Airdrop, Rowhammer, and Profexor Goes Dark – Paul’s Security Weekly #526

August 20, 2017

More Chrome extensions have been compromised, disabling safety features in cars, being targeted via AirDrop, USB is less secure (go figure), and more security news!

Full Show Notes: https://wiki.securityweekly.com/Episode526

Visit https://www.securityweekly.com/psw for all the latest episodes!

To learn more about our sponsors visit: The Security Weekly Sponsor's Page

Security News

Paul's Stories

  1. Woman targeted with 120 images on public transport via AirDrop
  2. Unpatchable Flaw in Modern Cars Allows Hackers to Disable Safety Features
  3. Attackers Backdoor Another Software Update Mechanism
  4. Seven More Chrome Extensions Compromised
  5. Google Removes Chrome Extension Used in Banking Fraud
  6. Flash's Final Countdown Has Begun
  7. HBO Social Media Accounts Have Been Hacked
  8. ProtonMail Says It Hacked Back, Then Walks Claim Back
  9. Rowhammer RAM Attack Adapted To Hit Flash Storage
  10. Organizations Willing to Try Out Longer Passwords, Study Finds
  11. Study Shows Cyber-Security Pros Confident They Can Find Threats

Larry's Stories

  1. Profexor goes dark, but on the other side is a witness for the FBI against the Russians for hacking the DNC
  2. Scottish parliament under cyber attack
  3. Self driving Car Hacking
  4. Hacking over USB...so much less secure than ever thought
  5. attribution is hard

Jeff's Stories

  1. when hacking and politics collide
  2. HBO hacked and hacked and…
  3. Fighting Neo-Nazis and Net Neutrality

Hosts

[caption id="attachment_210" align="alignleft" width="120"]Jeff Man Jeff Man - Sr. InfoSec Consultant[/caption] [caption id="attachment_210" align="alignleft" width="120"]Larry Pesce Larry Pesce - Senior Managing Consultant and Director of Research[/caption] [caption id="attachment_210" align="alignleft" width="120"]Matt Alderman Matt Alderman - CEO[/caption] [caption id="attachment_210" align="alignleft" width="120"]Paul Asadoorian Paul Asadoorian - Founder & CTO[/caption]

Guests

Announcements

  • We have exciting news about the Security Weekly webcast program: We are now partnered with (ISC)2 as an official CPE provider! If you attend any of our webcasts, you will be receiving 1 CPE credit per webcast! Register for one of our upcoming webcast with Zane Lackey of Signal Sciences, Ian McShane from Endgame, or Stephen Smith and Jeff Braucher of LogRhythm (or all 3!) by going to securityweekly.com/webcasts If you have missed any of our previously recorded webcasts, you can find our on-demand library at securityweekly.com/ondemand
  • Some of you told us that you are overwhelmed by the amount of content we distribute! In an attempt to make it a little easier for you to find what you're interested in, we've created our new listener interest list! Sign up for list and select your interests by visiting: securityweekly.com/subscribe and clicking the button to join the list! You can also now submit your suggestions for guests in our recently released guest suggestion form! Go to securityweekly.com/guests and enter your suggestions!

[audio src="http://traffic.libsyn.com/sw-all/PSW_618_-_Security_News-0_converted.mp3"]

prestitial ad