Building a unified cross platform USB Rubber Ducky hack payload for Windows, Linux, and Macs OSX. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 —————————— http://www.hackacrosstheplanet.com

Read more

Malware can record your conversations, Trump is under fire from Congress representatives, and connected car apps are vulnerable to hacks. All that coming up now on Threat Wire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 —————————— Links: https://arstechnica.com/security/2017/02/hackers-who-took-control-of-pc-microphones-siphon-600-gb-from-70-targets/ https://cyberx-labs.com/en/blog/operation-bugdrop-cyberx-discovers-large-scale-cyber-reconnaissance-operation/ https://www.cnet.com/news/congressman-pushes-for-investigation-on-trumps-android-phone/ https://arstechnica.com/tech-policy/2017/02/trumps-apparent-string-of-security-faux-pas-trigger-call-for-house-investigation/ […]

Read more

Simply viewing a Steam profile could put you at risk, WordPress fixes a rather big problem, and WhatsApp introduces two step verification. All that coming up now on Threat Wire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 —————————— Links: https://arstechnica.com/security/2017/02/as-valve-eradicates-serious-bug-in-steam-heres-what-you-need-to-know/ https://www.reddit.com/r/Steam/comments/5skfg4/warning_regarding_a_steam_profile_related_exploit/ […]

Read more

The Best Wikipedia Reader EVER, this time on Hak5! Links: https://play.google.com/store/apps/details?id=com.arcdatum.apps.readable ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 ——————————

Read more

Facebook is trying to make password recovery more secure, Vizio is watching you, and the ECPA sorely needs an update. All that coming up now on Threat Wire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 —————————— Links: https://arstechnica.com/security/2017/01/forgotten-passwords-are-bane-of-the-internet-facebook-wants-to-fix-that/ https://www.facebook.com/notes/protect-the-graph/improving-account-security-with-delegated-recovery/1833022090271267/ https://github.com/facebookincubator/DelegatedRecovery/ http://www.theverge.com/2017/2/6/14522582/vizio-ftc-lawsuit-tv-viewing-habits-tracking-privacy […]

Read more

Darren chats with EvilMog (Team Hashcat) about Hashcat, the world’s fastest and most advanced password recovery tool. Find out more about Hashcat at https://hashcat.net/hashcat/ “Special thanks to atom, epixoip, purehate, minga, thank you for all that you do.” – EvilMog ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire […]

Read more

Facebook now supports security keys, DCs cameras were hacked days before the inauguration, and a new FCC boss could mean bad news for net neutrality. Coming up now on Threat Wire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 —————————— Links: https://arstechnica.com/security/2017/01/now-theres-a-better-way-to-prevent-facebook-account-takeovers/ […]

Read more

Woody joins us on Hak5 to chat about his journey in discovering proximity sensor fingerprinting of smartphones and developing the IRis board for infrared hacks. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 Threat Wire RSS: https://shannonmorse.podbean.com/feed/ Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999 —————————— Woody on Twitter: https://twitter.com/tb69rr Github for IRis: The […]

Read more

Meitu is super kawaii, but is it spyware?, Lavabit is Back!, Chelsea Manning’s jail time gets commuted, and the US people still needs pix or it didn’t happen regarding Russia’s hacks of the DNC and RNC. Coming up now on Threat Wire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 […]

Read more

Today on Hak5 we head to Washington DC for Shmoocon 2017! We chat sniffing IR signals, how to get into SDR, Dog Collar Radio Roulette, and advertising malware detection! ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— See the talks! http://shmoocon.org/ Russell Handorf – @dntlookbehindu – http://wctf.ninja Hak5 eps […]

Read more

Does WhatsApp really have a backdoor? Thousands of MongoDB Databases have been deleted across the web, cardless ATMs sounds like a terrible idea, and Cellebrite got hacked… Coming up now on Threat Wire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Links: http://thehackernews.com/2017/01/whatsapp-backdoor-encryption.html http://arstechnica.com/security/2017/01/whatsapp-and-friends-take-umbrage-at-report-its-crypto-is-backdoored/ https://www.theguardian.com/technology/2017/jan/13/whatsapp-backdoor-allows-snooping-on-encrypted-messages https://www.mongodb.com/blog/post/how-to-avoid-a-malicious-attack-that-ransoms-your-data http://arstechnica.com/security/2017/01/more-than-10000-online-databases-taken-hostage-by-ransomware-attackers/ https://krebsonsecurity.com/2017/01/extortionists-wipe-thousands-of-databases-victims-who-pay-up-get-stiffed/ https://krebsonsecurity.com/2017/01/stolen-passwords-fuel-cardless-atm-fraud/ […]

Read more

Sandboxes, packet sniffing and malware analysis – this time on Hak5! ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— ifconfig -a tcpdump -i vmnet8 vmnet-sniffer -e -w test.pcap /dev/vmnet8 wireshark test.pcap & sudo dpkg-reconfigure wireshark-common sudo usermod -a -G wireshark $USER !(icmp or dns or arp or icmpv6 or […]

Read more

Start your 2017 off right by using some privacy and security apps made for anyone! ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Links: https://twitter.com/Snubs/status/808355762539876352 https://whispersystems.org/ https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en https://www.authy.com/ https://twofactorauth.org/ https://www.mailvelope.com/en/ https://keybase.io/ https://protonmail.com/ http://keepass.info/ https://www.lastpass.com/ https://thatoneprivacysite.net/vpn-comparison-chart/ https://openvpn.net/ https://www.privateinternetaccess.com/pages/how-it-works/ https://www.privacytools.io/ Youtube Thumbnail credit: https://c2.staticflickr.com/6/5503/11406965045_b520282906_b.jpg

Read more

How do we hack our way to better habits and goals? This time on Hak5! ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Shannon will be in Las Vegas next week for CES! Join her at the TekThing meetup on Friday night. Event details are at http://www.facebook.com/tekthing Loop Habit […]

Read more

Privilege escalation on Windows, Meterpreter Reverse Shells and Staged Payloads with the USB Rubber Ducky. All that and more, this time on Hak5. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Check out http://www.patreon.com/threatwire for our Patreon-only Audio RSS feed of Threat Wire! git clone https://github.com/SkiddieTech/UAC-D-E-Rubber-Ducky cd UAC-D-E-Rubber-Ducky python […]

Read more

The biggest, baddest, worst hacks of 2016. Coming up now on Threat Wire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Links: https://nakedsecurity.sophos.com/2016/06/27/irs-hacked-again-say-goodbye-to-that-pin-system/ https://www.engadget.com/2016/08/19/new-snowden-docs-suggest-shadow-broker-leak-was-real/ https://www.wired.com/2016/10/nsa-contractor-arrested-taking-top-secret-documents/ http://arstechnica.com/security/2016/12/the-public-evidence-behind-claims-russia-hacked-for-trump/ http://arstechnica.com/security/2016/11/adultfriendfinder-hacked-exposes-400-million-hookup-users/ https://krebsonsecurity.com/2016/09/krebsonsecurity-hit-with-record-ddos/ https://www.dynstatus.com/incidents/5r9mppc1kb77 http://www.nytimes.com/2016/05/13/business/dealbook/swift-global-bank-network-attack.html https://techcrunch.com/2016/12/14/yahoo-discloses-hack-of-1-billion-accounts/ https://haveibeenpwned.com/

Read more

Happy holidays from the team of Hak5! We are celebrating by decorating our con badge Christmas Tree, and sharing our favorite bloopers from 2016. We hope you enjoy this silly episode of Hak5, and we’ll see ya next week with another tech segment! ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: […]

Read more

Does your favorite news site get an A+ or an F for privacy? Encryption for cameras? Make it so! Yahoo’s breach accounts hit the billions, and a new malvertising campaign hits sites. Coming up now on Threat Wire. Coming up now on Threat Wire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact […]

Read more

Photogrammetry and building 3D topographic maps with drones! All that and more, this time on Hak5! ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Check out http://www.patreon.com/threatwire for our Patreon-only Audio RSS feed of Threat Wire! Our last episode on photogrammetry: https://www.hak5.org/episodes/hak5-1815 http://www.123dapp.com/catch http://www.123dapp.com/catch/Southhampton-Shoal-Lighthouse-Standard/3978121 Open source alternatives: http://ccwu.me/vsfm/ and […]

Read more

President Obama wants to know all about the election season hacks, malvertising exploits millions, the NSA can track in-flight cellphone use, and OpenVPN gets an audit! Coming up now on Threat Wire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Links: https://www.wired.com/2016/12/russian-election-hacking-investigation/ https://www.wired.com/2016/11/hacked-not-audit-election-rest/ http://www.nytimes.com/2016/12/09/us/obama-russia-election-hack.html?_r=0 https://www.cnet.com/news/donald-trump-cia-russia-hacks-election-rnc-dnc/ https://www.cnet.com/news/president-obama-orders-review-of-hack-2016-presidential-campaign/ http://arstechnica.com/tech-policy/2016/12/obama-asks-intel-community-to-conduct-full-review-of-election-related-hacks/ http://arstechnica.com/security/2016/12/millions-exposed-to-malvertising-that-hid-attack-code-in-banner-pixels/ http://www.welivesecurity.com/2016/12/06/readers-popular-websites-targeted-stealthy-stegano-exploit-kit-hiding-pixels-malicious-ads/ […]

Read more

Exfiltrating documents with the USB Rubber Ducky, part 3! This time on Hak5. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Check out Threat Wire on the Hak5 youtube channel. Your source for security, privacy and internet freedom news. We just released an audio RSS feed for our Patreon […]

Read more

AirDroid is vulnerable to hacks, a Zero Day makes Tor uses not so anonymous, the SF Muni hacker gets hacked, and the avalanche botnet is taken offline. Coming up now on Threat Wire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Links: http://arstechnica.com/security/2016/12/at-least-10-million-android-users-imperiled-by-popular-airdroid-app/ https://blog.zimperium.com/analysis-of-multiple-vulnerabilities-in-airdroid/ http://arstechnica.com/security/2016/11/tor-releases-urgent-update-for-firefox-0day-thats-under-active-attack/ http://arstechnica.com/security/2016/11/firefox-0day-used-against-tor-users-almost-identical-to-one-fbi-used-in-2013/ https://blog.mozilla.org/security/2016/11/30/fixing-an-svg-animation-vulnerability/ https://blog.torproject.org/blog/tor-browser-607-released https://www.cnet.com/news/hackers-sf-muni-ransomware-attack-muni/ […]

Read more

Today we’re continuing on our series on exfiltrating documents with a USB Rubber Ducky. In the last part we tackled the stager payload which enumerated the drive letter of our USB flash drive and executed the staged payload. Today we’re looking at those stages and how they work. Then finally we’ll be wrapping this up […]

Read more

A reused Apple ID could be bad for your privacy, 3 million android devices are vulnerable to hacks, and you can steal cookies from a locked pc with a super cheap device. Coming up now on ThreatWire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Links: https://threatpost.com/iphone-call-history-synced-to-icloud-without-user-consent-knowledge/122030/ https://thehackernews.com/2016/11/icloud-backup.html https://blog.elcomsoft.com/2016/11/iphone-user-your-calls-go-to-icloud/ […]

Read more

Exfiltrate documents from a target computer within seconds with this USB Rubber Ducky attack! ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Full shownotes will be available at http://www.hak5.org

Read more

Turning a Burner Phone into an OpenWRT or WiFi Pineapple LTE modem, this time on Hak5! ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— NEW! AppleTV App for your viewing pleasure: https://itunes.apple.com/us/app/hak5-tv/id1076116664?mt=8 Mad Props to Richard Hyde for his hard work on developing this app! Today we’re using a […]

Read more

You can now hack your car legally, a printer can also be a fake cell phone tower, and did the Mirai botnet really take down Liberia? All that coming up now on ThreatWire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Links: https://www.wired.com/2016/10/hacking-car-pacemaker-toaster-just-became-legal/ https://www.cnet.com/roadshow/news/modders-rejoice-its-legal-to-tweak-your-cars-software-now/ https://www.wired.com/2016/11/evil-office-printer-hijacks-cellphone-connection/ http://arstechnica.com/information-technology/2016/11/this-evil-office-printer-hijacks-your-cellphone-connection/ https://julianoliver.com/output/stealth-cell-tower http://www.securityweek.com/mirai-botnet-takes-down-internet-liberia https://medium.com/@networksecurity/shadows-kill-mirai-ddos-botnet-testing-large-scale-attacks-sending-threatening-messages-about-6a61553d1c7#.iz5za4xl3 […]

Read more