Daily update on current cyber security threats
…
continue reading
תוכן מסופק על ידי Paul Torgersen. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Paul Torgersen או שותף פלטפורמת הפודקאסט שלו. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
דומה לInfosec Overnights - Daily Security News
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
Stacey Higginbotham (formerly Sr. Editor at Fortune) and co-host Kevin Tofel discuss the latest news and analysis of the Internet of Things. Covers Consumer IoT, Industrial IoT and Enterprise IoT. Guests include Vint Cerf, Om Malik, and people from Amazon.com, AT&T, IBM Watson and more.
…
continue reading
Technical interviews about software topics.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Tech News Briefing is your guide to what people in tech are talking about. Every weekday, we’ll bring you breaking tech news and scoops from the pros at the Wall Street Journal, insight into new innovations and policy debates, tips from our personal tech team, and exclusive interviews with movers and shakers in the industry. Hosted by Zoe Thomas
…
continue reading
"OPB Politics Now" is a weekly podcast that takes a deep dive into the hottest political topics in Oregon and the Northwest. Every Friday, OPB’s political reporters and special guests offer in-depth analysis, discussion and insight into candidates, events and issues.
…
continue reading
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
Babbage is our weekly podcast on science and technology, named after Charles Babbage—a 19th-century polymath and grandfather of computing. Host Alok Jha talks to our correspondents about the innovations, discoveries and gadgetry shaping the world. Published every Wednesday. If you’re already a subscriber to The Economist, you’ll have full access to all our shows as part of your subscription. For more information about Economist Podcasts+, including how to get access, please visit our FAQs pa ...
…
continue reading
The Big Story is back with a second season! The news culture of our times is noisy, crowded, and honestly so confusing. This is why we are coming every fortnight on your podcast platforms to help you make sense of the new and now. With two new hosts, Anjali and Prateek, the second season of The Big Story will feature longer and well-rounded discussions with experts across science, culture, technology, politics, and more. Tune in on your preferred podcast platform! Millions of listeners seek ...
…
continue reading
Player FM - אפליקציית פודקאסט
התחל במצב לא מקוון עם האפליקציה Player FM !
התחל במצב לא מקוון עם האפליקציה Player FM !
))
Follina’s Tuesday Patch, Hertzbleed Attack, Mighty Bot, and more.
סדרה בארכיון ("עדכון לא פעיל" status)
When?
This feed was archived on May 25, 2023 16:09 (
Why? עדכון לא פעיל status. השרתים שלנו לא הצליחו לאחזר פודקאסט חוקי לזמן ממושך.
What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.
Manage episode 331706691 series 2478053
תוכן מסופק על ידי Paul Torgersen. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Paul Torgersen או שותף פלטפורמת הפודקאסט שלו. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
Follina’s Tuesday Patch, Hertzbleed Attack, Mighty Bot, and more.
A daily look at the relevant information security news from overnight - 15 June, 2022
Episode 245 - 15 June 2022
Follina’s Tuesday PAtch- https://www.zdnet.com/article/microsoft-june-2022-patch-tuesday-55-fixes-remote-code-execution-in-abundance/
Hertzbleed Attack -
https://www.securityweek.com/new-hertzbleed-remote-side-channel-attack-affects-intel-amd-processors
Travis Exposed Tokens- https://www.bleepingcomputer.com/news/security/thousands-of-github-aws-docker-tokens-exposed-in-travis-ci-logs/
Citrix ADM Error -
https://www.securityweek.com/attackers-can-exploit-critical-citrix-adm-vulnerability-reset-admin-passwords
Linux Panchan Bot -
https://www.bleepingcomputer.com/news/security/new-go-botnet-panchan-spreading-rapidly-in-education-networks/
Mighty Bot -
https://www.zdnet.com/article/a-tiny-botnet-launched-the-largest-ddos-attack-on-record/
Hi, I’m Paul Torgersen. It’s Wednesday June 15th, 2022, and this is a look at the information security news from overnight.
From ZDNet.com
June Patch Tuesday is a popular one with everyone from Siemens to Schneider to Adobe to SAP rolling out updates. In fact, 141 updates just from those four. The one I am going to call out is Microsoft. Redmond rolled out 55 fixes, That’s down from 74 last month, and only three of which are critical, but one of those is a fix for the Follina zero-day. At long last. Get your patch on kids.
From SecurityWeek.com:
Researchers have identified a new side-channel attack that can allow hackers to remotely extract sensitive information from a targeted system through a CPU timing attack they are calling Hertzbleed. This impacts devices powered by Intel and AMD and possibly others. Details on the article.
From BleepingComputer.com:
The Travis CI platform, which is used for software development and testing, has exposed user data containing tens of thousands of authentication tokens for GitHub, AWS, and Docker Hub. Aqua Security, who discovered the flaw, shared their findings with Travis hoping for a fix, but they were told that the issue was “by design” and left the data exposed.
From SecurityWeek.com:
Citrix has warned of a critical vulnerability in their Citrix Application Delivery Management that could essentially allow an attacker to trigger an administrator password reset at the next reboot. The vulnerabilities impact all supported versions of Citrix ADM server and Citrix ADM agent. Customers will need to update the server as well as all associated agents. The company says it has already taken care of the ADM cloud service and no additional action is required there.
From BleepingComputer.com
A new peer-to-peer botnet named Panchan has popped up targeting Linux servers in the education sector to mine crypto. It is empowered with SSH worm functions to move laterally within the compromised network, and has powerful detection avoidance capabilities, such as using memory-mapped miners and dynamically detecting process monitoring to pause the mining module.
And last today, from ZDNet.com
Speaking of botnets, Cloudflare says it mitigated a DDoS attack that peaked at 26 million requests per second, and was caused by a botnet of only just over 5,000 devices. Rather than being based in IoT devices, this botnet was hiding in cloud service providers. For this particular attack, each device was averaging 5,200 requests per second, which is about 4,000 times more than a typical IoT botnet can generate. Details on the article.
That’s all for me today. Have a great rest of your day. Like and subscribe, and until tomorrow, be safe out there.
…
continue reading
A daily look at the relevant information security news from overnight - 15 June, 2022
Episode 245 - 15 June 2022
Follina’s Tuesday PAtch- https://www.zdnet.com/article/microsoft-june-2022-patch-tuesday-55-fixes-remote-code-execution-in-abundance/
Hertzbleed Attack -
https://www.securityweek.com/new-hertzbleed-remote-side-channel-attack-affects-intel-amd-processors
Travis Exposed Tokens- https://www.bleepingcomputer.com/news/security/thousands-of-github-aws-docker-tokens-exposed-in-travis-ci-logs/
Citrix ADM Error -
https://www.securityweek.com/attackers-can-exploit-critical-citrix-adm-vulnerability-reset-admin-passwords
Linux Panchan Bot -
https://www.bleepingcomputer.com/news/security/new-go-botnet-panchan-spreading-rapidly-in-education-networks/
Mighty Bot -
https://www.zdnet.com/article/a-tiny-botnet-launched-the-largest-ddos-attack-on-record/
Hi, I’m Paul Torgersen. It’s Wednesday June 15th, 2022, and this is a look at the information security news from overnight.
From ZDNet.com
June Patch Tuesday is a popular one with everyone from Siemens to Schneider to Adobe to SAP rolling out updates. In fact, 141 updates just from those four. The one I am going to call out is Microsoft. Redmond rolled out 55 fixes, That’s down from 74 last month, and only three of which are critical, but one of those is a fix for the Follina zero-day. At long last. Get your patch on kids.
From SecurityWeek.com:
Researchers have identified a new side-channel attack that can allow hackers to remotely extract sensitive information from a targeted system through a CPU timing attack they are calling Hertzbleed. This impacts devices powered by Intel and AMD and possibly others. Details on the article.
From BleepingComputer.com:
The Travis CI platform, which is used for software development and testing, has exposed user data containing tens of thousands of authentication tokens for GitHub, AWS, and Docker Hub. Aqua Security, who discovered the flaw, shared their findings with Travis hoping for a fix, but they were told that the issue was “by design” and left the data exposed.
From SecurityWeek.com:
Citrix has warned of a critical vulnerability in their Citrix Application Delivery Management that could essentially allow an attacker to trigger an administrator password reset at the next reboot. The vulnerabilities impact all supported versions of Citrix ADM server and Citrix ADM agent. Customers will need to update the server as well as all associated agents. The company says it has already taken care of the ADM cloud service and no additional action is required there.
From BleepingComputer.com
A new peer-to-peer botnet named Panchan has popped up targeting Linux servers in the education sector to mine crypto. It is empowered with SSH worm functions to move laterally within the compromised network, and has powerful detection avoidance capabilities, such as using memory-mapped miners and dynamically detecting process monitoring to pause the mining module.
And last today, from ZDNet.com
Speaking of botnets, Cloudflare says it mitigated a DDoS attack that peaked at 26 million requests per second, and was caused by a botnet of only just over 5,000 devices. Rather than being based in IoT devices, this botnet was hiding in cloud service providers. For this particular attack, each device was averaging 5,200 requests per second, which is about 4,000 times more than a typical IoT botnet can generate. Details on the article.
That’s all for me today. Have a great rest of your day. Like and subscribe, and until tomorrow, be safe out there.
221 פרקים
שתפו
סדרה בארכיון ("עדכון לא פעיל" status)
When?
This feed was archived on May 25, 2023 16:09 (
Why? עדכון לא פעיל status. השרתים שלנו לא הצליחו לאחזר פודקאסט חוקי לזמן ממושך.
What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.
Manage episode 331706691 series 2478053
תוכן מסופק על ידי Paul Torgersen. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Paul Torgersen או שותף פלטפורמת הפודקאסט שלו. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
Follina’s Tuesday Patch, Hertzbleed Attack, Mighty Bot, and more.
A daily look at the relevant information security news from overnight - 15 June, 2022
Episode 245 - 15 June 2022
Follina’s Tuesday PAtch- https://www.zdnet.com/article/microsoft-june-2022-patch-tuesday-55-fixes-remote-code-execution-in-abundance/
Hertzbleed Attack -
https://www.securityweek.com/new-hertzbleed-remote-side-channel-attack-affects-intel-amd-processors
Travis Exposed Tokens- https://www.bleepingcomputer.com/news/security/thousands-of-github-aws-docker-tokens-exposed-in-travis-ci-logs/
Citrix ADM Error -
https://www.securityweek.com/attackers-can-exploit-critical-citrix-adm-vulnerability-reset-admin-passwords
Linux Panchan Bot -
https://www.bleepingcomputer.com/news/security/new-go-botnet-panchan-spreading-rapidly-in-education-networks/
Mighty Bot -
https://www.zdnet.com/article/a-tiny-botnet-launched-the-largest-ddos-attack-on-record/
Hi, I’m Paul Torgersen. It’s Wednesday June 15th, 2022, and this is a look at the information security news from overnight.
From ZDNet.com
June Patch Tuesday is a popular one with everyone from Siemens to Schneider to Adobe to SAP rolling out updates. In fact, 141 updates just from those four. The one I am going to call out is Microsoft. Redmond rolled out 55 fixes, That’s down from 74 last month, and only three of which are critical, but one of those is a fix for the Follina zero-day. At long last. Get your patch on kids.
From SecurityWeek.com:
Researchers have identified a new side-channel attack that can allow hackers to remotely extract sensitive information from a targeted system through a CPU timing attack they are calling Hertzbleed. This impacts devices powered by Intel and AMD and possibly others. Details on the article.
From BleepingComputer.com:
The Travis CI platform, which is used for software development and testing, has exposed user data containing tens of thousands of authentication tokens for GitHub, AWS, and Docker Hub. Aqua Security, who discovered the flaw, shared their findings with Travis hoping for a fix, but they were told that the issue was “by design” and left the data exposed.
From SecurityWeek.com:
Citrix has warned of a critical vulnerability in their Citrix Application Delivery Management that could essentially allow an attacker to trigger an administrator password reset at the next reboot. The vulnerabilities impact all supported versions of Citrix ADM server and Citrix ADM agent. Customers will need to update the server as well as all associated agents. The company says it has already taken care of the ADM cloud service and no additional action is required there.
From BleepingComputer.com
A new peer-to-peer botnet named Panchan has popped up targeting Linux servers in the education sector to mine crypto. It is empowered with SSH worm functions to move laterally within the compromised network, and has powerful detection avoidance capabilities, such as using memory-mapped miners and dynamically detecting process monitoring to pause the mining module.
And last today, from ZDNet.com
Speaking of botnets, Cloudflare says it mitigated a DDoS attack that peaked at 26 million requests per second, and was caused by a botnet of only just over 5,000 devices. Rather than being based in IoT devices, this botnet was hiding in cloud service providers. For this particular attack, each device was averaging 5,200 requests per second, which is about 4,000 times more than a typical IoT botnet can generate. Details on the article.
That’s all for me today. Have a great rest of your day. Like and subscribe, and until tomorrow, be safe out there.
…
continue reading
A daily look at the relevant information security news from overnight - 15 June, 2022
Episode 245 - 15 June 2022
Follina’s Tuesday PAtch- https://www.zdnet.com/article/microsoft-june-2022-patch-tuesday-55-fixes-remote-code-execution-in-abundance/
Hertzbleed Attack -
https://www.securityweek.com/new-hertzbleed-remote-side-channel-attack-affects-intel-amd-processors
Travis Exposed Tokens- https://www.bleepingcomputer.com/news/security/thousands-of-github-aws-docker-tokens-exposed-in-travis-ci-logs/
Citrix ADM Error -
https://www.securityweek.com/attackers-can-exploit-critical-citrix-adm-vulnerability-reset-admin-passwords
Linux Panchan Bot -
https://www.bleepingcomputer.com/news/security/new-go-botnet-panchan-spreading-rapidly-in-education-networks/
Mighty Bot -
https://www.zdnet.com/article/a-tiny-botnet-launched-the-largest-ddos-attack-on-record/
Hi, I’m Paul Torgersen. It’s Wednesday June 15th, 2022, and this is a look at the information security news from overnight.
From ZDNet.com
June Patch Tuesday is a popular one with everyone from Siemens to Schneider to Adobe to SAP rolling out updates. In fact, 141 updates just from those four. The one I am going to call out is Microsoft. Redmond rolled out 55 fixes, That’s down from 74 last month, and only three of which are critical, but one of those is a fix for the Follina zero-day. At long last. Get your patch on kids.
From SecurityWeek.com:
Researchers have identified a new side-channel attack that can allow hackers to remotely extract sensitive information from a targeted system through a CPU timing attack they are calling Hertzbleed. This impacts devices powered by Intel and AMD and possibly others. Details on the article.
From BleepingComputer.com:
The Travis CI platform, which is used for software development and testing, has exposed user data containing tens of thousands of authentication tokens for GitHub, AWS, and Docker Hub. Aqua Security, who discovered the flaw, shared their findings with Travis hoping for a fix, but they were told that the issue was “by design” and left the data exposed.
From SecurityWeek.com:
Citrix has warned of a critical vulnerability in their Citrix Application Delivery Management that could essentially allow an attacker to trigger an administrator password reset at the next reboot. The vulnerabilities impact all supported versions of Citrix ADM server and Citrix ADM agent. Customers will need to update the server as well as all associated agents. The company says it has already taken care of the ADM cloud service and no additional action is required there.
From BleepingComputer.com
A new peer-to-peer botnet named Panchan has popped up targeting Linux servers in the education sector to mine crypto. It is empowered with SSH worm functions to move laterally within the compromised network, and has powerful detection avoidance capabilities, such as using memory-mapped miners and dynamically detecting process monitoring to pause the mining module.
And last today, from ZDNet.com
Speaking of botnets, Cloudflare says it mitigated a DDoS attack that peaked at 26 million requests per second, and was caused by a botnet of only just over 5,000 devices. Rather than being based in IoT devices, this botnet was hiding in cloud service providers. For this particular attack, each device was averaging 5,200 requests per second, which is about 4,000 times more than a typical IoT botnet can generate. Details on the article.
That’s all for me today. Have a great rest of your day. Like and subscribe, and until tomorrow, be safe out there.
221 פרקים
Усі епізоди
×
ברוכים הבאים אל Player FM!
Player FM סורק את האינטרנט עבור פודקאסטים באיכות גבוהה בשבילכם כדי שתהנו מהם כרגע. זה יישום הפודקאסט הטוב ביותר והוא עובד על אנדרואיד, iPhone ואינטרנט. הירשמו לסנכרון מנויים במכשירים שונים.
דומה לInfosec Overnights - Daily Security News
Daily update on current cyber security threats
…
continue reading
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
Stacey Higginbotham (formerly Sr. Editor at Fortune) and co-host Kevin Tofel discuss the latest news and analysis of the Internet of Things. Covers Consumer IoT, Industrial IoT and Enterprise IoT. Guests include Vint Cerf, Om Malik, and people from Amazon.com, AT&T, IBM Watson and more.
…
continue reading
Technical interviews about software topics.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Tech News Briefing is your guide to what people in tech are talking about. Every weekday, we’ll bring you breaking tech news and scoops from the pros at the Wall Street Journal, insight into new innovations and policy debates, tips from our personal tech team, and exclusive interviews with movers and shakers in the industry. Hosted by Zoe Thomas
…
continue reading
"OPB Politics Now" is a weekly podcast that takes a deep dive into the hottest political topics in Oregon and the Northwest. Every Friday, OPB’s political reporters and special guests offer in-depth analysis, discussion and insight into candidates, events and issues.
…
continue reading
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
Babbage is our weekly podcast on science and technology, named after Charles Babbage—a 19th-century polymath and grandfather of computing. Host Alok Jha talks to our correspondents about the innovations, discoveries and gadgetry shaping the world. Published every Wednesday. If you’re already a subscriber to The Economist, you’ll have full access to all our shows as part of your subscription. For more information about Economist Podcasts+, including how to get access, please visit our FAQs pa ...
…
continue reading
The Big Story is back with a second season! The news culture of our times is noisy, crowded, and honestly so confusing. This is why we are coming every fortnight on your podcast platforms to help you make sense of the new and now. With two new hosts, Anjali and Prateek, the second season of The Big Story will feature longer and well-rounded discussions with experts across science, culture, technology, politics, and more. Tune in on your preferred podcast platform! Millions of listeners seek ...
…
continue reading
Player FM - אפליקציית פודקאסט
התחל במצב לא מקוון עם האפליקציה Player FM !
התחל במצב לא מקוון עם האפליקציה Player FM !
