Create Rogue Networks on the WiFi Pineapple (PineAP KARMA Attacks) Hak5 2022-05-05 | On this episode of HakByte, @AlexLynd demonstrates how to use the PineAP module on the WiFi Pineapple to run a KARMA WiFi Attack. This allows an attacker to trick your WiFi device into connecting to a malicious access point, by spoofing networks its connected to before.-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆Buy a WiFi Pineapple: shop.hak5.orgWiFi Pineapple Docs: docs.hak5.org/wifi-pineappleCapturing Half Handshakes: youtube.com/watch?v=5guDKTc6HakAlex Lynd's Twitter: twitter.com/AlexLyndAlex Lynd's website: http://alexlynd.com-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆Chapters:Intro @AlexLynd 00:00What is the WiFi Pineapple? 00:17What are KARMA Attacks? 00:39What You'll Need 00:58Connecting your Pineapple 01:18PineAP Interface 02:01How PineAP Works 03:12Using the Scanners 03:51KARMA Attack Requirements 06:45Broadcasting Open Networks 07:14Setting up Filters 08:44Deauthing our Victim 09:37KARMA Attack Demo 10:18MITM & WiFi Radios 10:53Attack Implications 11:45Mitigating KARMA 12:14Outro 12:38-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆Our Site → hak5.orgShop → http://hakshop.myshopify.comSubscribe → youtube.com/user/Hak5Darren?sub_confirmation=1Support → patreon.com/threatwireContact Us → http://www.twitter.com/hak5-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Ransomware Leader Arrested - ThreatWire Hak5 2024-06-19 | ⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️@endingwithali →Twitch: twitch.tv/endingwithaliTwitter: twitter.com/endingwithaliYouTube: youtube.com/@endingwithaliEverywhere else: https://links.ali.devWant to work with Ali? endingwithalicollabs@gmail.com[❗] Join the Patreon→ patreon.com/threatwire0:00 0 - Intro00:12 1 - Two Final Updates02:26 2 - 💻📄➡️👾👹04:24 3 - Scattered Spider Is Scattered No More05:18 4 - OutroLINKS🔗 Story 1: Two Final Updatesblogs.windows.com/windowsexperience/2024/06/07/update-on-the-recall-preview-feature-for-copilot-pcswired.com/story/epam-snowflake-ticketmaster-breach-shinyhunters🔗 Story 2: 💻📄➡️👾👹techworm.net/2024/06/hackers-discord-emojis-command-linux-malware.htmlvolexity.com/blog/2024/06/13/disgomoji-malware-used-to-target-indian-government🔗 Story 3: Scattered Spider Is Scattered No Morekrebsonsecurity.com/2024/06/alleged-boss-of-scattered-spider-hacking-group-arresteddarkowl.com/blog-content/threat-actor-spotlight-scattered-spiderpanther.com/blog/the-scattered-spider-attack-safeguarding-your-okta-infrastructuremurciatoday.com/video-fbi-take-down-uk-hacker-in-spain-for-stealing-27m-usd-of-bitcoins_1000077536-a.html-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆Our Site → hak5.orgShop → http://hakshop.myshopify.comCommunity → hak5.org/communitySubscribe → youtube.com/user/Hak5Darren?sub_confirmation=1Support → patreon.com/threatwireContact Us → http://www.twitter.com/hak5____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Microsoft Recall got Recalled - ThreatWire Hak5 2024-06-12 | ⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️@endingwithali →Twitch: twitch.tv/endingwithaliTwitter: twitter.com/endingwithaliYouTube: youtube.com/@endingwithaliEverywhere else: https://links.ali.devWant to work with Ali? endingwithalicollabs@gmail.com[❗] Join the Patreon→ patreon.com/threatwire0:00 0 - Intro00:12 1 - PHP is Vulnerable - Again!01:21 2 - What is Happening with Snowflake?05:24 3 - Jakoby06:19 4 - Recall Update08:04 5 - OutroLINKS🔗 Story 1: PHP is Vulnerable - Again!https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/securityweek.com/php-patches-critical-remote-code-execution-vulnerability🔗 Story 2: What is Happening with Snowflake?community.snowflake.com/s/question/0D5VI00000Emyl00AB/detecting-and-preventing-unauthorized-user-accesstechcrunch.com/2024/06/07/snowflake-ticketmaster-lendingtree-customer-data-breachtechcrunch.com/2024/05/31/live-nation-confirms-ticketmaster-was-hacked-says-personal-information-stolen-in-data-breachcloud.google.com/blog/topics/threat-intelligence/unc5537-snowflake-data-theft-extortionbleepingcomputer.com/news/security/shinyhunters-claims-santander-breach-selling-data-for-30m-customerstheverge.com/2024/6/3/24170876/snowflake-ticketmaster-santander-data-breach-detailssecurityweek.com/snowflake-attacks-mandiant-links-data-breaches-to-infostealer-infections🔗 Story 3: Jakobyhttps://x.com/I_Am_Jakoby/status/1798476894146281650🔗 Story 4: Recall Updatewindowscentral.com/software-apps/windows-11/microsoft-has-lost-trust-with-its-users-windows-recall-is-the-last-strawgithub.com/xaitax/TotalRecallblogs.windows.com/windowsexperience/2024/06/07/update-on-the-recall-preview-feature-for-copilot-pcs-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆Our Site → hak5.orgShop → http://hakshop.myshopify.comCommunity → hak5.org/communitySubscribe → youtube.com/user/Hak5Darren?sub_confirmation=1Support → patreon.com/threatwireContact Us → http://www.twitter.com/hak5____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Microsoft Recall is a Bad Idea - ThreatWire Hak5 2024-06-05 | ⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️@endingwithali →Twitch: twitch.tv/endingwithaliTwitter: twitter.com/endingwithaliYouTube: youtube.com/@endingwithaliEverywhere else: https://links.ali.devWant to work with Ali? endingwithalicollabs@gmail.com[❗] Join the Patreon→ patreon.com/threatwire0:00 0 - Intro00:11 1 - What is Happening with Ticketmaster01:19 2 - Security Breakdown Of Microsoft AI04:21 3 - Bricked Routers Source Discovered05:53 4 - OutroLINKS🔗 Story 1: What is Happening with Ticketmastersec.gov/Archives/edgar/data/1335258/000133525824000081/lyv-20240520.htmitwire.com/business-it-news/security/not-us-snowflake-wrongly-implicated-in-ticketmaster-leak.htmlsecurityweek.com/hackers-boast-ticketmaster-breach-on-relaunched-breachforumshttps://x.com/vxunderground/status/1796063116574314642 🔗 Story 2: Security Breakdown Of Microsoft AIblogs.microsoft.com/blog/2024/05/20/introducing-copilot-pcstheverge.com/2024/6/3/24170305/microsoft-windows-recall-ai-screenshots-security-privacy-issueshttps://cyberplace.social/@GossiTheDog/112531054138802168doublepulsar.com/recall-stealing-everything-youve-ever-typed-or-viewed-on-your-own-windows-pc-is-now-possible-da3e12e9465ebbc.com/news/articles/cpwwqp6nx14o🔗 Story 3: Bricked Routers Source Discoveredbleepingcomputer.com/news/security/malware-botnet-bricked-600-000-routers-in-mysterious-2023-attackblog.lumen.com/the-pumpkin-eclipse-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆Our Site → hak5.orgShop → http://hakshop.myshopify.comCommunity → hak5.org/communitySubscribe → youtube.com/user/Hak5Darren?sub_confirmation=1Support → patreon.com/threatwireContact Us → http://www.twitter.com/hak5____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Apple’s Accidental Stalkerware - ThreatWire Hak5 2024-05-29 | ⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️@endingwithali →Twitch: twitch.tv/endingwithaliTwitter: twitter.com/endingwithaliYouTube: youtube.com/@endingwithaliEverywhere else: https://links.ali.devWant to work with Ali? endingwithalicollabs@gmail.com[❗] Join the Patreon→ patreon.com/threatwire0:00 Intro00:10 1 - GitHub Enterprise Authentication Bypass01:10 2 - Apple’s Accidental Stalkerware03:55 3 - New DNSBomb Attack06:16 4 - OutroLINKS🔗 Story 1: docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.15darkreading.com/vulnerabilities-threats/github-authentication-bypass-opens-enterprise-server-attackers🔗 Story 2: Apple’s Accidental Stalkerwaretheregister.com/2024/05/23/apple_wifi_positioning_systemgovinfosecurity.com/surveillance-risk-apples-wifi-based-positioning-system-a-25330krebsonsecurity.com/2024/05/why-your-wi-fi-router-doubles-as-an-apple-airtagcybersecuritynews.com/apples-wi-fi-positioning-systemhttps://www.cs.umd.edu/~dml/papers/wifi-surveillance-sp24.pdf🔗 Story 3: New DNSBomb Attackdnsbomb.netcybersecuritynews.com/new-dos-attack-dnsbomb-exploiting-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆Our Site → hak5.orgShop → http://hakshop.myshopify.comCommunity → hak5.org/communitySubscribe → youtube.com/user/Hak5Darren?sub_confirmation=1Support → patreon.com/threatwireContact Us → http://www.twitter.com/hak5____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Slack AI is Reading Your Chats - ThreatWire Hak5 2024-05-22 | ⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️Ali’s New Video: youtube.com/watch?v=NIpOeHFYZrM @endingwithali →Twitch: twitch.tv/endingwithaliTwitter: twitter.com/endingwithaliYouTube: youtube.com/@endingwithaliEverywhere else: https://links.ali.devWant to work with Ali? endingwithalicollabs@gmail.com[❗] Join the Patreon→ patreon.com/threatwire00:00 Intro00:09 Fluent Bit Memory Corruption Catastrophe01:22 Slack Training AI Using User Data02:42 Cybersecurity Fear Mongering on Twitter04:37 OutroLINKS🔗 Story 1: Fluent Bit Memory Corruption Catastrophetenable.com/blog/linguistic-lumberjack-attacking-cloud-services-via-logging-endpoints-fluent-bit-cve-2024-4323darkreading.com/cloud-security/critical-bug-dos-rce-data-leaks-in-all-major-cloud-platforms🔗 Story 2: Slack Training AI Using User Datahttps://x.com/QuinnyPig/status/1791220276350390575slack.com/help/articles/25076892548883-Guide-to-Slack-AIslack.com/help/articles/28310650165907-Security-for-Slack-AIslack.com/help/articles/28244420881555-Manage-Slack-AI-settings-for-your-organization🔗 Story 3: Cybersecurity Fear Mongering on Twitterhttps://x.com/alifcoder/status/1792108250248380451https://x.com/Parul_Gautam7/status/1791836699888079127-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆Our Site → hak5.orgShop → http://hakshop.myshopify.comCommunity → hak5.org/communitySubscribe → youtube.com/user/Hak5Darren?sub_confirmation=1Support → patreon.com/threatwireContact Us → http://www.twitter.com/hak5____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Is Elon Musk a Security Expert? - ThreatWire Hak5 2024-05-15 | ⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️@endingwithali →Twitch: twitch.tv/endingwithaliTwitter: twitter.com/endingwithaliYouTube: youtube.com/@endingwithaliEverywhere else: https://links.ali.devWant to work with Ali? endingwithalicollabs@gmail.com[❗] Join the Patreon→ patreon.com/threatwire0:00 Intro00:10 1 - NextJS Vulnerabilities Discovered02:06 2 - New Technique Allows VPN Bypass04:31 3 - FIDO2 Flaw Exposes MITM Attack05:51 4 - Signal Vs Telegram08:24 5 - Outro LINKS🔗 Story 1: NextJS Vulnerabilities Discoveredportswigger.net/web-security/request-smuggling/advanced/response-queue-poisoninggithub.com/advisories/GHSA-77r5-gw3j-2mpfgithub.com/advisories/GHSA-fr5h-rqp8-mj6gcybersecuritynews.com/next-js-server-compromise🔗 Story 2: New Technique Allows VPN Bypassleviathansecurity.com/blog/tunnelvisioncybersecuritynews.com/tunnelvision🔗 Story 3: FIDO2 Flaw Exposes MITM Attacksilverfort.com/blog/using-mitm-to-bypass-fido2gbhackers.com/fid02-mitm-vulnerability🔗 Story 4: Signal Vs Telegramcity-journal.org/article/signals-katherine-maher-problemccn.com/news/technology/telegram-vs-signal-elon-musk-claims-vulnerabilitiesbusinessinsider.com/elon-musk-encrypted-messenger-app-wars-telegram-signal-2024-5twitter.com/elonmusk/status/1787589564917490059news.ycombinator.com/item?id=40341716nitter.poast.org/matthew_d_green/status/1789687898863792453____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Malicious Cable Detector by O.MG Hak5 2024-05-10 | Get O.MG gear: hak5.org/omg https://o.mg.lol Music by KANGA (kanga.bandcamp.com)____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
LockBitSupp Revealed? - ThreatWire Hak5 2024-05-08 | ⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️@endingwithali →Twitch: twitch.tv/endingwithaliTwitter: twitter.com/endingwithaliYouTube: youtube.com/@endingwithaliEverywhere else: https://links.ali.dev[❗] Join the Patreon→ patreon.com/threatwire0:00 Intro00:00:08 1 - CISA and FBI Release New Developer Warning00:01:42 2 - GitLab Vuln is Leading to Account Takeovers00:03:02 3 - Ministry of Defence Hacked00:04:08 4 - LockBit Troll 00:05:52 OutroLINKS🔗 Story 1: CISA and FBI Release New Developer Warningcisa.gov/sites/default/files/2024-05/Secure_by_Design_Alert_Eliminating_Directory_Traversal_Vulnerabilities_in_Software_508c%20%283%29.pdf bleepingcomputer.com/news/security/cisa-urges-software-devs-to-weed-out-path-traversal-vulnerabilities🔗 Story 2: GitLab Vuln is Leading to Account Takeoversbleepingcomputer.com/news/security/cisa-says-gitlab-account-takeover-bug-is-actively-exploited-in-attackscisa.gov/news-events/alerts/2024/01/10/cisa-adds-one-known-exploited-vulnerability-catalogdarkreading.com/application-security/critical-gitlab-bug-exploit-account-takeover-cisathehackernews.com/2024/05/cisa-warns-of-active-exploitation-of.html🔗 Story 3: Ministry of Defence Hackedbbc.com/news/uk-68966497news.sky.com/story/china-hacked-ministry-of-defence-sky-news-learns-13130757news.sky.com/story/china-responsible-for-two-cyber-attack-campaigns-in-uk-says-dowden-13101680🔗 Story 4: LockBit Troll twitter.com/NCA_UK/status/1787492550342799746twitter.com/vxunderground/status/1787234502323978385techcrunch.com/2024/05/06/police-resurrect-lockbits-site-and-troll-the-ransomware-gangtwitter.com/vxunderground/status/1787845917803946131/photo/1 twitter.com/vxunderground/status/1787854092406083800 ____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
AntiVirus is a Virus - ThreatWire Hak5 2024-05-01 | ⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️@endingwithali →Twitch: twitch.tv/endingwithaliTwitter: twitter.com/endingwithaliYouTube: youtube.com/@endingwithaliEverywhere else: https://links.ali.dev[❗] Join the Patreon→ patreon.com/threatwire0:00 Intro00:07 1 - Net Neutrality is BACK01:12 2 - Ivanti Connect Secure Zero Days Still Hitting Hard02:32 3 - AntiVirus is A Virus04:13 4 - UK has outlawed Passwords05:22. 5 - OutroLINKS🔗 Story 1: Net Neutrality is BACKdocs.fcc.gov/public/attachments/DOC-402091A1.pdfpbs.org/newshour/politics/net-neutrality-reinstated-as-fcc-passes-measure-to-regulate-internet-providerskvpr.org/npr-news/2024-04-29/net-neutrality-is-back-u-s-promises-fast-safe-and-reliable-internet-for-allfcc.gov/net-neutrality 🔗 Story 2: Ivanti Connect Secure Zero Days Still Hitting Hardcybersecuritydive.com/news/ivanti-connect-secure-state-linked-threat/708706thehackernews.com/2024/01/chinese-hackers-exploit-zero-day-flaws.htmlmitre.org/news-insights/news-release/mitre-response-cyber-attack-one-its-rd-networkssecurityweek.com/mitre-hacked-by-state-sponsored-group-via-ivanti-zero-dayslinkedin.com/feed/update/urn:li:activity:7187127053253586944cyberscoop.com/ivanti-linked-breach-of-cisa-potentially-affected-more-than-100000-individuals🔗 Story 3: AntiVirus is A Virusdecoded.avast.io/janrubin/guptiminer-hijacking-antivirus-updates-for-distributing-backdoors-and-casual-mining🔗 Story 4: UK has outlawed Passwordsarstechnica.com/gadgets/2024/04/connected-devices-with-awful-default-passwords-now-illegal-in-uketsi.org/deliver/etsi_en/303600_303699/303645/02.01.01_60/en_303645v020101p.pdf____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
New PuTTY Vulnerability - ThreatWire Hak5 2024-04-22 | ⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️@endingwithali →Twitch: twitch.tv/endingwithaliTwitter: twitter.com/endingwithaliYouTube: youtube.com/@endingwithaliEverywhere else: https://links.ali.dev[❗] Join the Patreon→ patreon.com/threatwire0:00 Sophia d’Antoine0:36 - Potential T-Mobile Directory Leak2:32 - Palo Alto Networks Firewall Python Backdoor 4:20 - Twitter Hosted the Phishing Olympics6:14 - PuTTY Project Vulnerable7:28 - OutroLINKS🔗 Story 1: Potential T-Mobile Directory Leakt-mobile.com/support/plans-features/sim-protectionsciencedaily.com/releases/2016/05/160512085123.htmhttps://tmo.report/2024/04/t-mobile-employees-across-the-country-receive-cash-offers-to-illegally-swap-sims/🔗 Story 2: Palo Alto Networks Firewall Python Backdoor volexity.com/blog/2024/04/12/zero-day-exploitation-of-unauthenticated-remote-code-execution-vulnerability-in-globalprotect-cve-2024-3400unit42.paloaltonetworks.com/cve-2024-3400security.paloaltonetworks.com/CVE-2024-3400labs.watchtowr.com/palo-alto-putting-the-protecc-in-globalprotect-cve-2024-3400twitter.com/HackingLZ/status/1780239802496864474🔗 Story 3: Twitter Hosted the Phishing Olympicskrebsonsecurity.com/2024/04/twitters-clumsy-pivot-to-x-com-is-a-gift-to-phishers🔗 Story 4: PuTTY Project Vulnerablechiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.htmlthehackernews.com/2024/04/widely-used-putty-ssh-client-found.htmlopenwall.com/lists/oss-security/2024/04/15/6____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Writing Threatwire Live with @endingwithali Hak5 2024-04-16 | Surprise live stream - working on writing Threatwire live. Come Join! -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆Our Site → hak5.orgShop → http://hakshop.myshopify.comSubscribe → youtube.com/user/Hak5Darren?sub_confirmation=1Support → patreon.com/threatwireContact Us → http://www.twitter.com/hak5-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
New OMG Cable - Woven & Unmarked Hak5 2024-04-15 | Now Available: hak5.org/omg -------☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆Our Site → hak5.orgShop → http://hakshop.myshopify.comSubscribe → youtube.com/user/Hak5Darren?sub_confirmation=1Support → patreon.com/threatwireContact Us → http://www.twitter.com/hak5-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
A New Kind of Phishing Attack - ThreatWire Hak5 2024-04-12 | ⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️Support ThreatWire → patreon.com/threatwire@endingwithali →Twitch: twitch.tv/endingwithaliTwitter: twitter.com/endingwithaliYouTube: youtube.com/@endingwithaliEverywhere else: https://links.ali.devIf you want to help Ali with her research project email her at endingwithaliresearch@gmail.com→ Please include (1️⃣) the size of your company and (2️⃣) what your company does. [❗] Join the book club on Patreon→ patreon.com/threatwire0:00 Intro0:08 - New Kind of Phishing Attack1:01 - Latrodectus3:24 - Discord DOS3:53 - Unsupported NAS devices left Vulnerable6:03 - OUTROLINKS🔗 Story 1: New Kind of Phishing Attack- lutrasecurity.com/en/articles/kobold-letters🔗 Story 2: Latrodectus- darkreading.com/threat-intelligence/new-loader-takes-over-where-qbot-left-off- darkreading.com/cyber-risk/microsoft-warns-of-malware-delivery-via-google-urls- proofpoint.com/us/blog/threat-insight/latrodectus-spider-bytes-ice- thehackernews.com/2024/04/watch-out-for-latrodectus-this-malware.html🔗 Story 3: Discord DOS- twitter.com/vxunderground/status/1777199692184498257🔗 Story 4: Unsupported NAS devices left Vulnerable- supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383- github.com/netsecfish/dlink- computerworld.com/article/1723844/microsoft-sets-post-retirement-patching-record-with-windows-xp-fix-5-years-after-support-ended.html- neowin.net/news/ten-years-ago-windows-xp-received-its-final-update____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
OWASP Oopsies and Calling XZ What It Is - ThreatWire Hak5 2024-04-06 | ⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️Support ThreatWire → patreon.com/threatwire@endingwithali →Twitch: twitch.tv/endingwithaliTwitter: twitter.com/endingwithaliYouTube: youtube.com/@endingwithaliEverywhere else: https://links.ali.dev@0xTib3riusTwitter: twitter.com/0xTib3riusTwitch: twitch.tv/0xTib3riusYouTube: youtube.com/Tib3riusEverywhere else: tib3rius.com@TracketPacer Twitter: twitter.com/TracketPacerYouTube: youtube.com/c/tracketpacerTikTok: tiktok.com/@tracketpacerEverywhere else: tracketpacer.com [❗] Join the book club on Patreon→ patreon.com/threatwire0:00 Intro0:11 - Backdoor in XZ-Utils4:46 - OWASP Oopsies5:30 - UPDATE: NVD has broken its silence8:14 - UPDATE: AT&T Finally Admits The L8:57 - OUTROLINKS🔗 Story 1: Backdoor in XZ-Utilshttps://mastodon.social/@AndresFreundTec/112180406142695845wiz.io/blog/cve-2024-3094-critical-rce-vulnerability-found-in-xz-utilshttps://bsky.app/profile/filippo.abyssdomain.expert/post/3kowjkx2njy2bmail-archive.com/xz-devel@tukaani.org/msg00566.htmlopenwall.com/lists/oss-security/2024/03/29/4boehs.org/node/everything-i-know-about-the-xz-backdoor#fnref2gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27🔗 Story 2: OWASP Oopsiestwitter.com/owasp/status/1774851614752313460bleepingcomputer.com/news/security/owasp-discloses-data-breach-caused-by-wiki-misconfigurationowasp.org/blog/2024/03/29/OWASP-data-breach-notification.html🔗 Story 3: UPDATE: NVD has broken its silencefirst.org/conference/vulncon2024infosecurity-magazine.com/news/nist-unveils-new-nvd-consortium/?&web_view=truesos-vo.org/news/nist-unveils-new-consortium-operate-its-national-vulnerability-databasenvd.nist.gov/general/news/nvd-program-transition-announcement🔗 Story 4: UPDATE: AT&T Finally Admits The Lsecurityweek.com/att-says-data-on-73-million-customers-leaked-on-dark-web____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Introducing the new Threat Wire Hak5 2024-04-01 | Order today at https://Hak5.org____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Apple’s Unfixable Vulnerability - ThreatWire Hak5 2024-03-29 | ⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️Support ThreatWire → patreon.com/threatwire@endingwithali →Twitch: twitch.tv/endingwithaliTwitter: twitter.com/endingwithaliEverywhere else: https://links.ali.dev[❗] ThreatWire Patreon has moved to → patreon.com/threatwire0:00 - Intro0:13 - US Cyber Trust Mark is Now Official2:24 - Apple’s Unfixable Vulnerability4:23 - Another Python Supply Chain Attack5:50 - OutroLINKS🔗 Story 1: US Cyber Trust Mark is Now Officialwhitehouse.gov/briefing-room/statements-releases/2022/10/11/fact-sheet-biden-harris-administration-delivers-on-strengthening-americas-cybersecuritydocs.fcc.gov/public/attachments/FCC-24-26A1.pdfjdsupra.com/legalnews/fcc-launches-u-s-cyber-trust-mark-4990595cyberscoop.com/fcc-cyber-trust-mark🔗 Story 2: Apple’s Unfixable VulnerabilityApple Mitigation: developer.apple.com/documentation/xcode/writing-arm64-code-for-apple-platforms#Enable-DIT-for-constant-time-cryptographic-operationsbleepingcomputer.com/news/security/new-gofetch-attack-on-apple-silicon-cpus-can-steal-crypto-keysarstechnica.com/security/2024/03/hackers-can-extract-secret-encryption-keys-from-apples-mac-chipshttps://gofetch.fail/cyberkendra.com/2024/03/gofetch-flaw-exposes-cryptographic-key.html🔗 Story 3: Another Python Supply Chain Attackcheckmarx.com/blog/over-170k-users-affected-by-attack-using-fake-python-infrastructure____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
CVEs ARE DYING - ThreatWire Hak5 2024-03-22 | ⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️Support ThreatWire → patreon.com/threatwire@endingwithali →Twitch: twitch.tv/endingwithaliTwitter: twitter.com/endingwithaliEverywhere else: https://links.ali.dev[❗] ThreatWire Patreon has moved to → patreon.com/threatwire0:00 Intro0:12 - The NVD is MIA2:09 - Linux Foundation CVE Reporting Changed4:16 - Cisco Acquires Splunk4:20 - It’s Literally Black Market Extortion6:06 - Is the AT&T Leak Real?7:02 - OUTROLINKS🔗 Story 1: The NVD is MIAblog.morphisec.com/national-vulnerability-database-defend-unpatched-vulnerabilitiesanchore.com/blog/national-vulnerability-database-opaque-changes-and-unanswered-questionsnvd.nist.govhackread.com/nist-nvd-halt-leaves-vulnerabilities-untagged🔗 Story 2: Linux Foundation CVE Reporting Changedgithub.com/torvalds/linux/blob/master/Documentation/process/cve.rstcommunity.synopsys.com/s/question/0D5Uh000007i8czKAA/black-duck-nvd-and-linux-kernel-cve-processlwn.net/ml/linux-kernel/2024021314-unwelcome-shrill-690e@gregkhlwn.net/Articles/961961openssf.org/blog/2024/02/14/linux-kernel-achieves-cve-numbering-authority-statusThis story had help with sourcing by Karl and Lacey! Thank you for the help!🔗 Story 3: Cisco Acquires Splunkcisco.com/site/us/en/about/corporate-strategy-office/acquisitions/splunk/index.html🔗 Story 4: It’s Literally Black Market Extortiongrahamcluley.com/incognito-market-the-not-so-secure-dark-web-drug-marketplacekrebsonsecurity.com/2024/03/incognito-darknet-market-mass-extorts-buyers-sellers🔗 Story 5: Is the AT&T Leak Real?scmagazine.com/brief/att-denies-alleged-data-leak-of-over-70m-individualsbleepingcomputer.com/news/security/att-says-leaked-data-of-70-million-people-is-not-from-its-systemstheregister.com/2024/03/18/att_alleged_data_leaknextgov.com/cybersecurity/2024/02/fcc-gives-telecom-companies-7-days-alert-authorities-discovered-data-breaches/394074____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Encryption Market Heating Up - ThreatWire Hak5 2024-03-15 | ⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️Support ThreatWire → patreon.com/threatwire@endingwithali →Twitch: twitch.tv/endingwithaliTwitter: twitter.com/endingwithaliEverywhere else: https://links.ali.dev[❗] ThreatWire Patreon has moved to → patreon.com/threatwire0:00 Intro0:10 - Encryption market is heating up2:07 - Toddler Aged Malware Found3:11 - Admitting to human error4:08 - OutroLINKS🔗 Story 1: Encryption market is heating upbughunters.google.com/blog/5108747984306176/google-s-threat-model-for-post-quantum-cryptographybleepingcomputer.com/news/security/tuta-mail-adds-new-quantum-resistant-encryption-to-protect-emailbleepingcomputer.com/news/security/signal-adds-quantum-resistant-encryption-to-its-e2ee-messaging-protocolnist.gov/news-events/news/2022/07/nist-announces-first-four-quantum-resistant-cryptographic-algorithmscsrc.nist.gov/Projects/post-quantum-cryptography/post-quantum-cryptography-standardization/round-3-submissionsthenextweb.com/news/zama-holy-grail-cryptography-fully-homomorphic-encryption🔗 Story 2: Toddler Aged Malware Foundresearch.checkpoint.com/2024/magnet-goblin-targets-publicly-facing-servers-using-1-day-vulnerabilitiesarstechnica.com/security/2024/02/as-if-two-ivanti-vulnerabilities-under-explot-wasnt-bad-enough-now-there-are-3arstechnica.com/security/2024/03/never-before-seen-linux-malware-gets-installed-using-1-day-exploits🔗 Story 3: Admitting to human errorblog.knowbe4.com/88-percent-of-data-breaches-are-caused-by-human-errorthecyberexpress.com/cybersecurity-mistakes-knowledge-gapskaspersky.com/blog/human-factor-360-report-2023media.isc2.org/-/media/Project/ISC2/Main/Media/documents/research/ISC2_Cybersecurity_Workforce_Study_2023.pdf?rev=28b46de71ce24e6ab7705f6e3da8637e____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
White House said to use Rust - ThreatWire Hak5 2024-02-28 | ⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️Support ThreatWire → patreon.com/threatwire@endingwithali →Twitch: twitch.tv/endingwithaliTwitter: twitter.com/endingwithaliEverywhere else: https://links.ali.dev[❗] ThreatWire Patreon has moved to → patreon.com/threatwire0:00 - Intro0:11 - LockBit Update1:23 - White House recommends Rust2:54 - Apple Quantum Safe4:03 - OutroLINKS🔗 Story 1: LockBit Updatehackread.com/lockbit-ransomware-returns-taunts-fbi-data-leakshackread.com/nca-lockbit-gang-source-code-arrest-tool-revealedjustice.gov/opa/pr/us-and-uk-disrupt-lockbit-ransomware-varianthttps://therecord.media/lockbit-relaunch-attempt-follwing-takedownreuters.com/technology/cybersecurity/us-indicts-two-russian-nationals-lockbit-cybercrime-gang-bust-2024-02-20🔗 Story 2: White House Recommends Rustyoutube.com/watch?v=xVYSvkogoUM&t=2s&ab_channel=TheWhiteHousebleepingcomputer.com/news/security/white-house-urges-devs-to-switch-to-memory-safe-programming-languageswhitehouse.gov/oncd/briefing-room/2024/02/26/press-release-technical-reportwhitehouse.gov/wp-content/uploads/2024/02/Final-ONCD-Technical-Report.pdf🔗 Story 3: Apple Quantum Safesecurity.apple.com/blog/imessage-pq3schneier.com/blog/archives/2024/02/apple-announces-post-quantum-encryption-algorithms-for-imessage.html____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
I-S00N China File Drop - ThreatWire Hak5 2024-02-22 | ⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️Support ThreatWire → patreon.com/threatwire@endingwithali →Twitch: twitch.tv/endingwithaliTwitter: twitter.com/endingwithaliEverywhere else: https://links.ali.dev[❗] ThreatWire Patreon has moved to → patreon.com/threatwire0:00 Intro0:11 - What is happening with LockBit?0:48 - Linux Kernel Added as CNA1:02 - I-S00N China file drop2:12 - Using Audio to Generate Fingerprint Attacks 4:02 - ChatGPT Accounts Linked to APTs Deleted5:51 - OutroLINKS🔗 Story 1: What is happening with LockBit?inforisktoday.com/lockbit-infrasttructure-seized-by-us-uk-police-a-24395bleepingcomputer.com/news/security/lockbit-ransomware-disrupted-by-global-police-operation🔗 Story 2: Linux Kernel Added as CNAcve.org/Media/News/item/news/2024/02/13/kernel-org-Added-as-CNAhttp://www.kroah.com/log/blog/2024/02/13/linux-is-a-cna🔗 Story 3: I-S00N China file dropthreadreaderapp.com/thread/1759326049262019025.htmlthecyberexpress.com/chinese-ministry-of-public-security-breachgithub.com/I-S00N/I-S00N🔗 Story 4: Using Audio to Generate Fingerprint Attacksndss-symposium.org/wp-content/uploads/2024-618-paper.pdftomshardware.com/tech-industry/cyber-security/your-fingerprints-can-be-recreated-from-the-sounds-made-when-you-swipe-on-a-touchscreen-researchers-new-side-channel-attack-can-reproduce-partial-fingerprints-to-enable-attacksbeebom.com/master-print-ai-generated-fingerprint-unlock-smartphone🔗 Story 5: ChatGPT Accounts Linked to APTs Deletedbleepingcomputer.com/news/security/openai-blocks-state-sponsored-hackers-from-using-chatgptmicrosoft.com/en-us/security/blog/2024/02/14/staying-ahead-of-threat-actors-in-the-age-of-aiopenai.com/blog/disrupting-malicious-uses-of-ai-by-state-affiliated-threat-actors____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Writing Threatwire Live with @endingwithali Hak5 2024-02-20 | Surprise live stream - working on writing Threatwire live. Come Join! -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆Our Site → hak5.orgShop → http://hakshop.myshopify.comSubscribe → youtube.com/user/Hak5Darren?sub_confirmation=1Support → patreon.com/threatwireContact Us → http://www.twitter.com/hak5-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
DEF CON was actually cancelled?! - ThreatWire Hak5 2024-02-15 | ⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️Support ThreatWire → patreon.com/threatwire@endingwithali →Twitch: twitch.tv/endingwithaliTwitter: twitter.com/endingwithaliEverywhere else: https://links.ali.dev[❗] ThreatWire Patreon has moved to → patreon.com/threatwire0:00 Intro0:12 - Is this app speedrunning getting hacked?2:07 - Can your Toothbrush be used DDOS someone?2:20 - FCC finalizes data breach regulations for telecom companies3:11 - DEFCON was actually canceled? 4:50 - OUTROLINKS🔗 Story 1: Is this app speedrunning getting hacked?techcrunch.com/2022/02/22/stalkerware-network-spilling-datahackread.com/stalkerware-app-thetruthspy-hacked-data-stolenhttps://maia.crimew.gay/posts/fuckstalkerware-4/techcrunch.com/2024/02/12/new-thetruthspy-stalkerware-victims-is-your-android-device-compromised🔗 Story 2: Can your Toothbrush be used DDOS someone?bleepingcomputer.com/news/security/no-3-million-electric-toothbrushes-were-not-used-in-a-ddos-attackbusinessinsider.com/girl-tweets-smart-fridge-mom-confiscated-devices-viral-2019-8🔗 Story 3: FCC finalizes data breach regulations for telecom companiessec.gov/news/press-release/2023-139fcc.gov/fcc-seeks-comment-proposed-updates-trs-data-breach-reporting-requirementsinsideprivacy.com/technology/the-fcc-expands-scope-of-data-breach-notification-rulesfederalregister.gov/documents/2024/02/12/2024-01667/data-breach-reporting-requirements#p-16🔗 Story 4: DEFCON was actually canceled?forum.defcon.org/node/248360forum.defcon.org/node/248358____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
China is able to trace your Airdrops - ThreatWire Hak5 2024-01-24 | ⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️Support ThreatWire → patreon.com/threatwire@endingwithali →Twitch: twitch.tv/endingwithaliTwitter: twitter.com/endingwithaliEverywhere else: https://links.ali.devIf you want to help Ali with her research project email her at endingwithaliresearch@gmail.com→ Please include (1️⃣) the size of your company (2️⃣) what your role title is and (3️⃣) a little summary of what your job entails. [❗] ThreatWire Patreon has moved to → patreon.com/threatwire00:00 Intro0:12 - SEC Twitter (x) Hacked! 1:52 - IT kind of does their job and gets in trouble3:16 - China is able to trace your Airdrops4:09 - Outro LINKS🔗 Story 1: SEC Twitter (x) Hacked! sec.gov/secgov-x-account bleepingcomputer.com/news/security/sec-confirms-x-account-was-hacked-in-sim-swapping-attack twitter.com/GulGeeOfficial/status/1744864569712144760🔗 Story 2: IT kind of does their job and gets in troublebleepingcomputer.com/news/security/court-charges-dev-with-hacking-after-cybersecurity-issue-disclosure https://www.heise.de/news/Warum-ein-Sicherheitsforscher-im-Fall-Modern-Solution-verurteilt-wurde-9601392.html 🔗 Story 3: China is able to trace your Airdropshttps://sfj.beijing.gov.cn/sfj/sfdt/ywdt82/flfw93/436331732/index.htmltime.com/6553473/china-cracked-apple-airdrop 🔗 Bonus Story - arstechnica.com/gadgets/2024/01/convicted-murderer-filesystem-creator-writes-of-regrets-to-linux-list ____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Cyber Kidnapping & Cartas Controversial Cap Table Tactics Exposed! - ThreatWire Hak5 2024-01-10 | ⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️Support ThreatWire → patreon.com/threatwire@endingwithali →Twitch: twitch.tv/endingwithaliTwitter: twitter.com/endingwithaliEverywhere else: https://links.ali.devIf you want to help Ali with her research project email her at endingwithaliresearch@gmail.com→ Please include (1️⃣) the size of your company (2️⃣) what your role title is and (3️⃣) a little summary of what your job entails. [❗] ThreatWire Patreon has moved to → patreon.com/threatwire0:00 - Intro0:14 - What is happening with Carta?2:14 - Cyber Kidnapping?2:50 - Crypto-hackers are active on Twitter3:35 - Outro LINKS🔗 Story 1: What is going on with Carta?twitter.com/karrisaarinen/status/1743824345334714587twitter.com/henrysward/status/1743794996732735679 twitter.com/henrysward/status/1743794996732735679 🔗 Story 2: Cyber Kidnapping?cybertalk.org/2024/01/08/the-latest-cyber-kidnapping-victim-u-s-exchange-studentnewsnationnow.com/cybersecurity/cyber-kidnapping-scam-trend 🔗 Story 3: Crypto-hackers are active on Twitter bleepingcomputer.com/news/security/netgear-hyundai-latest-x-accounts-hacked-to-push-crypto-drainers____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Insane iPhone Exploit & Zombie Cookies Hijack Google Accounts - ThreatWire Hak5 2024-01-03 | ⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️Support ThreatWire → patreon.com/threatwire@endingwithali →Twitch: twitch.tv/endingwithaliTwitter: twitter.com/endingwithaliEverywhere else: https://links.ali.devIf you want to help Ali with her research project email her at endingwithaliresearch@gmail.com→ Please include (1️⃣) the size of your company (2️⃣) what your role title is and (3️⃣) a little summary of what your job entails. [❗] ThreatWire Patreon has moved to → patreon.com/threatwire00:00 Intro0:00 - Intro0:12 - Insane iPhone Exploit Revealed to the World1:42 - Zombie Cookies Hijack Google Accounts2:51 - Outro LINKS🔗 Story 1: Insane iPhone Exploit Revealed to the Worldarstechnica.com/security/2023/12/exploit-used-in-mass-iphone-infection-campaign-targeted-secret-hardware-feature/2securelist.com/operation-triangulation-the-last-hardware-mystery/111669youtube.com/watch?v=7VWNUUldBEE&ab_channel=auth🔗 Story 2: Zombie Cookies Hijack Google Accountscloudsek.com/blog/compromising-google-accounts-malwares-exploiting-undocumented-oauth2-functionality-for-session-hijackinghackread.com/malware-google-cookie-exploit-via-oauth2bleepingcomputer.com/news/security/malware-abuses-google-oauth-endpoint-to-revive-cookies-hijack-accountsdarktrace.com/blog/the-rise-of-the-lumma-info-stealeryoutube.com/watch?v=NzAtZzzFoOs&ab_channel=HudsonRock____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
GTA Hacker Sentenced - ThreatWire Hak5 2023-12-27 | ⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️Support ThreatWire → patreon.com/threatwire@endingwithali →Twitch: twitch.tv/endingwithaliTwitter: twitter.com/endingwithaliEverywhere else: https://links.ali.devIf you want to help Ali with her research project email her at endingwithaliresearch@gmail.com→ Please include (1️⃣) the size of your company (2️⃣) what your role title is and (3️⃣) a little summary of what your job entails. [❗] ThreatWire Patreon has moved to → patreon.com/threatwire00:00 Intro0 - PSA: SEC Regulations Are Live1 - GTA Hacker Sentenced2 - An Update to the MongoDB story3 - What is happening with AlphV?4 - Major Vulnerability Found in SSH5 - Outro LINKS🔗Story 1 - PSA: SEC Regulations Are Livesec.gov/news/press-release/2023-139cyberscoop.com/sec-cybersecurity-incidents-disclosure-rulesec.gov/news/statement/gerding-cybersecurity-disclosure-20231214🔗Story 2 - GTA Hacker Sentencedbbc.com/news/technology-67663128insider-gaming.com/gta-6-hacker-vows-to-continue-to-commit-crimes-after-being-released-from-jailen.wikipedia.org/wiki/Lapsus$youtube.com/watch?v=v_z2HkVfcEA&ab_channel=Crumb🔗Story 3 - MongoDB Updatemongodb.com/alerts🔗Story 4 - What is happening to AlphV justice.gov/opa/pr/justice-department-disrupts-prolific-alphvblackcat-ransomware-variantarstechnica.com/security/2023/12/alphv-ransomware-site-is-seized-by-the-fbi-then-its-unseized-and-so-on🔗Story 5 - Major Vulnerability Found in SSHarstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attackterrapin-attack.combleepingcomputer.com/news/security/terrapin-attacks-can-downgrade-security-of-openssh-connectionsopenssh.com/releasenotes.html#9.6p1____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Twitter/X Bug Bounty Blunder - ThreatWire Hak5 2023-12-21 | ⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️Support ThreatWire → patreon.com/threatwire@endingwithali →Twitch: twitch.tv/endingwithaliTwitter: twitter.com/endingwithaliEverywhere else: https://links.ali.devIf you want to help Ali with her research project email her at endingwithaliresearch@gmail.com → Please include (1️⃣) the size of your company (2️⃣) what your role title and (3️⃣) a little summary of what your job entails. [❗] ThreatWire Patreon has moved to → patreon.com/threatwire0:00 - Intro0:15 - Twitter Bug Bounty Program Flop2:11 - 16 Year Reverse Engineers the iMessage Protocol3:46 - Still Developing: MongoDB Breach4:59 - Ledger Supply Chain Attack and A Research Project6:00 - OutroLINKS🔗Story 1 - Twitter Bug Bounty Program Floptwitter.com/shoucccc/status/1734802168723734764twitter.com/shoucccc/status/1734802177263313091twitter.com/shoucccc/status/1734684850173739412twitter.com/rabbit_2333/status/1734712416074879162twitter.com/rabbit_2333/status/1734881873099379189twitter.com/rabbit_2333/status/1735886436195529048🔗Story 2 - 16 Year Reverse Engineers the iMessage Protocolbeeper.comblog.beeper.com/p/introducing-beeper-mini-get-bluehttps://jjtech.dev/reverse-engineering/imessage-explained/github.com/JJTech0130/pypushtheverge.com/2023/12/18/24006037/apple-beeper-doj-investigation-imessage-letter-androidtechradar.com/phones/it-took-a-genius-teenager-to-break-imessage-code-but-itll-take-apple-to-wake-up-and-realize-its-time-for-an-android-version-of-imessage🔗Story 3 - Breaking: MongoDB Data Breach hackread.com/mongodb-data-breach-hackers-access-customer-infotwitter.com/vxunderground/status/1736134217321370109/photo/1mongodb.com/alerts🔗Story 4 - Ledger Supply Chain Attacksecurityaffairs.com/156029/hacking/ledger-supply-chain-attack.htmlledger.com/blog/a-letter-from-ledger-chairman-ceo-pascal-gauthier-regarding-ledger-connect-kit-exploitsecurityboulevard.com/2023/12/three-lessons-from-the-ledger-connect-kit-supply-chain-attacktechcrunch.com/2023/12/14/supply-chain-attack-targeting-ledger-crypto-wallet-leaves-users-hacked____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
PAYLOAD: DuckyLogger 2.0 - Keylogger for USB Rubber Ducky [PAYLOAD MINUTE] Hak5 2023-12-19 | Exploring the DuckyLogger 2.0 keylogger payload by drapl0n for the USB Rubber Ducky, this time on [PAYLOAD MINUTE]Payloads → payloads.hak5.org____________________________________________Hak5: Cyber Security Education, Inspiration & Community since 2005.____________________________________________Shop → shop.hak5.orgSubscribe → youtube.com/user/Hak5Darren?sub_confirmation=1____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
PAYLOAD: ICMP Data Exfiltration - USB Rubber Ducky/Exfiltration [PAYLOAD MINUTE] Hak5 2023-12-14 | Delving into the ICMP Data Exfiltration payload by TW-D for the USB Rubber Ducky, this time on [PAYLOAD MINUTE]Payloads → payloads.hak5.org____________________________________________Hak5: Cyber Security Education, Inspiration & Community since 2005.____________________________________________Shop → hakshop.myshopify.comSubscribe → youtube.com/user/Hak5Darren?sub_confirmation=1____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Hax 4 BIOS, WordPress & Counter-Strike, oh my! - ThreatWire Hak5 2023-12-13 | Support ThreatWire → patreon.com/threatwire@endingwithali Twitch → twitch.tv/endingwithali [!!] ThreatWire Patreon has moved to patreon.com/threatwire0:00 - Intro0:27 - All your logos are belong to us2:08 - Just another Wordpress vulnerability2:55 - Counter-Strike 2 HTML Injection DOS attack?LINKSStory 1binarly.io/posts/finding_logofail_the_dangers_of_image_parsing_during_system_boot/index.htmlbinarly.io/posts/The_Far_Reaching_Consequences_of_LogoFAIL/index.htmlarstechnica.com/security/2023/12/just-about-every-windows-and-linux-device-vulnerable-to-new-logofail-firmware-attackcyberscoop.com/logofail-vulnerability-boot-processscmagazine.com/news/logofail-vulnerabilities-may-affect-95-of-computers-researchers-sayStory 2bleepingcomputer.com/news/security/50k-wordpress-sites-exposed-to-rce-attacks-by-critical-bug-in-backup-pluginwordfence.com/blog/2023/12/critical-unauthenticated-remote-code-execution-found-in-backup-migration-plugincve.org/CVERecord?id=CVE-2023-6553Story 3bleepingcomputer.com/news/security/counter-strike-2-html-injection-bug-exposes-players-ip-addresseshackread.com/gamers-warned-of-cs2-exploit-reveal-ip-address____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Windows Fingerprint Sensors Spoofable - ThreatWire Hak5 2023-12-06 | Support ThreatWire → patreon.com/threatwire@endingwithali Twitch → twitch.tv/endingwithali [!!] ThreatWire Patreon has moved to patreon.com/threatwire - thanks for your support!0:00 - Intro0:27 - Windows Fingerprint Sensors are Spoofable1:41 - Okta oopsie turns into a big mess2:59 - Citrix Netscaler causing issues across the board4:00 - OutroLINKSblackwinghq.com/blog/posts/a-touch-of-pwn-part-iarstechnica.com/gadgets/2023/11/researchers-beat-windows-hello-fingerprint-sensors-with-raspberry-pi-and-linuxcomputerworld.com/article/3244347/what-is-windows-hello-microsofts-biometrics-security-system-explained.htmldarkreading.com/application-security/otka-breach-widens-entire-customer-basesec.okta.com/harfilessec.okta.com/articles/2023/11/unauthorized-access-oktas-support-case-management-system-root-causereuters.com/technology/cybersecurity/okta-says-hackers-stole-data-all-customer-support-users-cyber-breach-2023-11-29techcrunch.com/2023/11/29/okta-admits-hackers-accessed-data-on-all-customers-during-recent-breach/?guccounter=1&guce_referrer=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8&guce_referrer_sig=AQAAAAuidLSeCn9R8nNTjiKKHMgPEcnprYT0tAjYnx4iH7XP2IBiO4Th079erwec0SE5woM5Nl5kCukXt3j0V_GE2q6ty46bv6vUA3h8GcD8mT54hJfZvR1ikotQyAzzjS4bG61jkl8gKAghckJSn-N1tAoo2AJnuHlltxAUFcCGj3I1malwarebytes.com/blog/news/2023/11/okta-breach-happened-after-employee-logged-into-personal-google-accountassetnote.io/resources/research/citrix-bleed-leaking-session-tokens-with-cve-2023-4966bleepingcomputer.com/news/security/us-health-dept-urges-hospitals-to-patch-critical-citrix-bleed-bugsiliconangle.com/2023/12/04/new-citrix-bleed-ransomware-threat-hits-many-credit-unionsdoublepulsar.com/what-it-means-citrixbleed-ransom-group-woes-grow-as-over-60-credit-unions-hospitals-47766a091d4fhttps://therecord.media/hhs-warns-of-citrix-bleed-bugsiliconangle.com/2023/12/04/new-citrix-bleed-ransomware-threat-hits-many-credit-unionsdashboard.shadowserver.org/statistics/combined/time-series/?date_range=7&source=http_vulnerable&source=http_vulnerable6&tag=cve-2023-4966%2B&group_by=geo&style=stacked____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Meet Ali Diamond - Hak5s new ThreatWire host Hak5 2023-12-01 | Meet Ali Diamond - @endingwithali - our new ThreatWire host! LIVE Q&A / Meet & Greet ____________________________________________ Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
A New USB Worm On The Loose - ThreatWire Hak5 2023-11-29 | Support ThreatWire → patreon.com/threatwire@endingwithali Twitch → twitch.tv/endingwithali [!!] ThreatWire Patreon has moved to patreon.com/threatwire - thanks for your support!LINKSforbes.com/sites/daveywinder/2023/11/27/law-enforcement-issues-ios-17-security-warning-over-namedrop-feature/?sh=1c0492ff4182cybertalk.org/police-departments-issue-ios-17-warningfacebook.com/OCSOMichigan/posts/pfbid02nCJYFLJfpu4GuDtfB2NoH4ZevCVE22WAd4ymoqEhF599Bp4krntoDQocsLCSV2oPl____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Hackers Reported Themselves to the SEC? - ThreatWire Hak5 2023-11-24 | Hackers Reported Themselves to the SEC, New Intel CPU CVE Discovered By Google, and a Promising Android iMessage Solution Turns out to Be Security Nightmare. All that and more, this time on ThreatWire!Support ThreatWire → patreon.com/threatwire@endingwithali Twitch → twitch.tv/endingwithali [!!] ThreatWire Patreon has moved to patreon.com/threatwire - thanks for your support!LINKSbleepingcomputer.com/news/security/ransomware-gang-files-sec-complaint-over-victims-undisclosed-breachbleepingcomputer.com/news/security/sec-now-requires-companies-to-disclose-cyberattacks-in-4-daysen.wikipedia.org/wiki/BlackCat_(cyber_gang)securityscorecard.com/research/deep-dive-into-alphv-blackcat-ransomwaredatabreaches.net/alphv-files-an-sec-complaint-against-meridianlink-for-not-disclosing-a-breach-to-the-secgridinsoft.com/blogs/alphv-blackcat-reports-to-secschneier.com/blog/archives/2023/11/ransomware-gang-files-sec-complaint.htmlhackread.com/google-reptar-vulnerability-intel-processorscloud.google.com/blog/products/identity-security/google-researchers-discover-reptar-a-new-cpu-vulnerabilitylock.cmpxchg8b.com/reptar.htmlcve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23583intel.com/content/www/us/en/security-center/advisory/intel-sa-00950.htmlarstechnica.com/gadgets/2023/11/nothings-imessage-app-was-a-security-catastrophe-taken-down-in-24-hourstheverge.com/2023/11/18/23966781/nothing-chats-imessage-unencrypted-sunbird-plaintexthttps://texts.blog/2023/11/18/sunbird-security/sunbirdapp.comtwitter.com/nothing/status/1725902458189119690____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
17 Hacker Tools in 7 Minutes - ALL Hak5 Gear Hak5 2023-11-22 | Find all the Hak5 pentest gear, videos, payloads & an awesome community at hak5.org____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Python risks system takeover & Lockbit prompts USB trades - ThreatWire Hak5 2023-11-16 | Python obfuscation tools putting developers at risk for a total system take over. Lockbit Ransomware leads to USB drive being use to carry out bank trades. All that and more, this time on ThreatWire.Support ThreatWire → patreon.com/threatwire@endingwithali Twitch → twitch.tv/endingwithali [!!] ThreatWire Patreon has moved to patreon.com/threatwire - thanks for your support!LINKSreuters.com/technology/cybersecurity/icbc-ransomware-attack-triggers-global-regulator-trader-scrutiny-2023-11-10infosecurity-magazine.com/news/icbc-and-allen-overy-hit-bytime.com/6333716/china-icbc-bank-hack-usb-stick-tradingreuters.com/world/china/chinas-largest-bank-icbc-hit-by-ransomware-software-ft-2023-11-09bleepingcomputer.com/news/security/lockbit-ransomware-leaks-gigabytes-of-boeing-datausa.kaspersky.com/resource-center/threats/lockbit-ransomwarecheckmarx.com/blog/python-obfuscation-trapssecurity.snyk.io/vuln/SNYK-PYTHON-PYOBFGOOD-6052826csoonline.com/article/654560/why-open-source-software-supply-chain-attacks-have-tripled-in-a-year.html____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Stealth Payload Tips - Obfuscation & Lock key triggers - Hak5 Hak5 2023-11-08 | Enhancing our Canary payload for the USB Rubber Ducky and answers to your questions on SMB servers and lock key states.0:00 - Intro0:38 - Previous Payload Review3:44 - Upgrades to our Payload7:10 - Caps lock trigger as a function9:26 - Obfuscation as a payload option17:35 - Hiding the payload / only run once18:52 - DEPLOY THE PAYLOAD20:51 - Payload Q&A22:30 - Lock Key Demo24:37 - Setting up a SMB canary listenerOur Site → hak5.orgSubscribe → youtube.com/user/Hak5Darren?sub_confirmation=1____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
DaaS Bypasses Android Security, and Farewell Shannon - ThreatWire Hak5 2023-11-07 | Support ThreatWire → patreon.com/threatwireA new dropper as a service bypasses android security, Okta has another breach, and yes, this is Shannon's last episode. All that coming up now on ThreatWire.[!!] ThreatWire Patreon has moved to patreon.com/threatwire - thanks for your support!LINKSthreatfabric.com/blogs/droppers-bypassing-android-13-restrictionsbleepingcomputer.com/news/security/cybercrime-service-bypasses-android-security-to-install-malware thehackernews.com/2023/11/securidropper-new-android-dropper-as.htmlbleepingcomputer.com/news/security/spynote-android-malware-spreads-via-fake-volcano-eruption-alertsbleepingcomputer.com/news/security/new-ermac-20-android-malware-steals-accounts-wallets-from-467-appsbleepingcomputer.com/news/security/new-zombinder-platform-binds-android-malware-with-legitimate-appsarstechnica.com/security/2023/11/okta-hit-by-another-breach-this-one-stealing-employee-data-from-3rd-party-vendordocumentcloud.org/documents/24110001-okta-individual-notice-general?responsive=1&title=1apps.web.maine.gov/online/aeviewer/ME/40/08edf96f-d599-4db9-9e1f-52453c0ba058.shtmlbleepingcomputer.com/news/security/okta-hit-by-third-party-data-breach-exposing-employee-informationsec.okta.com/articles/2023/10/tracking-unauthorized-access-oktas-support-systemsec.okta.com/harfiles#threatwire #hak5____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Quantum Cracks, Citrix & npm Risks - ThreatWire Hak5 2023-11-03 | Support ThreatWire → patreon.com/threatwirePotential advances in quantum crypto cracking, the ongoing challenges with Citrix Bleed, and npm packages riddled with malware.[!!] ThreatWire Patreon has moved to patreon.com/threatwire - thanks for your support!LINKSResearcher Claims to Crack RSA-2048 With Quantum Computerbankinfosecurity.com/blogs/researcher-claims-to-crack-rsa-2048-quantum-computer-p-3536researchgate.net/publication/373516233_QC_Algorithms_Faster_Calculation_of_Prime_Numbersen.wikipedia.org/wiki/Shor%27s_algorithmCitrix Bleed Mass Exploitationarstechnica.com/security/2023/10/critical-citrix-bleed-vulnerability-allowing-mfa-bypass-comes-under-mass-exploitationsupport.citrix.com/article/CTX579459/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20234966-and-cve20234967https://cyberplace.social/@GossiTheDog/111313594140810442viz.greynoise.io/query?gnql=tags%3A%22Citrix%20ADC%20Netscaler%20CVE-2023-4966%20Information%20Disclosure%20Attempt%22dashboard.shadowserver.org/statistics/combined/time-series/?date_range=30&source=http_vulnerable&source=http_vulnerable6&tag=cve-2023-4966%2B&group_by=geo&style=stackedservices.google.com/fh/files/misc/citrix-netscaler-adc-gateway-cve-2023-4966-remediation.pdfDozens of npm Packages Caught Attempting to Deploy Reverse Shellblog.phylum.io/dozens-of-npm-packages-caught-attempting-to-deploy-reverse-shellnpmjs.com/~hktalentgithub.com/hktalent/rshNpm____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Cisco, VMware, Citrix Vulnerabilities - ThreatWire Hak5 2023-10-25 | Support ThreatWire → patreon.com/threatwireCisco's recent zero-day exploit takes an obfuscation turn, VMware alerts users of a significant auth bypass flaw, and Citrix grapples with session hijacking attacks that have CISA raising an eyebrow.[!!] ThreatWire Patreon has moved to patreon.com/threatwire - thanks for your support!LINKSCiscothehackernews.com/2023/10/backdoor-implant-on-hacked-cisco.htmltwitter.com/VulnCheckAI/status/1716541908489543725twitter.com/onyphe/status/1715633541264900217blog.talosintelligence.com/active-exploitation-of-cisco-ios-xe-softwaresec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4zcisco.com/c/en/us/support/docs/ios-nx-os-software/ios-xe-dublin-17121/221128-software-fix-availability-for-cisco-ios.htmlcisa.gov/news-events/alerts/2023/10/23/cisa-updates-guidance-addressing-cisco-ios-xe-web-ui-vulnerabilitiesVMWarethehackernews.com/2023/10/alert-poc-exploits-released-for-citrix.htmlvmware.com/security/advisories/VMSA-2023-0021.htmlgithub.com/horizon3ai/CVE-2023-34051Citrixthehackernews.com/2023/10/critical-citrix-netscaler-flaw.htmlgithub.com/assetnote/exploits/tree/main/citrix/CVE-2023-4966support.citrix.com/article/CTX579459/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20234966-and-cve20234967cisa.gov/news-events/alerts/2023/10/19/cisa-adds-two-known-exploited-vulnerabilities-catalog____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Payload Triggering Tricks - USB Rubber Ducky Mods for Red Team Engagements - Hak5 Hak5 2023-10-24 | Can we trick our target into triggering a payload on their own computer, while logged in and working? We find out with some crafty payload tricks -- this time on Hak5!0:00 - Intro2:03 - Setup3:17 - Payload Writing4:22 - Cloning USB devices with ATTACKMODE5:51 - Passive Windows Detection Extension9:08 - Activity Detection with DuckyScript 312:08 - SMB Canary Keystroke Injection15:10 - Payload Arming15:45 - Testing the Payload17:22 - USB Rubber Ducky Mouse Implant Tips17:53 - Thank you Hak5 community18:21 - ReviewOur Site → hak5.orgSubscribe → youtube.com/user/Hak5Darren?sub_confirmation=1____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Covertly Implanting a USB Rubber Ducky into a Mouse Hak5 2023-10-23 | Glytch is with us again, stuffing ducks into mice, this time on Hak5!...wait what? Products used in this video: USB Rubber Ducky: shop.hak5.org/products/usb-rubber-duckyMouse: amzn.to/3tE9KHDUSB Hub: amzn.to/3S9M48cGlytch's Soldering Kit Breakdown: youtube.com/watch?v=GI9eWmk54roHak5 Wrap: https://shop.hak5.org/products/hak5-e...Tweezers: amzn.to/3kvRRUUSide Cutters: amzn.to/3kxwpyIElectric Screwdriver: amzn.to/3kAo8dsThick Lead Mechanical Pencil: amzn.to/3kEp6FsSolder Flux Pen: amzn.to/3ikTLVSSolder: amzn.to/3xSr1KoTS80P Soldering Iron: amzn.to/3ezilRBAs an Amazon Associate, Glytch earns from qualifying purchases through the links above at no extra cost to you. Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005:-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆Our Site → hak5.orgShop → http://hakshop.myshopify.comSubscribe → youtube.com/user/Hak5Darren?sub_confirmation=1Support → patreon.com/threatwireContact Us → http://www.twitter.com/hak5-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Cisco Zero-Day Exploited In The Wild - ThreatWire Hak5 2023-10-18 | Support ThreatWire → patreon.com/threatwireDarren Kitchen → https://darren.kitchenLINKSnvd.nist.gov/vuln/detail/CVE-2023-20198arstechnica.com/security/2023/10/actively-exploited-cisco-0-day-with-maximum-10-severity-gives-full-network-controlblog.talosintelligence.com/active-exploitation-of-cisco-ios-xe-softwaresec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4zvulncheck.com/blog/cisco-implants
Signal Zero Day? - #threatwire #shorts #hak5 #informationsecurity #news Hak5 2023-10-16 | Ali discusses the Signal "Zero Day" rumors. #threatwire #hak5 #shorts • Ali → https://links.ali.dev• Support → patreon.com/threatwireLINKS:twitter.com/signalapp/status/1713789257599353084twitter.com/joernchen/status/1713495612266520884twitter.com/vxunderground/status/1713824495742447739bleepingcomputer.com/news/security/signal-says-there-is-no-evidence-rumored-zero-day-bug-is-real+++Hak5 -- Cyber Security Education, Inspiration, News & Community. Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
High Severity Curl Vulnerability Announced - #threatwire #shorts Hak5 2023-10-11 | Ali discusses CVE-2023-38545 - a High Severity Vulnerability for Curl.#threatwire #hak5 • Ali → https://ali.dev/ || tiktok.com/@endingwithali || twitter.com/endingwithali || twitch.tv/endingwithali• Support → patreon.com/threatwire+++Hak5 -- Cyber Security Education, Inspiration, News & Community. Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Introducing HIDX StealthLink Hak5 2023-10-11 | Run a remote shell through a "keyboard" that looks like a normal USB cable. It's O.MG Cable's latest trick! Find all O.MG Devices for sale at hak5.org/omgGet started with several HIDX StealthLink examples: github.com/O-MG/O.MG-Firmware/wiki#features____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Curl Schedules Security Patch; Linux Hit With Buffer Overflow Flaw - ThreatWire Hak5 2023-10-10 | [!!] ThreatWire Patreon has moved to patreon.com/threatwire - thanks for your support!23andMe data was found being sold online, Linux was hit with a glibc vulnerability, and Curl schedules a security patch! All that coming up now on ThreatWire. #threatwire #hak5ThreatWire by Shannon Morse is a weekly news journalism show covering cybersecurity topics for network admins, information security professionals, and consumers. Watch this on youtube: youtu.be/HQ2ZwJCkqKcChapters:00:00 23andMe Data Sold Online02:27 Linux Hit With Glibc Vuln05:28 Curl To Release PatchLinks:Resources for stories are available on Patreon exclusively, to protect our channel from being inappropriately flagged as “malicious content”. All links included in my videos are news articles or sources related to each story and are both appropriate for the discussion and legitimate. Access source links at patreon.com/threatwireHak5 -- Cyber Security Education, Inspiration, News & Community since 2005:-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆Our Site → hak5.orgShop → http://hakshop.myshopify.comSubscribe → youtube.com/user/Hak5Darren?sub_confirmation=1Support → patreon.com/threatwireContact Us → http://www.twitter.com/hak5-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆____________________________________________Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
