Tag Archives: APT

Fansmitter Hacks Air Gaps – Daily Security Byte EP. 281

Back-channel attacks, where attackers send information using unusual and hard to spot communication channels, are not new. However, I think they’re cool, if not a bit impractical. In this video, I cover the Fansmitter research from an Israeli University’s Cyber Security team. I don’t think this type of attack will affect you any time soon, but it’s still a fascinating idea. 

(Episode Runtime: 4:14

Direct YouTube Link: https://www.youtube.com/watch?v=i62FCE0ydWA

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Cyber Criminals Get Sophisticated – Daily Security Byte EP. 254

Last week, Marc Laliberte talked about the total lack of network security that led to an $81 million dollar cyber bank heist. In today’s video, I share new information about the malware used in the heist, and how it affects the threat landscape. Watch to learn more below.

(Episode Runtime: 4:38)

Direct YouTube Link: https://www.youtube.com/watch?v=TFbETWfF5bg

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Evasive Ponmocup Botnet – Daily Security Byte EP. 185

From an attacker’s perspective, the best botnet is the one you’ve never heard of, since the authorities won’t know what to take down. Using that measure, Ponmocupa botnet recently detailed by the security group Fox-ITis pretty successful, considering it has hung around over nine years and infected over 15 million victims. Watch today’s episode for more on this elusive new botnet.

(Episode Runtime: 5:36)

Direct YouTube Link: https://www.youtube.com/watch?v=AGGgYErnNVs

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Flash 0day Surfaces – Daily Security Byte EP.159

Adobe just released a new Flash update Tuesday, but researchers have already found sophisticated threat actors leveraging a new zero day Flash exploit in the wild. Trend Micro, one of our security partners, found the Pawn Storm attackers leveraging this new Flash exploit. Watch today’s video to learn when the next patch will come out, and what to do in the meantime.

UPDATE: Adobe actually sped up their schedule to release a fix. Go get it now.

(Episode Runtime: 1:27)

Direct YouTube Link: https://www.youtube.com/watch?v=_HFC6VFBdu0

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

SYNful Knock Pwns IOS – Daily Security Byte EP.143

Sophisticated attackers have injected malicious firmware into at least 14 Cisco routers in four continents. Watch today’s quick video to learn more about this attack, and how you should validate your devices’ firmware.

(Episode Runtime: 2:07)

Direct YouTube Link: https://www.youtube.com/watch?v=agcx4Xkv7Yw

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Adult Ransomware and Hacked WhatsApp – WSWiR Episode 164

Do you have little time for security news, but wish you could keep abreast of the latest threats? In that case, our weekly summary video can help. Every Monday, we summarize last week’s infosec news for you, often in under ten minutes.

This week’s show includes Microsoft and Adobe patches, some adult-themed mobile ransomware, and a sneaky new malware command and control technique. Watch the episode below, and don’t forget to glance at the Reference section if you are interested in other news.

(Episode Runtime: 8:44)

Direct YouTube Link: https://www.youtube.com/watch?v=mnJivvR7nRw

EPISODE REFERENCES:

EXTRAS:

— Corey Nachreiner, CISSP (@SecAdept)

Satellite C&C Channel – Daily Security Byte EP.141

Attackers have always tried to hide their command and control (C&C) servers using proxies and peer-to-peer (P2P) networks, but authorities still eventually track them down. However, an advanced hacking group has found a new way to keep their malicious control servers off the radar. Watch Friday’s video to learn about this hidden communication channel.

(Episode Runtime: 3:35)

Direct YouTube Link: https://www.youtube.com/watch?v=jZMS41ZmhCI

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Ransomware Costs $18M – Daily Security Byte EP.104

I’ve mentioned ransomware repeatedly in my videos, but today the FBI warned business how dangerous ransomware can be. Watch our video to learn how much ransomware has cost US companies this year, and how to protect yourself from it.

(Episode Runtime: 2:30)

Direct YouTube Link: https://www.youtube.com/watch?v=Z1WVM7_xLMQ

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Spam Spreads 0day Flash Exploit – Daily Security Byte EP.102

Adobe released an emergency patch today to fix a zero day Flash vulnerability, which a security company found attackers exploiting in the wild. Watch today’s short video to learn how these alleged Chinese attackers delivered this exploit, and what you can do to protect yourself from it.

(Episode Runtime: 2:31)

Direct YouTube Link: https://www.youtube.com/watch?v=mSXb6N1k-ok

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

APTs, Updates, and OPM – WSWiR Episode 156

Information Security is a hot topic right now; unfortunately not for all the right reasons. Nowadays, it’s not unusual to have a big data breach, new zero day malware, and a ton of security updates all in the same week. If you’re part of an IT organization that’s concerned with protecting your network, but that doesn’t have time to keep up with the deluge of InfoSec news, this weekly video is for you.

Last week’s episode covered a nasty new variant of point-of-sale (POS) malware, Microsoft and Adobe’s monthly security updates, and a significant network breach of a well-respected security company. If you want to learn about all these stories and more, watch the episode below. Also, take a peek at the Reference section if you are interested in other InfoSec items from the week.

(Episode Runtime: 13:25)

Direct YouTube Link: https://www.youtube.com/watch?v=52reUvOR6FE

Show Note: On some occasions, I will not be able to post the blog update associated with these videos immediately, even though the video is already online. If you’d like to know about the latest video as soon as it’s posted, subscribe to my YouTube channel. Also, if you want email updates for each blog post, don’t forget to subscribe to this blog in the top right corner.

EPISODE REFERENCES:

EXTRAS:

— Corey Nachreiner, CISSP (@SecAdept)

%d bloggers like this: