Steal passwords from a locked PC, 911 is still vulnerable to hacks, and Chrome calls out non secure sites. All that coming up now on ThreatWire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Links: Learn more about NTLM Challenge Response Authentication: https://msdn.microsoft.com/en-us/library/windows/desktop/aa378749(v=vs.85).aspx http://arstechnica.com/security/2016/09/stealing-login-credentials-from-a-locked-pc-or-mac-just-got-easier/ https://github.com/Spiderlabs/Responder http://www.exploit-monday.com/2016/09/introduction-to-windows-device-guard.html https://room362.com/post/2016/snagging-creds-from-locked-machines/ http://www.cnet.com/news/chrome-warning-insecure-http-websites-expose-passwords-credit-card-numbers/ https://blog.chromium.org/2016/09/moving-towards-more-secure-web.html […]

Read more

Clinton’s got an Email Problem, Dropbox and Last.Fm 2012 Hacks get leaked, and is Ford going to introduce a new way to unlock their cars? All that coming up now on Threat Wire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Links: http://arstechnica.com/security/2016/09/over-40-million-usernames-passwords-from-2012-breach-of-last-fm-surface/ http://www.last.fm/passwordsecurity https://www.cnet.com/roadshow/news/ford-could-replace-your-key-fob-with-radio-button-passcodes/ http://www.freepatentsonline.com/20160244022.pdf https://motherboard.vice.com/read/hackers-stole-over-60-million-dropbox-accounts https://www.wired.com/2016/08/hack-brief-four-year-old-dropbox-hack-exposed-68-million-peoples-data/ https://blogs.dropbox.com/dropbox/2012/07/security-update-new-features/ […]

Read more

Was the ShadowBrokers NSA hack an inside Job?, ATM’s Hacked through EMV Chips, Update Your iPhone NOW, Voter Records Stolen in a State Hack. All that coming up now on ThreatWire! ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Links: http://arstechnica.com/security/2016/08/hints-suggest-an-insider-helped-the-nsa-equation-group-hacking-tools-leak/ https://motherboard.vice.com/read/former-nsa-staffers-rogue-insider-shadow-brokers-theory?trk_source=popular https://taia.global/2016/08/shadowbroker-is-a-native-english-speaker-trying-to-appear-non-native/ http://www.reuters.com/article/us-intelligence-nsa-commentary-idUSKCN10X01P http://arstechnica.com/security/2016/08/nsa-linked-cisco-exploit-poses-bigger-threat-than-previously-thought/ http://www.securityweek.com/leaked-cisco-asa-exploit-adapted-newer-versions https://threatpost.com/cisco-begins-patching-equation-group-asa-zero-day/120124/ https://threatpost.com/ripper-atm-malware-uses-malicious-evm-chip/120192/ http://www.securityweek.com/ripper-atm-malware-linked-thailand-heist […]

Read more

Did the NSA get hacked? Pokemon Go users fall prey to malware, and a TCP vulnerability is found on many Android devices. All that coming up now on ThreatWire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— https://threatpost.com/pokemon-go-spam-ransomware-on-the-rise/119948/ https://threatpost.com/malicious-pokemon-go-app-installs-backdoor-on-android-devices/119174/ https://threatpost.com/tcp-flaw-in-linux-extends-to-80-percent-of-android-devices/119897/ http://www.cs.ucr.edu/~zhiyunq/pub/sec16_TCP_pure_offpath.pdf http://www.techinsider.io/nsa-cyberweapon-auction-shadow-brokers-2016-8 https://theintercept.com/2016/08/19/the-nsa-was-hacked-snowden-documents-confirm/ http://arstechnica.com/security/2016/08/group-claims-to-hack-nsa-tied-hackers-posts-exploits-as-proof/ https://webcache.googleusercontent.com/search?q=cache:owtq6OBSmgEJ:https://theshadowbrokers.tumblr.com/+&cd=1&hl=en&ct=clnk&gl=us http://arstechnica.com/tech-policy/2016/08/snowden-speculates-leak-of-nsa-spying-tools-is-tied-to-russian-dnc-hack/ https://securelist.com/blog/incidents/75812/the-equation-giveaway/ https://www.wired.com/2016/08/shadow-brokers-mess-happens-nsa-hoards-zero-days/ Youtube […]

Read more

Millions of Volkswagen Cars are Vulnerable to a Hack, and apparently so is that air-gapped PC, plus several hotels in the US get their credit card data stolen. All that coming up now on ThreatWire! ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Links: https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_garcia.pdf https://threatpost.com/key-fob-hack-allows-attackers-to-unlock-millions-of-cars/119846/ https://www.cnet.com/roadshow/news/100-million-volkswagens-at-risk-with-new-wireless-key-hack/ https://www.wired.com/2016/08/oh-good-new-hack-can-unlock-100-million-volkswagens/ https://threatpost.com/westin-marriott-sheraton-hotels-hit-by-payment-card-malware/119879/ […]

Read more

Description: Bluetooth smart locks can be hacked wirelessly, apple begins a bug bounty program finally, point of sale terminals are hacked once again, and Qualcomm had a few Android chipset security flaws. All that coming up now on ThreatWire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Links: http://www.tomsguide.com/us/bluetooth-lock-hacks-defcon2016,news-23129.html […]

Read more

It is time to leave LastPass? Wireless keyboards can spy on you! A gov’t agency finally gets 2FA, and Android security notifications are now a thing.. All that coming up now on ThreatWire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Links: http://www.theregister.co.uk/2016/07/27/zero_day_hole_can_pwn_millions_of_lastpass_users_who_visit_a_site/ https://threatpost.com/lastpass-patches-ormandy-remote-compromise-flaw/119533/ http://www.pcworld.com/article/3101354/security/how-to-make-sure-youre-using-the-latest-version-of-lastpass-for-firefox.html https://blog.lastpass.com/2016/07/lastpass-security-updates.html/ https://bugs.chromium.org/p/project-zero/issues/detail?id=884 https://www.wired.com/2016/07/radio-hack-steals-keystrokes-millions-wireless-keyboards/ http://www.keysniffer.net/affected-devices/ […]

Read more

Snowden and Huang are trying to build a warning system for your phone’s radio, DMCA is under fire by the EFF, and the DNC was hacked… All that coming up now on Threat Wire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Links: https://www.wired.com/2016/07/snowden-designs-device-warn-iphones-radio-snitches/ https://theintercept.com/2016/07/21/edward-snowdens-new-research-aims-to-keep-smartphones-from-betraying-their-owners/ https://www.pubpub.org/pub/direct-radio-introspection https://threatpost.com/eff-files-lawsuit-challenging-dmcas-restrictions-on-security-researchers/119410/ https://www.eff.org/document/1201-complaint http://arstechnica.com/security/2016/07/new-evidence-suggests-dnc-hackers-penetrated-deeper-than-previously-thought/ […]

Read more

Facebook Messenger gets Encryption, kinda… Quantum Computing gets a real life competitor from Google, and Wendy’s got hacked! All that on this episode of Threat Wire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Links: https://www.wired.com/2016/07/secret-conversations-end-end-encryption-facebook-messenger-arrived/ https://threatpost.com/facebook-messenger-end-to-encryption-not-on-by-default/119133/ https://fbnewsroomus.files.wordpress.com/2016/07/secret_conversations_whitepaper.pdf https://whispersystems.org/ https://newsroom.fb.com/news/2016/07/messenger-starts-testing-end-to-end-encryption-with-secret-conversations/ https://threatpost.com/google-testing-post-quantum-cryptography-in-chrome/119137/ https://www.wired.com/2016/07/google-tests-new-crypto-chrome-fend-off-quantum-attacks/ http://arstechnica.com/security/2016/07/https-crypto-is-on-the-brink-of-collapse-google-has-a-plan-to-fix-it/ https://security.googleblog.com/2016/07/experimenting-with-post-quantum.html http://www.cnet.com/news/speed-desk-headlinewendys-opens-up-about-malware-says-hackers-accessed-payment-info/ http://krebsonsecurity.com/2016/07/1025-wendys-locations-hit-in-card-breach/ https://www.wendys.com/en-us/about-wendys/the-wendys-company-updates https://payment.wendys.com/paymentcardcheck.html Pokemon […]

Read more

HummingBad hits 85 MILLION Android devices, Comcast and Netflix bury the hatchet, one badass botnet built from security cameras… and the FBI Says Don’t Indict Hillary Clinton. Today, on ThreatWire! ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Links: FBI Finishes Clinton Investigation http://www.theverge.com/2016/7/5/12096364/hillary-clinton-email-probe-fbi-indict-private-server Comcast & Netflix Bury The […]

Read more

Download DRM movies for free! But that’s probably a bad idea, given the FBI can legally hack a pc. Plus, how to spot a credit card skimmer, and more! ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Links: https://motherboard.vice.com/read/court-rules-the-fbi-does-not-need-a-warrant-to-hack-a-computer?utm_source=mbtwitter https://www.eff.org/deeplinks/2016/06/federal-court-fourth-amendment-does-not-protect-your-home-computer https://www.eff.org/files/2016/06/23/matish_suppression_edva.pdf https://www.wired.com/2016/06/bug-chrome-makes-easy-pirate-movies/ http://arstechnica.com/security/2016/06/chrome-drm-download-netflix-piracy/ http://arstechnica.com/tech-policy/2016/06/800-pound-comodo-tries-to-trademark-upstart-rivals-lets-encrypt-name/ https://letsencrypt.org/2016/06/23/defending-our-brand.html https://forums.comodo.com/general-discussion-off-topic-anything-and-everything/shame-on-you-comodo-t115958.0.html http://krebsonsecurity.com/2016/05/skimmers-found-at-walmart-a-closer-look/ http://krebsonsecurity.com/2016/06/how-to-spot-ingenico-self-checkout-skimmers/ Youtube […]

Read more

Net Neutrality Wins… Locals Fight The Mapping Power… Apple Might Be More Secure, and the ruskies are hacking again… All that coming up now on ThreatWire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Links: Net Neutrality Is Safe… http://gizmodo.com/the-fcc-just-won-a-huge-net-neutrality-victory-in-feder-1781954855 http://arstechnica.com/tech-policy/2016/06/net-neutrality-and-title-ii-win-in-court-as-isps-lose-case-against-fcc/ $50 Million Currency Hack! http://www.nytimes.com/2016/06/18/business/dealbook/hacker-may-have-removed-more-than-50-million-from-experimental-cybercurrency-project.html https://blog.ethereum.org/2016/06/17/critical-update-re-dao-vulnerability/ http://blog.erratasec.com/2016/06/etheriumdao-hack-similfied.html#.V2hVtSgrKUl Waze […]

Read more

Did Twitter get hacked? All signs point to… no. IT admins – be careful when you delete files… And the IRS Get Transcript service comes back online after over a year. All that coming up now on ThreatWire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Links: http://techcrunch.com/2016/06/08/twitter-hack/ https://www.wired.com/2016/06/twitter-hack/ […]

Read more

Password Mega breaches didn’t include Dropbox, Mitsubishi Outander Wifi hacked, TeamViewer Adds Security Checks, and Zuck uses bad passwords… All that coming up now on ThreatWire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Links: Our sister show, Hak5, is up for an award!! Vote for Hak5 and the […]

Read more

OEM Computers pose some pretty serious security risks, more passwords have been pwned than ever before, have 100 grand to spend? There’s a zero-day for that, and more. ——————————- VOTE FOR HAK5 and FRIENDS at http://hat.t2t2.eu for the podcast awards!! ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Links: […]

Read more

People are afraid of being hacked, Linksys won’t block OpenWRT, Flash And Zero Days… perfect together… Links: People Are Afraid of Being Hacked. https://www.ntia.doc.gov/blog/2016/lack-trust-internet-privacy-and-security-may-deter-economic-and-other-online-activities Some Linksys Routers Won’t Block Open Source Firmware! http://arstechnica.com/information-technology/2016/05/linksys-wrt-routers-wont-block-open-source-firmware-despite-fcc-rules/ Flash Death Watch Update https://nakedsecurity.sophos.com/2016/05/12/adobe-flash-zero-day-patch-is-out-for-the-third-month-in-a-row/ http://venturebeat.com/2016/05/15/google-targets-html5-default-for-chrome-instead-of-flash-in-q4-2016/ https://groups.google.com/a/chromium.org/forum/#!searchin/chromium-dev/HTML5$20by$20default/chromium-dev/0wWoRRhTA_E/__E3jf40OAAJ Missouri politicians fail to block municipal broadband http://arstechnica.com/information-technology/2016/05/politicians-fail-in-bid-to-squash-municipal-broadband-in-missouri/ SWIFT used for another bank heist http://www.bloomberg.com/news/articles/2016-05-13/swift-warns-of-new-hacker-attack-on-bank-after-bangladesh-heist […]

Read more

Twitter blocks intelligence agencies, Equifax is Targeted In a W-2 Hack, Security Researcher Starts Early and earns 10 grand, and is the FCC going to side with the People? All that coming up now on ThreatWire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Links: https://threatpost.com/twitter-turns-off-fire-hose-for-intelligence-community/117935/ http://www.cnet.com/news/twitter-yanks-dataminr-access-for-us-spy-agencies/ http://www.wsj.com/article_email/twitter-bars-intelligence-agencies-from-using-analytics-service-1462751682-lMyQjAxMTE2MzAwODUwNzgzWj http://www.iltalehti.fi/digi/2016050221506011_du.shtml […]

Read more

Skimming ALL THE ATMS, #IoT is a problem, Wearables #InternetOfThings might be worse… and, hey, thumb drives… so much potential! This time on ThreatWire ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— ATM Skimming Attacks Up 546% http://krebsonsecurity.com/2016/04/a-dramatic-rise-in-atm-skimming-attacks/ http://krebsonsecurity.com/2016/02/skimmers-hijack-atm-network-cables/ IoT Developers Say Software Is the Problem… http://www.evansdata.com/press/viewRelease.php?pressID=233 Wearable IoT: […]

Read more

Passwords come in a variety of lengths, and there are several ways to manage them. With so many passwords to remember these days, what do you use? ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.wpengine.com Contact Us: http://www.twitter.com/hak5 ——————————

Read more

SWIFT banking software has been hacked, Brazil is fighting for their internet freedom, scammers use DDOS claims to make quick money, Spotify may have been hacked, and BeautifulPeople.com was definitely hacked (at least, user prior to July 2015 were!). Today on ThreatWire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 […]

Read more

Will Encryption be broken by the US government? FBI Director Comey has created an Unhackable Device, and, hey, get Quicktime for Windows off all your machines…. All that coming up on today’s ThreatWire! ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Remove QuickTime for Windows. NOW! http://blog.trendmicro.com/urgent-call-action-uninstall-quicktime-windows-today/ FBI Director […]

Read more

New concerns are arising from the Apple and FBI case, ransomware watch out, a vigilante has appeared, and Badlock… actually #Sadlock…. All that coming up now on ThreatWire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.wpengine.com Contact Us: http://www.twitter.com/hak5 —————————— Links: http://www.securityweek.com/grey-hat-hackers-helped-fbi-hack-iphone-report https://www.eff.org/document/burr-feinstein-encryption-bill-discussion-draft https://threatpost.com/burr-feinstein-anti-crypto-bill-slammed-by-critics/117314/ http://www.cnet.com/news/encryption-bill-would-skip-legal-battle-force-companies-to-surrender-user-data/ https://github.com/leo-stone/hack-petya http://www.bleepingcomputer.com/news/security/petya-ransomwares-encryption-defeated-and-password-generator-released/ https://threatpost.com/password-generator-tool-breaks-petya-ransomware-encryption/117315/ http://arstechnica.com/security/2016/04/experts-crack-nasty-ransomware-that-took-crypto-extortion-to-new-heights/ http://www.wired.com/2016/04/badlock-bug-hype-hurt/ http://arstechnica.com/security/2016/04/yes-badlock-bug-was-shamelessly-hyped-but-the-threat-is-real/ http://badlock.org/ https://www.eff.org/secure-messaging-scorecard […]

Read more

The FBI’s ready to crack all the iPhones, and WhatApp just encrypted One Billion People! Meanwhile, Datausa.io is an amazing way to access all the public data, this ‘secure medical storage device’ isn’t, and did this man hack dozens of elections??? All that and more on ThreatWire! ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our […]

Read more

——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.wpengine.com Contact Us: http://www.twitter.com/hak5 http://www.plaintextoffenders.com http://www.haveibeenpwned.com —————————— Passwords! They are the bane of our digital existence. Those few letters, numbers and hopefully special characters you conjured up once to sit between you and, well, the digital you that lives in your pocket, on your desk and […]

Read more

The Apple vs. FBI case has been dropped, Verizon was hit with a hack, Badlock is a’comin, and more USB hacks! All that coming up now on ThreatWire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.wpengine.com Contact Us: http://www.twitter.com/hak5 —————————— Links: http://www.wired.com/2016/03/fbi-drops-case-apple-finding-way-iphone/ http://www.cnet.com/news/feds-unlock-iphone-5c-used-by-san-bernardino-terrorist-dont-need-apple/ http://www.wired.com/2016/03/hype-around-mysterious-badlock-bug-raises-criticism/ https://threatpost.com/badlock-vulnerability-clues-few-and-far-between/117008/ http://badlock.org/ http://arstechnica.com/security/2016/03/stealthy-malware-targeting-air-gapped-pcs-leaves-no-trace-of-infection/ https://thehackernews.com/2016/03/usb-drive-malware.html http://blog.eset.ie/2016/03/23/new-self-protecting-usb-trojan-able-to-avoid-detection/ http://krebsonsecurity.com/2016/03/crooks-steal-sell-verizon-enterprise-customer-data/ http://arstechnica.com/security/2016/03/after-verizon-breach-1-5-million-customer-records-put-up-for-sale/ Youtube Thumbnail […]

Read more

——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.wpengine.com Contact Us: http://www.twitter.com/hak5 —————————— Staminus, a DDoS protection company, is under attack and a data dump has been posted. Malvertising hits thousands of popular sites, and open source router firmware is officially going bye bye? Well, TP-Link seems to have given up. All that coming […]

Read more

Apple Ransomware, Free Encryption for All The Websites, Malicious Fonts… and more… All that coming up now on Threat Wire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.wpengine.com Contact Us: http://www.twitter.com/hak5 —————————— Apple Shuts Down Ransomware Attack http://www.macworld.com/article/3040987/security/apple-shuts-down-first-ever-ransomware-attack-against-mac-users.html Microsoft Windows Security Update for Graphic Fonts to Address Remote Code Execution https://technet.microsoft.com/en-us/library/security/MS16-026 Let’s Encrypt […]

Read more