It's all about RCE this week on Technado! First up, in our Rapid Fire segment, the new "GhostRace" attack can bypass security checks to access sensitive info. In the ongoing WordPress saga, some miniOrange plugins have a critical flaw - including its malware scanner. Over 130k Fortinent boxes are still susceptible to a month old (already patched!) flaw, and AT&T suffered a breach exposing 70 million customers' data - or did they?
For fans of Esports and Apex Legends, an RCE flaw forced ALGS finals to shut down - but no one seems to know whose fault it really is. And in our Behind Bars segment, a Moldovan national will serve 42 months in a US prison for selling 350k+ stolen creds.
After a quick break to discuss Robocop (Sophie's latest movie assignment), it's time for a Deep Dive! Daniel takes us through a breakdown of an attack campaign designed to use Captchas, HTML, and other legitimate services to steal information. Finally, Fortra FileCatalyst has a flaw in its file uploading feature. Patch now!
Want to read further? Check out the articles Soph and Dan covered today:
https://www.darkreading.com/cyber-risk/ghostrace-speculative-execution-attack-cpu-os-vendors
https://thehackernews.com/2024/03/wordpress-admins-urged-to-remove.html
https://www.theregister.com/2024/03/18/more_than_133000_fortinet_appliances/
https://www.bleepingcomputer.com/news/security/att-says-leaked-data-of-70-million-people-is-not-from-its-systems/
https://www.bleepingcomputer.com/news/security/apex-legends-players-worried-about-rce-flaw-after-algs-hacks/
https://thehackernews.com/2024/03/e-root-marketplace-admin-sentenced-to.html
https://www.netskope.com/blog/from-delivery-to-execution-an-evasive-azorult-campaign-smuggled-through-google-sites
https://labs.nettitude.com/blog/cve-2024-25153-remote-code-execution-in-fortra-filecatalyst/
https://www.imdb.com/title/tt0093870/
Technado, Ep. 301: New Windows 11 Feature Will Make Changing Your Default Browser Easier
Technado, Ep. 300: The 300th Episode Celebration!
Technado, Ep. 299: Acronis gets pwned by cyber-bandit exploiting poor security
Technado, Ep. 298: Dish Network Disappeared From the Internet After Cyber Attack
Technado, Ep. 297: Microsoft Urges Windows 11 Users to Upgrade Their Hardware
Technado, Ep. 296: Windows 11 Is Now Available on M1/M2 Macs
Technado, Ep. 295: Apple Addresses New Zero-Day Flaw
Technado, Ep. 294: ChatGPT Raises Malware Concerns
Technado, Ep. 293: LastPass breach update: It Was Worse Than We Thought
Technado, Ep. 292: T-Mobile Data Breach Impacts 37 Million Accounts
Technado, Ep. 291: Say Goodbye to the Microsoft Surface Duo
Technado, Ep. 290: Best CES Hardware
Technado, Ep. 289: LastPass Roundup
Technado, Ep. 288: 2022 Year in Review
Technado, Ep. 287: Dell's Luna Laptop Concept
Technado, Ep. 286: Bypassing WAFs
Technado, Ep. 285: LastPass Breach Update
Technado, Ep. 284: Huawei, ZTE Banned
Technado, Ep. 283: New RHEL Drops
Technado, Ep. 282: Raspberry Pi Shortage
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
Lex Fridman Podcast