Tag Archives: breach

Spotify Password PSA – Daily Security Byte EP. 253

Was Spotify hacked? No one seems to know for sure. However, we do know that some Spotify credentials have shown up on Pastebin, and accounts have gotten hijacked. Watch Tuesday’s Byte to learn more about it, and what you should do if you use Spotify.

(Episode Runtime: 2:06)

Direct YouTube Link: https://www.youtube.com/watch?v=Ad1f_lEkWnc

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Whitehat Finds Blackhat on Facebook – Daily Security Byte EP. 252

Bug Bounty programs are great ways for companies to get security researchers to help find and fix vulnerabilities in their products or infrastructure, but no one expected them to also reveal hackers in your network. Watch today’s video to hear how one pen-tester found more than he bargained for when researching Facebook’s network.

(Episode Runtime: 3:38)

Direct YouTube Link: https://www.youtube.com/watch?v=8WruUtxLHko

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Big Changes Ahead for this Blog – Your Feedback is Appreciated!

Over the past 6 years WatchGuard has been publishing breaking news and in-depth analysis on the most important network security issues on this blog.  Even before that, we shared security articles, podcasts, and various malware analysis videos with our LiveSecurity subscribers. This content has been well-received by our loyal audience, but we want to do even more to help our followers and the network security community.

To achieve this goal we have decided to completely redesign the blog. In fact, you probably already noticed a few small changes, including more content from new writers. However, our more strategic plan is to create a broader industry community and forum for all network security professionals. You can help us achieve this vision.

Your feedback is important to us, and will play a major role in the quality and direction of our blog redesign. If you’d like to make sure our new blog meets your needs, please fill out our survey below. It takes less than 5 minutes, and will ensure that we deliver content that serves you. Your input and time is very much appreciated. — Corey Nachreiner, CISSP (@SecAdept)

http://secure.watchguard.com/blog-redesign-survey

 

Hacking Team Breach Unveiled – Daily Security Byte EP. 250

Almost a year ago, an Italian security company called the Hacking Team suffered an embarrassing network breach. This week, the alleged attackers behind the hack detail exactly how they did it. Watch today’s Byte to see what you can learn from this particular attack.

(Episode Runtime: 5:02)

Direct YouTube Link: https://www.youtube.com/watch?v=p9yEvODyGZI

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Staminus Hack – Daily Security Byte EP. 230

Thursday, a company that offers Distributed Denial of Service (DDoS) protection had their network go down, which affected the web sites of their customers. Turns out, a hacktivist group had breached their organization, and stolen a ton of data. Watch Friday’s Daily Security Byte to learn how you can avoid the mistakes that lead to the Staminus breach.

(Episode Runtime: 2:43)

Direct YouTube Link: https://www.youtube.com/watch?v=IVzdQ42SJWw

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Vtech Update Proves SQLi – Daily Security Byte EP. 184

 

On Monday, I highlighted the Vtech breach. A hacker was able to steal millions of records from an online kid’s toy manufacturer, which including information about children. Over the past day, we’ve learned two new updates about this story. One increases the scope of the breach, and the other explains how it happened (Spoiler: my hunch was correct). Watch today’s for these updates, and to learn how to protect your web site from the flaw that allowed this attack.

Show note: This is Wednesday’s episode, but technical issues delayed my posting until today. 

(Episode Runtime: 3:23)

Direct YouTube Link: https://www.youtube.com/watch?v=BGngzbhBE-A

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Vtech Leaks Kids Data – Daily Security Byte EP. 182

What’s worse than the average data breach? A breach that involves our childrens’ private information!

In Monday’s episode, I talk about how a “greyhat” hacker stole over 190GBs of data from a company that makes an Internet-connected kid’s toy. Luckily, he doesn’t seem to plan on using the data with malicious intent. Nonetheless, it’s still an eye-opening hack. Watch the vlog to learn more about this attack, and why we all need to think about what types of data we share online.

Show note: This is Monday’s episode, but technical issues delayed my posting until today. 

(Episode Runtime: 2:50)

Direct YouTube Link: https://www.youtube.com/watch?v=WL3c_cXOZQA

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

iOS Bounties, Android Auto-root, and Guy Fawkes Day – WSWiR Episode 168

Nowadays, each week has more information security news that we used to have each month. If you find yourself falling behind, and need a shortcut to stay informed, this is the weekly video for you. Every Monday, I summarize our daily security video from last week.

Today’s episode covers a new Android malware variant, an iOS zero day that’s bad for the industry, a couple hacktivism campaigns, and more. Watch the YouTube video for all the details, and check out the references below to learn more.

(Episode Runtime: 13:13)

Direct YouTube Link: https://www.youtube.com/watch?v=z7Xgnd8CHQ8

EPISODE REFERENCES:

EXTRAS:

— Corey Nachreiner, CISSP (@SecAdept)

000Webhost has 000 Security – Daily Security Byte EP. 169

A popular hosting company suffered a network breach and lost over 13M user records. Not only did the company not know about the breach until five months later, the stolen records included clear text passwords. Watch today’s video to see what you can learn from this web hoster’s mistakes; of which they made many.

(Episode Runtime: 2:23)

Direct YouTube Link: https://www.youtube.com/watch?v=ILnyVCV3spA

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

TalkTalk Hacked by Teenager? – Daily Security Byte EP. 166

Last week, TalkTalk’s suffered a data breach for the third time this year. It took awhile for the details to surface, but it looks like the attackers exploited a SQL injection flaw in TalkTalk’s website to steal 4M customers’ personally identifying information. Watch today’s information to learn the latest news about this breach, and what you should do if you’re a victim.

(Episode Runtime: 3:32)

Direct YouTube Link: https://www.youtube.com/watch?v=IQhwPq24khk

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

%d bloggers like this: