Go offline with the Player FM app!
2017 - The Year Everyone Got Hacked
Archived series ("Inactive feed" status)
When? This feed was archived on March 18, 2021 00:10 (). Last successful fetch was on February 01, 2020 16:48 ()
Why? Inactive feed status. Our servers were unable to retrieve a valid podcast feed for a sustained period.
What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.
Manage episode 193907930 series 1591306
2017 - The Year Everyone Got Hacked
2017 was a big year for malware, and data breaches. We even discovered new information about old data breaches, like the Yahoo breach that resulted in more account credentials being leaked than there were users on the Internet at the time. This being our last episode of 2017, we are going to go over the top ten cybersecurity issues that hit this year.
Recent News
Net Neutrality
Thursday, December 14th, the FCC voted to end net neutrality in a 3-2 vote. Now it’s up to the senate to block this, or let this decision stand.
WordPress
WP Keylogger
https://www.scmagazine.com/wordpress-hit-with-keylogger-5400-sites-infected/article/712733/
Null themes
https://blog.barkly.com/ransomware-statistics-2017
ROBOT attack
2017 Top 10
10 Freedom Hosting II
https://securityaffairs.co/wordpress/55990/deep-web/freedom-hosting-ii-hack.html
Took down a significant chunk of the dark web - including child abuse content
9 CCleaner Hack
https://www.theverge.com/2017/9/18/16325202/ccleaner-hack-malware-security
Hackers hid malware in legitimate CCleaner software
8 Defcon Hacks Voting Machines
https://www.engadget.com/2017/10/10/defcon-event-reveals-ease-of-hacking-voting-systems/
Voting machines were hacked in under 90 minutes
7 Cloudbleed
https://www.cnet.com/how-to/cloudbleed-bug-everything-you-need-to-know/
Patched super fast, but gave Cloudflare users access to other users' data
6 KRACK
KRACK rendered nearly all wifi security vulnerable
5 Uber Coverup
https://www.nytimes.com/2017/11/21/technology/uber-hack.html
Don’t negotiate with cyber terrorists
4 Leaky S3 Buckets
https://www.theregister.co.uk/2017/09/04/ussecurityclearanceawsbreach/
https://threatpost.com/experts-warn-too-often-aws-s3-buckets-are-misconfigured-leak-data/126826/
Verizon and US Military data leaked due to mis-configured Amazon S3 buckets
3 EternalBlue/Shadow Brokers
http://www.wired.co.uk/article/what-is-eternal-blue-exploit-vulnerability-patch
Enabled much of the ransomware we saw in 2017
2 Equihax
https://www.consumer.ftc.gov/blog/2017/09/equifax-data-breach-what-do
https://krebsonsecurity.com/2017/09/equifax-breach-setting-the-record-straight/
How not to handle a breach
Apache Struts
1 Ransomware
https://blog.barkly.com/ransomware-statistics-2017 http://www.businessinsider.com/with-2017-poised-to-be-the-year-of-ransomware-more-cyber-spending-is-on-the-way-2017-5
Petya/NotPetya/Goldeneye/Netya/BadRabbit/WannaCry
Final Tip
Watch out for malvertising. If you aren’t already familiar with the term, malvertising is the practice of placing an ad with a large ad network, then changing the code to direct you to malicious content. You’ll come across this even on trusted sites, like Facebook and Spotify.
29 episodes
Archived series ("Inactive feed" status)
When? This feed was archived on March 18, 2021 00:10 (). Last successful fetch was on February 01, 2020 16:48 ()
Why? Inactive feed status. Our servers were unable to retrieve a valid podcast feed for a sustained period.
What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.
Manage episode 193907930 series 1591306
2017 - The Year Everyone Got Hacked
2017 was a big year for malware, and data breaches. We even discovered new information about old data breaches, like the Yahoo breach that resulted in more account credentials being leaked than there were users on the Internet at the time. This being our last episode of 2017, we are going to go over the top ten cybersecurity issues that hit this year.
Recent News
Net Neutrality
Thursday, December 14th, the FCC voted to end net neutrality in a 3-2 vote. Now it’s up to the senate to block this, or let this decision stand.
WordPress
WP Keylogger
https://www.scmagazine.com/wordpress-hit-with-keylogger-5400-sites-infected/article/712733/
Null themes
https://blog.barkly.com/ransomware-statistics-2017
ROBOT attack
2017 Top 10
10 Freedom Hosting II
https://securityaffairs.co/wordpress/55990/deep-web/freedom-hosting-ii-hack.html
Took down a significant chunk of the dark web - including child abuse content
9 CCleaner Hack
https://www.theverge.com/2017/9/18/16325202/ccleaner-hack-malware-security
Hackers hid malware in legitimate CCleaner software
8 Defcon Hacks Voting Machines
https://www.engadget.com/2017/10/10/defcon-event-reveals-ease-of-hacking-voting-systems/
Voting machines were hacked in under 90 minutes
7 Cloudbleed
https://www.cnet.com/how-to/cloudbleed-bug-everything-you-need-to-know/
Patched super fast, but gave Cloudflare users access to other users' data
6 KRACK
KRACK rendered nearly all wifi security vulnerable
5 Uber Coverup
https://www.nytimes.com/2017/11/21/technology/uber-hack.html
Don’t negotiate with cyber terrorists
4 Leaky S3 Buckets
https://www.theregister.co.uk/2017/09/04/ussecurityclearanceawsbreach/
https://threatpost.com/experts-warn-too-often-aws-s3-buckets-are-misconfigured-leak-data/126826/
Verizon and US Military data leaked due to mis-configured Amazon S3 buckets
3 EternalBlue/Shadow Brokers
http://www.wired.co.uk/article/what-is-eternal-blue-exploit-vulnerability-patch
Enabled much of the ransomware we saw in 2017
2 Equihax
https://www.consumer.ftc.gov/blog/2017/09/equifax-data-breach-what-do
https://krebsonsecurity.com/2017/09/equifax-breach-setting-the-record-straight/
How not to handle a breach
Apache Struts
1 Ransomware
https://blog.barkly.com/ransomware-statistics-2017 http://www.businessinsider.com/with-2017-poised-to-be-the-year-of-ransomware-more-cyber-spending-is-on-the-way-2017-5
Petya/NotPetya/Goldeneye/Netya/BadRabbit/WannaCry
Final Tip
Watch out for malvertising. If you aren’t already familiar with the term, malvertising is the practice of placing an ad with a large ad network, then changing the code to direct you to malicious content. You’ll come across this even on trusted sites, like Facebook and Spotify.
29 episodes
All episodes
×Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.