Siirry offline-tilaan Player FM avulla!
352: Hacker Leaks AT&T Data! (71 Million Customers Affected!)
Manage episode 442037763 series 3043211
It's all about RCE this week on Technado! First up, in our Rapid Fire segment, the new "GhostRace" attack can bypass security checks to access sensitive info. In the ongoing WordPress saga, some miniOrange plugins have a critical flaw - including its malware scanner. Over 130k Fortinent boxes are still susceptible to a month old (already patched!) flaw, and AT&T suffered a breach exposing 70 million customers' data - or did they?
For fans of Esports and Apex Legends, an RCE flaw forced ALGS finals to shut down - but no one seems to know whose fault it really is. And in our Behind Bars segment, a Moldovan national will serve 42 months in a US prison for selling 350k+ stolen creds.
After a quick break to discuss Robocop (Sophie's latest movie assignment), it's time for a Deep Dive! Daniel takes us through a breakdown of an attack campaign designed to use Captchas, HTML, and other legitimate services to steal information. Finally, Fortra FileCatalyst has a flaw in its file uploading feature. Patch now!
Want to read further? Check out the articles Soph and Dan covered today:
https://www.darkreading.com/cyber-risk/ghostrace-speculative-execution-attack-cpu-os-vendors
https://thehackernews.com/2024/03/wordpress-admins-urged-to-remove.html
https://www.theregister.com/2024/03/18/more_than_133000_fortinet_appliances/
https://www.bleepingcomputer.com/news/security/att-says-leaked-data-of-70-million-people-is-not-from-its-systems/
https://www.bleepingcomputer.com/news/security/apex-legends-players-worried-about-rce-flaw-after-algs-hacks/
https://thehackernews.com/2024/03/e-root-marketplace-admin-sentenced-to.html
https://www.netskope.com/blog/from-delivery-to-execution-an-evasive-azorult-campaign-smuggled-through-google-sites
https://labs.nettitude.com/blog/cve-2024-25153-remote-code-execution-in-fortra-filecatalyst/
https://www.imdb.com/title/tt0093870/
363 jaksoa
Manage episode 442037763 series 3043211
It's all about RCE this week on Technado! First up, in our Rapid Fire segment, the new "GhostRace" attack can bypass security checks to access sensitive info. In the ongoing WordPress saga, some miniOrange plugins have a critical flaw - including its malware scanner. Over 130k Fortinent boxes are still susceptible to a month old (already patched!) flaw, and AT&T suffered a breach exposing 70 million customers' data - or did they?
For fans of Esports and Apex Legends, an RCE flaw forced ALGS finals to shut down - but no one seems to know whose fault it really is. And in our Behind Bars segment, a Moldovan national will serve 42 months in a US prison for selling 350k+ stolen creds.
After a quick break to discuss Robocop (Sophie's latest movie assignment), it's time for a Deep Dive! Daniel takes us through a breakdown of an attack campaign designed to use Captchas, HTML, and other legitimate services to steal information. Finally, Fortra FileCatalyst has a flaw in its file uploading feature. Patch now!
Want to read further? Check out the articles Soph and Dan covered today:
https://www.darkreading.com/cyber-risk/ghostrace-speculative-execution-attack-cpu-os-vendors
https://thehackernews.com/2024/03/wordpress-admins-urged-to-remove.html
https://www.theregister.com/2024/03/18/more_than_133000_fortinet_appliances/
https://www.bleepingcomputer.com/news/security/att-says-leaked-data-of-70-million-people-is-not-from-its-systems/
https://www.bleepingcomputer.com/news/security/apex-legends-players-worried-about-rce-flaw-after-algs-hacks/
https://thehackernews.com/2024/03/e-root-marketplace-admin-sentenced-to.html
https://www.netskope.com/blog/from-delivery-to-execution-an-evasive-azorult-campaign-smuggled-through-google-sites
https://labs.nettitude.com/blog/cve-2024-25153-remote-code-execution-in-fortra-filecatalyst/
https://www.imdb.com/title/tt0093870/
363 jaksoa
Todos los episodios
×Tervetuloa Player FM:n!
Player FM skannaa verkkoa löytääkseen korkealaatuisia podcasteja, joista voit nauttia juuri nyt. Se on paras podcast-sovellus ja toimii Androidilla, iPhonela, ja verkossa. Rekisteröidy sykronoidaksesi tilaukset laitteiden välillä.