Click for links and more info ⬇️⬇️⬇️

100,000 credentials leaked due to an autodiscover flaw, 3 Apple zero days were published online, and the FBI secretly held a ransomware decryptor key! All that coming up now on ThreatWire.
 
 #threatwire #hak5

Links:
Weekly security and privacy news, brought to you by Shannon Morse. ThreatWire is a weekly news journalism show covering security and privacy topics for network admins, information security professionals, and consumers.

Watch this on youtube (video may be “private” until the scheduled publish time): https://youtu.be/2XZqx6Coa2Y

Shop ThreatWire Merch Directly! - https://snubsie.com/shop

Shop ThreatWire Merch on Teespring! - https://morsecode.creator-spring.com/ 

Support ThreatWire!  https://www.patreon.com/threatwire 

Follow Shannon on Social Media: https://snubsie.com/links 

Links:
Links:
100k windows exchange emails
https://www.bleepingcomputer.com/news/microsoft/microsoft-rushes-to-register-autodiscover-domains-leaking-credentials/
https://www.guardicore.com/labs/autodiscovering-the-great-leak/
https://thehackernews.com/2021/09/microsoft-exchange-bug-exposes-100000.html
https://arstechnica.com/information-technology/2021/09/exchange-outlook-autodiscover-bug-exposed-100000-email-passwords/
https://www.bleepingcomputer.com/news/microsoft/microsoft-rushes-to-register-autodiscover-domains-leaking-credentials/
https://www.blackhat.com/asia-17/briefings/schedule/#all-your-emails-belong-to-us-exploiting-vulnerable-email-clients-via-domain-name-collision-5301
https://github.com/guardicore/labs_campaigns/tree/master/Autodiscover

Apple Stuff:
https://arstechnica.com/information-technology/2021/09/three-ios-0-days-revealed-by-researcher-frustrated-with-apples-bug-bounty/
https://www.bleepingcomputer.com/news/security/researcher-drops-three-ios-zero-days-that-apple-refused-to-fix/
https://habr.com/en/post/579714/
https://www.vice.com/en/article/k78dpx/researcher-publishes-source-code-for-three-unpatched-iphone-exploits
https://habr.com/en/post/580272/
https://www.reddit.com/r/jailbreak/comments/pvaztb/free_release_entitlementfix_workaround_for_the_3/

Ransomware Key
https://arstechnica.com/gadgets/2021/07/kaseya-gets-master-decryptor-to-help-customers-still-suffering-from-revil-attack/
https://arstechnica.com/information-technology/2021/09/ransomware-victims-panicked-while-fbi-secretly-held-revil-decryption-key/
https://www.cnet.com/tech/services-and-software/fbi-reportedly-withheld-ransomware-key-from-business-for-3-weeks-in-failed-sting/
https://twitter.com/BitdefenderLabs/status/1438489191491440646?s=20
https://www.washingtonpost.com/national-security/ransomware-fbi-revil-decryption-key/2021/09/21/4a9417d0-f15f-11eb-a452-4da5fe48582d_story.html

 

Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005:

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop →  http://hakshop.myshopify.com/
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.


Share | Download(Loading)
Podbean App

Play this podcast on Podbean App