OpenSSL Vulns, RepoJacking, Authentication Bypass, & Supercharging Your Hacking – PSW #762
In the Security News: last year's open source is tomorrow's vulnerabilities, RepoJacking, I feel like there will always be authenitcation bypass, super charge your hacking, do you have your multipath, RC4 and why not to use it, here's the problem with vulnerability scanners, packages and expired domains, initrd should not be trusted, Apple kernels, oh and did you hear there is a vulnerability in OpenSSL!
Announcements
Follow us on LinkedIn for updates across our organization, show highlights, and more! You can find us by searching for Security Weekly Productions.
Hosts
- 1. Shift Robotics Used AI to Create the ‘World’s Fastest Shoes’
The "world's fastest shoes," Moonwalk, allow you to "walk at the speed of a run." They should replace scooters, and be safer.
- 2. Visa trillion dollar company to launch Bitcoin, Ethereum and Ripple (XRP) wallet
Visa is targeting crypto payments and NFTs, with plans to manage cryptocurrency transactions and create a virtual environment “in which users can interact for recreational, leisure or entertainment purposes.”
- 3. HACKED DOCUMENTS: HOW IRAN CAN TRACK AND CONTROL PROTESTERS’ PHONES
SIAM is a computer system that works behind the scenes of Iranian cellular networks, providing its operators a broad menu of remote commands to alter, disrupt, and monitor how customers use their phones. The tools can slow their data connections to a crawl, break the encryption of phone calls, track the movements of individuals or large groups, and produce detailed metadata summaries of who spoke to whom, when, and where.
- 4. Jack Dorsey’s Bluesky Social app: What we know so far
Bluesky announced the roadmap of its decentralised social network protocol, which will be the underlying code behind the app. The app's code will allow user account data to be moved from platform to platform. Bluesky users will be able to use their account to log in to any social media account that adopts the new code.
- 5. Europe prepares to rewrite the rules of the Internet
On November 1, the European Union’s Digital Markets Act comes into force. Companies will be forced to break open their walled gardens. “If you have an iPhone, you should be able to download apps not just from the App Store but from other app stores or from the Internet.” A second sweeping EU law, the Digital Services Act, requires risk assessments of some algorithms and disclosures about automated decision-making and could force social apps like TikTok to open their data to outside scrutiny.
