TSSHOCK vulnerability. BitForge. A Quantum resilient security key. Removed Chrome extensions notifications. HTTPS by default? WinRAR 6.23 final released. Closing the Loop. When Heuristics Backfire. Show Notes - https://www.grc.com/sn/SN-936-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: panoptica.app kolide.com/securitynow joindeleteme.com/twit promo code TWIT

OpenSUSE goes private. Android to get satellite comms. SanDisk and Western Digital in hot water. You're asking for it: YouTube children's privacy. Whoopsie! 8Base. Where the money is. The TSSHOCK vulnerability. BitForge. A Quantum resilient security key. Removed Chrome extensions notifications. HTTPS by default? WinRAR 6.23 final released. Closing the Loop. When Heuristics Backfire. Show Notes - https://www.grc.com/sn/SN-936-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: panoptica.app kolide.com/securitynow joindeleteme.com/twit promo code TWIT

OpenSUSE goes private. Android to get satellite comms. SanDisk and Western Digital in hot water. You're asking for it: YouTube children's privacy. Whoopsie! 8Base. Where the money is. The TSSHOCK vulnerability. BitForge. A Quantum resilient security key. Removed Chrome extensions notifications. HTTPS by default? WinRAR 6.23 final released. Closing the Loop. When Heuristics Backfire. Show Notes - https://www.grc.com/sn/SN-936-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: panoptica.app kolide.com/securitynow joindeleteme.com/twit promo code TWIT

An APT41 subgroup uses new techniques to bypass security products. Iranian cyberespionage group MuddyWater is using Managed Service Provider tools. Wipers reappear in Ukrainian networks. Meta observes and disrupts the new NodeStealer malware campaign. The City of Dallas is moderately affected by a ransomware attack. My conversation with Karin Voodla, part of the US State Department's Cyber fellowship program. Lesley Carhart from Dragos shares Real World Stories of Incident Response and Threat Intelligence. And there's been an indictment and a takedown in a major dark web carder case. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/86 Selected reading. Attack on Security Titans: Earth Longzhi Returns With New Tricks (Trend Micro) APT groups muddying the waters for MSPs (ESET) Russian hackers use WinRAR to wipe Ukraine state agency's data (BleepingComputer) WinRAR as a "cyberweapon". Destructive cyberattack UAC-0165 (probably Sandworm) on the public sector of Ukraine using RoarBat (CERT-UA#6550) (CERT-UA)  The malware threat landscape: NodeStealer, DuckTail, and more (Engineering at Meta)  Facebook disrupts new NodeStealer information-stealing malware (BleepingComputer) NodeStealer Malware Targets Gmail, Outlook, Facebook Credentials (Decipher) City of Dallas likely targeted in ransomware attack, city official says (Dallas News)  Cybercriminal Network Fueling the Global Stolen Credit Card Trade is Dismantled (US Department of Justice) Secret Service, State Department Offer Up To $10 Million Dollar Reward For Information On Wanted International Fugitive (US Secret Service) Police dismantles Try2Check credit card verifier used by dark web markets (BleepingComputer)