Episode 115 - IoT Strikes Again - Bluetooth Flaw Impacts 20 Million Amazon and Google Home Devices
Release Date: 11/20/2017
Episode 1252 - Another Example To Be Very Cautious When Using Modules From Open Code Repositories
Security In Five Podcast
Application development has become very community driven and open source modules are commonplace to build fast powerful apps. However, there is a security risk when downloading others' code. This episode talks about a recent revelation of malicious packages in PyPI. Source - Be aware, be safe. Support the show and get access to behind the scenes content as a patron - *** Support the podcast with a cup of coffee *** - Mighty Mackenzie - Where you can find Security In Five - Email -
info_outline
Episode 1251 - Another Reason Why Patching Is So Important, MacOS Takeover Vulnerabilities
Security In Five Podcast
We all know we should patch. Many times, not all the patch notes detail what things are being fixed. This epsiode talks about a MacOS vulnerability and attack, that has been patched by Apple, that could lead to a full takeover of your Mac... if you are not up top date with your patches. Source - Be aware, be safe. Support the show and get access to behind the scenes content as a patron - *** Support the podcast with a cup of coffee *** - Mighty Mackenzie - Where you can find Security In Five - Email -
info_outline
Episode 1250 - Cisco Hacked With MFA Fatigue
Security In Five Podcast
First a big thank you to the feedback from . This episode talks about the recent Cisco breach and the MFA Fatigue method that let the hackers in their network. Be aware, be safe. Support the show and get access to behind-the-scenes content as a patron - *** Support the podcast with a cup of coffee *** - Mighty Mackenzie - Where you can find Security In Five - Email -
info_outline
Episode 1249 - Podcast Update, Behind The Scenes Challenges
Security In Five Podcast
This episode talks about the show and behind-the-scenes challenges coming up as well as looking for the next level for the show through supporters like you Mighty Mackenzie - Be aware, be safe. Where you can find Security In Five - =========================== Support the show and get access to behind-the-scenes content as a patron - *** Support the podcast with a cup of coffee *** - Mighty Mackenzie - Email -
info_outline
Episode 1248 - DuckDuckGo Responds To Web Backlash, Blocks Microsoft Trackers
Security In Five Podcast
DuckDuckGo was in some hot water recently for being exposed that they weren't blocking all of Microsoft ad trackers. Since then they have changed their approach and will start blocking all of them. This episode talks about this. Source - Be aware, be safe. *** Support the podcast with a cup of coffee *** - or become a patron Don't forget to subscribe to the —————— Where you can find Security In Five —————— - , , , , , Email -
info_outline
Episode 1247 - Twilio Hit By Phishing Attack
Security In Five Podcast
Twilio confirmed recently they were a victim of a SMS phishing attack. This attack led to customer data being accessed after a few employees were tricked into entering credentials into a hacker-controlled fake website. This epsiode talks about how it happened and the things you can do to slow down or prevent these types of attacks. Be aware, be safe. *** Support the podcast with a cup of coffee *** - or become a patron Don't forget to subscribe to the —————— Where you can find Security In Five —————— - , , , , , Email -
info_outline
Episode 1246 - Google Hit With Lawsuit For Bait And Switch For Free Adopters Of GSuite
Security In Five Podcast
Google has been served a class action lawsuit for a bait and switch type move with Google Workspace early adopters. This episode talks about what the lawsuit it and rants about it because your host is one of the early adopters. Be aware, be safe. *** Support the podcast with a cup of coffee *** - or become a patron Don't forget to subscribe to the —————— Where you can find Security In Five —————— - , , , , , Email -
info_outline
Episode 1245 - Many Organizations Exposing Unnecessary Ports And Protocols, Learn To Scan Yourself
Security In Five Podcast
A recent study by a firm called ExtraHop revealed that over 60% of IT environments analyzed has SSH ports exposed. Additional research shows that many less than secure ports and protocols are left open, allowing more vectors for attackers to probe. This episode breaks down what those were and how you can get a handle on these in your environment. Be aware, be safe. *** Support the podcast with a cup of coffee *** - or become a patron Don't forget to subscribe to the —————— Where you can find Security In Five —————— - , , , , , Email -
info_outline
Episode 1244 - Top Malware Strains Of 2021
Security In Five Podcast
The Cybersecurity and Infrastructure Security Agency (CISA) released a report of the top malware strains of 2021. This episode talks about what reports like this are valuable to your continuing education as a cybersecurity professional. Source - Be aware, be safe. *** Support the podcast with a cup of coffee *** - or become a patron Don't forget to subscribe to the —————— Where you can find Security In Five —————— - , , , , , Email -
info_outline
Episode 1243 - New Study Shows Office Macros Are Leading Ransomware Delivery Methods
Security In Five Podcast
New research shows that almost 90% of ransomware delivery is done through office macros. This ties into the move by Microsoft to block all macros by default in their Office products. This episode breaks it down. Be aware, be safe. *** Support the podcast with a cup of coffee *** - or become a patron Don't forget to subscribe to the —————— Where you can find Security In Five —————— - , , , , , Email -
info_outlineThe Internet of Things lack of security focus strikes again! This times it is a flaw in Bluetooth dubbed BlueBorne than impacts billions of mobiles devices and now your home devices too.
This episode goes into the flaw, how it can be exploited and what you can do to protect yourself.
Here are the the flaws that were found -
- Information Leak Vulnerability in Android (CVE-2017-0785)
- Remote Code Execution Vulnerability (CVE-2017-0781) in Android's Bluetooth Network Encapsulation Protocol (BNEP) service
- Remote Code Execution Vulnerability (CVE-2017-0782) in Android BNEP's Personal Area Networking (PAN) profile
- The Bluetooth Pineapple in Android—Logical flaw (CVE-2017-0783)
- Linux kernel Remote Code Execution vulnerability (CVE-2017-1000251)
- Linux Bluetooth stack (BlueZ) information leak vulnerability (CVE-2017-1000250)
- The Bluetooth Pineapple in Windows—Logical flaw (CVE-2017-8628)
- Apple Low Energy Audio Protocol Remote Code Execution vulnerability (CVE Pending)
You can look up the CVE definitions here - http://www.cvedetails.com/
Be aware, be safe.
------------------------------------
Website - https://www.binaryblogger.com
Podcast RSS - http://securityinfive.libsyn.com/rss
Twitter @binaryblogger - https://www.twitter.com/binaryblogger
iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2
YouTube - https://www.youtube.com/binaryblogger
TuneIn Radio - Security In Five Channel
iHeartRadio - Security In Five Channel
Email - [email protected]