It's all about RCE this week on Technado! First up, in our Rapid Fire segment, the new "GhostRace" attack can bypass security checks to access sensitive info. In the ongoing WordPress saga, some miniOrange plugins have a critical flaw - including its malware scanner. Over 130k Fortinent boxes are still susceptible to a month old (already patched!) flaw, and AT&T suffered a breach exposing 70 million customers' data - or did they?
For fans of Esports and Apex Legends, an RCE flaw forced ALGS finals to shut down - but no one seems to know whose fault it really is. And in our Behind Bars segment, a Moldovan national will serve 42 months in a US prison for selling 350k+ stolen creds.
After a quick break to discuss Robocop (Sophie's latest movie assignment), it's time for a Deep Dive! Daniel takes us through a breakdown of an attack campaign designed to use Captchas, HTML, and other legitimate services to steal information. Finally, Fortra FileCatalyst has a flaw in its file uploading feature. Patch now!
Want to read further? Check out the articles Soph and Dan covered today:
https://www.darkreading.com/cyber-risk/ghostrace-speculative-execution-attack-cpu-os-vendors
https://thehackernews.com/2024/03/wordpress-admins-urged-to-remove.html
https://www.theregister.com/2024/03/18/more_than_133000_fortinet_appliances/
https://www.bleepingcomputer.com/news/security/att-says-leaked-data-of-70-million-people-is-not-from-its-systems/
https://www.bleepingcomputer.com/news/security/apex-legends-players-worried-about-rce-flaw-after-algs-hacks/
https://thehackernews.com/2024/03/e-root-marketplace-admin-sentenced-to.html
https://www.netskope.com/blog/from-delivery-to-execution-an-evasive-azorult-campaign-smuggled-through-google-sites
https://labs.nettitude.com/blog/cve-2024-25153-remote-code-execution-in-fortra-filecatalyst/
https://www.imdb.com/title/tt0093870/
341: Microsoft Giving Up Mixed Reality Dreams? (Are They Wrong?)
SPECIAL: Happy Holidays from Technado!
339: NEW PC Chip Supports 256GB Of RAM?
338: Google Drive Has Issues... (They Won't Fix?)
23andMe Breach Confirmed (Hackers Have Your DNA?) Ep. 337
336: Google Chrome To Limit Ad Blockers In 2024! (Happy New Year?)
335: CEOs Fired, Samsung Breached, and illegal Crypto Mining
334: Maine Got PWNED! (Who They Gonna Call?)
333: Introducing Microsoft Meet! (IS IT USEFUL?)
332: Apple's M3 Chip Is Scary Fast? (Well... Kinda.)
331: Could This Be The END For Chrome OS?
330: Hackin' In The Wild West! (WWHF SPECIAL)
329: Microsoft Teams Is Getting A Makeover? (What To Know!)
328: New Chrome 0-Day Is Causing Chaos! (WHAT HAPPENED?)
327: Clorox Got PWNED? (WHO'S NEXT?)
326: 10 Minute Phone Call Takes Down MGM?
325: New Nano Tech Can Store The Internet! (Should We?)
324: Microsoft Certifications Just Got Easier? (Not What You Think!)
323: Dropbox Is Limiting Cloud Storage??
322: Is Your Mac At RISK?
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
Lex Fridman Podcast