It's all about RCE this week on Technado! First up, in our Rapid Fire segment, the new "GhostRace" attack can bypass security checks to access sensitive info. In the ongoing WordPress saga, some miniOrange plugins have a critical flaw - including its malware scanner. Over 130k Fortinent boxes are still susceptible to a month old (already patched!) flaw, and AT&T suffered a breach exposing 70 million customers' data - or did they?
For fans of Esports and Apex Legends, an RCE flaw forced ALGS finals to shut down - but no one seems to know whose fault it really is. And in our Behind Bars segment, a Moldovan national will serve 42 months in a US prison for selling 350k+ stolen creds.
After a quick break to discuss Robocop (Sophie's latest movie assignment), it's time for a Deep Dive! Daniel takes us through a breakdown of an attack campaign designed to use Captchas, HTML, and other legitimate services to steal information. Finally, Fortra FileCatalyst has a flaw in its file uploading feature. Patch now!
Want to read further? Check out the articles Soph and Dan covered today:
https://www.darkreading.com/cyber-risk/ghostrace-speculative-execution-attack-cpu-os-vendors
https://thehackernews.com/2024/03/wordpress-admins-urged-to-remove.html
https://www.theregister.com/2024/03/18/more_than_133000_fortinet_appliances/
https://www.bleepingcomputer.com/news/security/att-says-leaked-data-of-70-million-people-is-not-from-its-systems/
https://www.bleepingcomputer.com/news/security/apex-legends-players-worried-about-rce-flaw-after-algs-hacks/
https://thehackernews.com/2024/03/e-root-marketplace-admin-sentenced-to.html
https://www.netskope.com/blog/from-delivery-to-execution-an-evasive-azorult-campaign-smuggled-through-google-sites
https://labs.nettitude.com/blog/cve-2024-25153-remote-code-execution-in-fortra-filecatalyst/
https://www.imdb.com/title/tt0093870/
359: NEW IPadOS Changes Incoming! (Also, Don Is Back!) |
358: New Android Banking Malware! (It Tracks EVERYTHING)
357: Malware in Microsoft's GitHub Repo?!
356: Russian Spies Stole US Emails?! (Microsoft Breach Update!)
355: One MILLION Sites Affected by Critical Flaw?! (Technado visits HackSpaceCon!)
iPhone Users Beware: MFA Bombs Imminent!
353: Apple Chip Flaw Leaks Encryption Keys! (UNPATCHABLE?!)
351: Google has a Mole?! (Corporate Espionage!)
350: Hackers Stealing NTLM Hashes?! (featuring Mike Saunders!)
349: Huge AT&T Outage Causes Chaos! (OOPS!)
348: NEW Critical Microsoft Outlook Bug Is "Trivial" To Exploit!
347: Ubuntu Core Desktop's Debut Has Been Pushed Back Indefinitely!
346: Hackers Can Spy on You... (No Webcam Required?!)
345: Dangerous Bug Plagues Popular File Transfer Service!
344: MOTHER OF ALL BREACHES: 26 Billion Records?!
343: Who Asked For This? (NOBODY!)
342: ASUS Announces New ROG NUC!
341: Microsoft Giving Up Mixed Reality Dreams? (Are They Wrong?)
SPECIAL: Happy Holidays from Technado!
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
Darknet Diaries