We can’t condone cyber crime, even when the hacktivists have morals. A group of attackers calling themselves The Impact Team have breached a well-known online cheating site, and threatened to expose all its customers if they don’t shutdown shop. Watch today’s video to learn about this scandalous cyber drama, and why you shouldn’t post anything online that you don’t want your Grandma to see. (Episode Runtime: 3:41 ) Direct YouTube Link: https://www.youtube.com/watch?v=Uvow48dkF54 EPISODE REFERENCES: Popular Adultery site breached and extorted – Krebs on Security Who needs hackers if you can already see who’s cheating – Motherboard How you can see if an email address is on Ashley Madison (AM) – Troy Hunt Why the AM breach is everyone’s problem – The Verge What the AM hack teachs you about OpSec – Motherboard — Corey Nachreiner, CISSP ( @SecAdept )
The — depending on who is doing the reporting — cheating , affair , adultery , or infidelity site Ashley Madison has been hacked. The hackers are threatening to expose all of the company’s documents, including internal e-mails and details of its 37 million customers.
Among all the embarrassing stolen data from The Hacking Team breach was a serious Adobe Flash zero day vulnerability, which is now in the hands of any blackhat criminal who knows how to use Google. If you don’t want cyber criminals exploiting this flaw against you, watch today’s video to learn what you can do.
A group of malware researchers wants the security community to know about a recent botnet tool that has leaked on the underground. Watch today’s episode to learn about this tool, and why this leak will result in an increase in botnet activity. I also cover a few updates about the Hacking Team breach
Read this : Hacking Team asked its customers to shut down operations, but according to one of the leaked files , as part of Hacking Team’s “crisis procedure,” it could have killed their operations remotely. The company, in fact, has “a backdoor” into every customer’s software, giving it ability to suspend it or shut it down — something that even customers aren’t told about. To make matters worse, every copy of Hacking Team’s Galileo software is watermarked, according to the source, which means Hacking Team, and now everyone with access to this data dump, can find out who operates it and who they’re targeting with it
Vulnerability Note VU#561288 Adobe Flash ActionScript 3 ByteArray use-after-free vulnerability Original Release date: 07 Jul 2015 | Last revised: 07 Jul 2015 Overview Adobe Flash Player contains a vulnerability in the ActionScript 3 ByteArray class, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Adobe Flash Player versions 9.0 through version 184.108.40.206 contain a use-after-free vulnerability in the AS3 ByteArray class .
If you use Apple products — on Mac or PC — know that today is Apple Patch Day. The popular software company released six security advisories (originally five, but they had a late breaking advisory) fixing many security flaws in most of their most popular products. Watch today’s video to learn which products are affected, and what you should patch (or check the Reference section for a link to the page with all the details)
Last week, I talked about a Flash 0day vulnerability that attackers were only exploiting in limited, targeted attacks. This week, the vulnerability has been added to popular exploit kits, so I expect it to become more popular. Watch today’s video to learn more about it.
I’ve mentioned ransomware repeatedly in my videos, but today the FBI warned business how dangerous ransomware can be. Watch our video to learn how much ransomware has cost US companies this year, and how to protect yourself from it