Jun 19, 2023 | Podcast
When fixing zero day vulnerabilities, you might download a proof of concept script to determine if the vulnerability has been properly addressed. You might do a web search to find that proof of concept and most probably download the program from a GitHub repository....
Jun 16, 2023 | Podcast
Sextortion is a form of blackmail where malicious actors threaten to publicly leak explicit images and videos of their targets. This scheme is resulting in millions of dollars in losses and normally involves the threat actor coercing or stealing the digital materials...
Jun 15, 2023 | Podcast
Early this week, there was a tragic bus accident in NSW’s Hunter Valley region. A bus, which was returning from a local wedding, overturned, killing 10 people and injuring a further 14. Following the accident, scammers wasted no time in targeting unsuspecting...
Jun 14, 2023 | Podcast
Hamza from Security Dimension recently ran an experiment to determine if ChatGPT is up to the challenge of tackling security vulnerabilities in code. He tried to get solve a secure programming challenge in Cross Site Scripting in both Python and JavaScript. His...
Jun 13, 2023 | Podcast
Last month Gmail introduced a blue checkmark icon next to senders that they deem are legitimate. This is part of an email authentication program called Brand Indicators for Message Identification (or BIMI for short). It aims to protect email users from brand spoofing...
Jun 12, 2023 | Podcast
A hacking group known as “Pink Drainer” is currently running a cryptocurrency stealing campaign. They are impersonating journalist in phishing attacks to compromise Discord and Twitter accounts to perform their cryptocurrency stealing attacks. The hacking...
Jun 9, 2023 | Podcast
There’s a new Google Chrome Zero-Day vulnerability that’s actively being exploited in the wild. It’s CVE-2023-3079 and which allows attackers to execute arbitrary code to take complete control of the system remotely. The fix is in version...
Jun 8, 2023 | Podcast
Creating large numbers of throw away email accounts is a time-consuming and expensive aspects of a cybercriminal operation. A new service has arrived to dramatically help cut costs associated with large-spam and account creation campaigns. They do this by paying...
Jun 7, 2023 | Podcast
I previously reported on CVE-2023-3278, which is a KeePass vulnerability that makes it possible to recover the master password even when the program is closed. There was a simple proof of concept tool that can be used to dump the master password from KeePass’s...
Jun 6, 2023 | Podcast
Passwords are painful. If you don’t use a password manager, creating, remembering and using a strong password can be a huge hassle. This is why so many people either use short passwords, or reuse the same password across multiple accounts. There’s a...
