Security Weekly News Subscribe

Application security, Cloud security, Compliance, Data security, Incident response, Insider threat, Privacy

Facebook Bug Bounty Club, Fitbit Spyware, FAA Gets Airline Warning – SWN #73

October 13, 2020

This week, Dr. Doug talks Facebook Bug Bounty club, Zuck reverses, Trickbot, the FAA gets airline warning, IoT, Zerologon, and Fitbit! Jason Wood returns for Expert Commentary on Office 365: A Favorite for Cyberattack Persistence!

Full episode and show notes

Hosts

Doug White

Doug White

Professor at Roger Williams University

https://securedigitallife.com/

1. Facebook Debuts Bug Bounty ‘Loyalty program’
2. You can get network access for the one low price of 300$
3. So, it was Microsoft who went after Trickbot
4. Zerologon targetting US Government Networks in Chained Attacks
CVE-2020-1472 CVE-2020-15505 CVE-2018-13379
5. GAO warns FAA that planes may need a bit more pen testing
6. How to pinpoint rogue IoT devices on your network
7. Fitbit API can be used to push malicious watch faces.
8. Facebook does 180 and blocks holocaust deniers

Jason Wood

Jason Wood

Senior Researcher at CrowdStrike

1. Office 365: A Favorite for Cyberattack Persistence

Related

Managed services

Generative AI Security Implications, Protecting Web Applications – Liam Mayron – PSW #786

May 24, 2023

Liam Mayron from Fastly comes on the show to talk about his unique path into information security, the security implications of generative AI, advances in technologies to protect web applications, detecting bots, and enabling better MSP services! This segment is sponsored by Fastly. Visit https://securityweekly.com/fastly to learn more about them!...

Managed services

Are MSSPs Snubbing Web Security? Why Websites Take a Back Seat to Network Needs – CFH #22

May 23, 2023

It's understandable why many organizations' cyber investments heavily concentrate on protecting core networks and data centers from breaches and ransomware attacks. But let's not overlook the importance of ensuring that your website remains operational, especially when it directly drives revenue through sales or advertisements. Threats such as DDoS...

New TLDs Zip By, eBPF Fuzzer, Microsoft Rocks Rust, Unwanted Tracking Spec – ASW #242

May 22, 2023

New TLDs are already old news, fuzzing eBPF validators, Microsoft sets to kill bug classes, draft RFC to track location trackers, a top ten list with directory traversal on it, conference videos from Real World Crypto and BSidesSF, and an attack tree generator from markdown.