September 16, 2022

Uber Hacked, Systems Breached, & Vulnerability Reports Stolen!

Uber suffered a cyber-attack on Thur. afternoon with an allegedly 18-year-old hacker downloading Hacker One vulnerability reports & sharing screenshots of the company’s internal systems, email dashboard, & Slack server. The screenshots shared by the hacker show what seems to be full access to many critical Uber IT systems, including the company’s security software & …

Uber Hacked, Systems Breached, & Vulnerability Reports Stolen! Read More »

ESW #288 – Paddy Harrington, Sean Metcalf

Paul’s Security Weekly Fri, 13 Jan 2023 19:59:00 +0000 Fri, 13 Jan 2023 22:52:41 +0000 Libsyn WebEngine 2.0 http://securityweekly.com/ en http://securityweekly.com/ sw_production@cyberriskalliance.com (sw_production@cyberriskalliance.com) https://ssl-static.libsyn.com/p/assets/2/3/1/7/231716b9da792464/PSW_1400x1400.png Paul’s Security Weekly Security Weekly hacking,security false sw_production@cyberriskalliance.com episodic no ESW #288 – Paddy Harrington, Sean Metcalf Fri, 16 Sep 2022 21:00:00 +0000 02:08:51 false Podcast full Read more

ESW #288 – Paddy Harrington, Sean Metcalf

Paul’s Security Weekly Fri, 13 Jan 2023 19:59:00 +0000 Fri, 13 Jan 2023 22:52:41 +0000 Libsyn WebEngine 2.0 http://securityweekly.com/ en http://securityweekly.com/ sw_production@cyberriskalliance.com (sw_production@cyberriskalliance.com) https://ssl-static.libsyn.com/p/assets/2/3/1/7/231716b9da792464/PSW_1400x1400.png Paul’s Security Weekly Security Weekly hacking,security false sw_production@cyberriskalliance.com episodic no ESW #288 – Paddy Harrington, Sean Metcalf Fri, 16 Sep 2022 21:00:00 +0000 02:08:51 false Podcast full Read more

ESW #288 – Paddy Harrington, Sean Metcalf

Paul’s Security Weekly Fri, 13 Jan 2023 19:59:00 +0000 Fri, 13 Jan 2023 22:52:41 +0000 Libsyn WebEngine 2.0 http://securityweekly.com/ en http://securityweekly.com/ sw_production@cyberriskalliance.com (sw_production@cyberriskalliance.com) https://ssl-static.libsyn.com/p/assets/2/3/1/7/231716b9da792464/PSW_1400x1400.png Paul’s Security Weekly Security Weekly hacking,security false sw_production@cyberriskalliance.com episodic no ESW #288 – Paddy Harrington, Sean Metcalf Fri, 16 Sep 2022 21:00:00 +0000 02:08:51 false Podcast full Read more

SWN #239 – Meat Men, History, Putty, Crypto, Edge, YouTube, EU Laws, & Privacy – Wrap Up

Paul’s Security Weekly Fri, 13 Jan 2023 19:59:00 +0000 Fri, 13 Jan 2023 22:52:40 +0000 Libsyn WebEngine 2.0 http://securityweekly.com/ en http://securityweekly.com/ sw_production@cyberriskalliance.com (sw_production@cyberriskalliance.com) https://ssl-static.libsyn.com/p/assets/2/3/1/7/231716b9da792464/PSW_1400x1400.png Paul’s Security Weekly Security Weekly hacking,security false sw_production@cyberriskalliance.com episodic no SWN #239 – Meat Men, History, Putty, Crypto, Edge, YouTube, EU Laws, & Privacy – Wrap Up Fri, 16 Sep 2022 …

SWN #239 – Meat Men, History, Putty, Crypto, Edge, YouTube, EU Laws, & Privacy – Wrap Up Read More »

SWN #239 – Meat Men, History, Putty, Crypto, Edge, YouTube, EU Laws, & Privacy – Wrap Up

Paul’s Security Weekly Fri, 13 Jan 2023 19:59:00 +0000 Fri, 13 Jan 2023 22:52:40 +0000 Libsyn WebEngine 2.0 http://securityweekly.com/ en http://securityweekly.com/ sw_production@cyberriskalliance.com (sw_production@cyberriskalliance.com) https://ssl-static.libsyn.com/p/assets/2/3/1/7/231716b9da792464/PSW_1400x1400.png Paul’s Security Weekly Security Weekly hacking,security false sw_production@cyberriskalliance.com episodic no SWN #239 – Meat Men, History, Putty, Crypto, Edge, YouTube, EU Laws, & Privacy – Wrap Up Fri, 16 Sep 2022 …

SWN #239 – Meat Men, History, Putty, Crypto, Edge, YouTube, EU Laws, & Privacy – Wrap Up Read More »

SWN #239 – Meat Men, History, Putty, Crypto, Edge, YouTube, EU Laws, & Privacy – Wrap Up

Paul’s Security Weekly Fri, 13 Jan 2023 19:59:00 +0000 Fri, 13 Jan 2023 22:52:40 +0000 Libsyn WebEngine 2.0 http://securityweekly.com/ en http://securityweekly.com/ sw_production@cyberriskalliance.com (sw_production@cyberriskalliance.com) https://ssl-static.libsyn.com/p/assets/2/3/1/7/231716b9da792464/PSW_1400x1400.png Paul’s Security Weekly Security Weekly hacking,security false sw_production@cyberriskalliance.com episodic no SWN #239 – Meat Men, History, Putty, Crypto, Edge, YouTube, EU Laws, & Privacy – Wrap Up Fri, 16 Sep 2022 …

SWN #239 – Meat Men, History, Putty, Crypto, Edge, YouTube, EU Laws, & Privacy – Wrap Up Read More »

Deadly Digital Dares: The Blackout Challenge on TikTok

The social network TikTok is chockfull of interesting, fun, laugh-out-loud videos shared by creators worldwide. Kids, as well as parents, can easily spend hours glued to the platform. But as with most popular platforms, the fun can eventually turn dark, even deadly, when viral challenges make their rounds.   The latest viral challenge, the “blackout …

Deadly Digital Dares: The Blackout Challenge on TikTok Read More »

Whistleblower Testifies to Congress about Twitter Security Flaws

Peiter “Mudge” Zatko, head of security at Twitter and now whistleblower, was explicit as he testified to Congress about Twitter Security Flaws. Mudge outright accused Twitter executives of misleading the government, users, and shareholders regarding the company’s security practices and placing profit before security. The testimony brings up several great strategic points for all consumers …

Whistleblower Testifies to Congress about Twitter Security Flaws Read More »

FalconFriday — Detecting LSASS dumping with debug privileges — 0xFF1F

FalconFriday — Detecting LSASS dumping with debug privileges — 0xFF1FCredential dumping from Local Security Authority Subsystem Service As you know, there are various ways of dumping credentials. On the endpoint, in most cases, credentials are gathered from the Local Security Authority Subsystem Service (LSASS). Dumping credentials from the LSASS process can be done in various ways. The most straightforward way …

FalconFriday — Detecting LSASS dumping with debug privileges — 0xFF1F Read More »

FalconFriday — Detecting LSASS dumping with debug privileges — 0xFF1F

FalconFriday — Detecting LSASS dumping with debug privileges — 0xFF1FCredential dumping from Local Security Authority Subsystem Service As you know, there are various ways of dumping credentials. On the endpoint, in most cases, credentials are gathered from the Local Security Authority Subsystem Service (LSASS). Dumping credentials from the LSASS process can be done in various ways. The most straightforward way …

FalconFriday — Detecting LSASS dumping with debug privileges — 0xFF1F Read More »

Recorded Future and Okta: Reducing Risk From Identity Compromise

Multi-factor authentication (MFA) solutions make accessing business-critical infrastructure and customer-facing applications more secure, but they are limited in ensuring identities havent been compromised. With user credentials and session cookies readily available on the dark web, its easy for cybercriminals to get their hands on the kind of corporate data that lets them bypass MFA. It …

Recorded Future and Okta: Reducing Risk From Identity Compromise Read More »

Recorded Future and Okta: Reducing Risk From Identity Compromise

Multi-factor authentication (MFA) solutions make accessing business-critical infrastructure and customer-facing applications more secure, but they are limited in ensuring identities havent been compromised. With user credentials and session cookies readily available on the dark web, its easy for cybercriminals to get their hands on the kind of corporate data that lets them bypass MFA. It …

Recorded Future and Okta: Reducing Risk From Identity Compromise Read More »