Tag Archives: firefox

CrossFire – Daily Security Byte EP. 245

I often recommend NoScript; a Firefox extension that helps protect you from drive-by downloads. Unfortunately, this week I’m warning you that it can also help attackers hijack Firefox. Watch today’s video to learn more about CrossFire.

(Episode Runtime: 2:56)

Direct YouTube Link: https://www.youtube.com/watch?v=aIAEqDcXZLY

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Flash 0day & Patches – Daily Security Byte EP. 229

Frankly, I’m a bit sick of talking about patches and security updates after focusing on them for the last two days. However, so many important security updates got released today that I have to cover them for a third day in a row. If you use Adobe Flash, Microsoft products, Firefox, or a Cisco cable modem, watch today’s video to learn about these important patches, including one that fixes a zero day flaw.

Show Note: Please excuse the irritating audio pops. I have since replaced the defective mic.

(Episode Runtime: 2:37)

Direct YouTube Link: https://www.youtube.com/watch?v=6LDgnICKE-Y

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Firefox Certificate Security Breaks Vendor Security – Daily Security Byte EP. 198

Mozilla got serious about security early this new year by banning potentially weak certificates created using the SHA-1 hashing function. Unfortunately, many security vendors still use SHA-1, so this browser update broke some things. If you’ve been affected by the Firefox changes, or are concerned with our products stance on SHA-1 certificates, watch today’s video.

Show note: Please excuse the slight audio problems in today’s episode due to a technical glitch.

(Episode Runtime: 3:05)

Direct YouTube Link: https://www.youtube.com/watch?v=PNYfB738M0M

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Apple Flaws and Cyber Sanctions – WSWiR Episode 163

Are you interested in the latest security news, but have no time to source it yourself? No problem! Let our weekly video summarize the latest for you in ten minutes or less. If you want to watch the video Friday, subscribe to our YouTube channel. Otherwise, we’ll post the weekly episode on the first day of the following week.

This week’s “traveling” episode included a story about US cyber sanctions, two different threats to Apple products, and news of a security breach to Mozilla’s bug tracking system. Watch below, and check out the references for more of last week’s infosec news.

(Episode Runtime: 7:55)

Direct YouTube Link: https://www.youtube.com/watch?v=sJ993RVG48s

EPISODE REFERENCES:

EXTRAS:

— Corey Nachreiner, CISSP (@SecAdept)

Mozilla Hacked – Daily Security Byte EP.137

Mozilla’s bug tracking system has been breached for at least a year. This means attackers have had access to zero day Firefox vulnerabilities. Watch today’s video to learn what this means, and what you should do.

(Episode Runtime: 1:40)

Direct YouTube Link: https://www.youtube.com/watch?v=fRVqaFgZ1uo

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Black Hat & DEF CON Aftermath – WSWiR Episode 160

Two weeks ago, the Black Hat and DEF CON conferences unveiled tons of new security research, which means last week was packed with interesting security stories. If you find yourself falling behind on security news, and need a “one stop shop” to keep you up to date, this weekly video does just that.

Last week’s stories included many car hacks, a OS X firmware worm, a big UK breach, tons of patches, and more. If you don’t watch my Daily Bytes, you can catch up all at once with the weekly video below. More importantly, I couldn’t cover many other interesting stories from last week, so if you are interested in those, check out the Reference section below.

(Episode Runtime: 15:10)

Direct YouTube Link: https://www.youtube.com/watch?v=AAIiPp3os1k

EPISODE REFERENCES:

EXTRAS:

— Corey Nachreiner, CISSP (@SecAdept)

Piles of August Patches – Daily Security Byte EP.124

While there’s lots of interesting security stories I could share today, one of the most practical infosec actions you can take is to keep your software patched. Yesterday was Microsoft and Adobe patch day, and Mozilla also recently released a pretty important Firefox update. Watch the video to learn about these important fixes, and more importantly, follow the links below to learn how to apply the relevant updates.

UPDATE: On Thursday, Apple released a hand full of security advisories and updates as well, fixing flaws in iOS, OS X, and Safari. This wasn’t covered in the video, but check the links below for more info on those updates.

(Episode Runtime: 2:25)

Direct YouTube Link: https://www.youtube.com/watch?v=yZ6A09t5oWA

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Celeb Selfie Hack – WSWiR Episode 120

Software Patches, Home Depot Breach, and Celebrity Selfie Hack

If you need a quick source for all your information security (infosec) news, you’ve come to the right place. I summarize the most important infosec news in this weekly video, and provide links to other security stories as well.

Unfortunately, today’s episode includes a pretty creepy hack. The show covers next week’s upcoming software patches, another credit card leak that seems to come from Home Depot, and a gross story about hackers stealing hundreds of celebrities’ most private pictures. Find the details in the video below and see what you can learn from these unfortunate cyber attacks.

As always, check the Reference section if you are interested in other stories that I didn’t cover in the video. Also, I will be traveling the next few weeks, which means I may not be able to post this video as regularly as usual. Expect the video to turn up at irregular times, otherwise I may post a written version of the weekly summary instead. Have a great weekend, and stay safe online!

(Episode Runtime: 13:17)

Direct YouTube Link: https://www.youtube.com/watch?v=-mRjltM-tc0&

Episode References:

Extras:

— Corey Nachreiner, CISSP (@SecAdept)

BadUSB – WSWiR Episode 115

Android Fake ID, Backoff PoS Attack, and BadUSB

With Blackhat and DEF CON only a week away, it’s not surprising to see news of new vulnerabilities and attack vectors popping up as researchers hint at their upcoming presentations. If you are interesting in this threat news, but have no time to track it down yourself, this weekly video can fill you in.

Today’s show shares details about the Android Fake ID vulnerability, talks about a new PoS system attack campaign, and warns of an industry-wide USB problem researchers will disclose at Blackhat. Check out the video for the details and some advice, then scroll down to the Reference section if you are interested in other infosec news from the week.

As an aside, I will be attending Blackhat next week, which means I may not post the video at its regular time. However, it also means I’ll cover my favorite briefings from the show, so if you can’t attend be sure to tune in to get a taste of the popular security conference. Have a great weekend.

(Episode Runtime: 10:52)

Direct YouTube Link: https://www.youtube.com/watch?v=51VT-CJJKB4

Episode References:

Extras:

— Corey Nachreiner, CISSP (@SecAdept)

%d bloggers like this: