A Dormant HP Keylogger Found, Uber Pays Ransom - ThreatWire

10:11
 
Share
 
Manage episode 193478984 series 1344959
By Discovered by Player FM and our community — copyright is owned by the publisher, not Player FM, and audio streamed directly from their servers.

Keyloggers were found in Wordpress and HP, mobile apps have all sorts of vulnerabilities, and Uber is hiding behind bug bounties? All that coming up now on ThreatWire. All that coming up now on ThreatWire.

-------------------------------
Shop: http://www.hakshop.com
Support: http://www.patreon.com/threatwire
Subscribe: http://www.youtube.com/hak5
Our Site: http://www.hak5.org
Contact Us: http://www.twitter.com/hak5
Threat Wire RSS: https://shannonmorse.podbean.com/feed/
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999
Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ
------------------------------

Links:

Keyloggers:

https://thehackernews.com/2017/12/hp-laptop-keylogger.html

https://twitter.com/zwclose/status/938354516285706240

http://www.zdnet.com/article/keylogger-uncovered-on-hundreds-of-hp-pcs/

https://zwclose.github.io/HP-keylogger/

https://support.hp.com/us-en/document/c05827409

https://www.virustotal.com/#/file/706d3dbe8c7f217e3bb10c359bfa8b69c8ab107e3be69e3c00acaaf0a4c32e5d/detection

http://www.securityweek.com/dormant-keylogging-functionality-found-hp-laptops

https://www.hackread.com/more-than-5000-wordpress-website-plagued-with-keylogger/

https://blog.sucuri.net/2017/12/cloudflare-solutions-keylogger-on-thousands-of-infected-wordpress-sites.html

Mobile Apps:

https://thehackernews.com/2017/12/android-malware-signature.html

http://www.securityweek.com/vulnerability-allows-modification-signed-android-apps

https://threatpost.com/android-flaw-poisons-signed-apps-with-malicious-code/129118/

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13156

https://www.guardsquare.com/en/blog/new-android-vulnerability-allows-attackers-modify-apps-without-affecting-their-signatures

https://thehackernews.com/2017/12/mitm-ssl-pinning-hostname.html

http://www.cs.bham.ac.uk/~garciaf/publications/spinner.pdf

https://threatpost.com/banking-apps-found-vulnerable-to-mitm-attacks/129105/

Uber:

https://thehackernews.com/2017/12/uber-hacker.html

https://www.cnet.com/news/florida-man-20-reportedly-behind-massive-hack-at-uber/

https://www.cnet.com/news/uber-hack-ftc-settlement-data-privacy-security/

https://arstechnica.com/information-technology/2017/12/uber-used-bug-bounty-program-to-launder-blackmail-payment-to-hacker/

https://www.reuters.com/article/us-uber-cyber-payment-exclusive/exclusive-uber-paid-20-year-old-florida-man-to-keep-data-breach-secret-sources-idUSKBN1E101C?feedType=RSS&feedName=technologyNews&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+reuters%2FtechnologyNews+%28Reuters+Technology+News%29

Youtube Thumbnail credit:

https://static.pexels.com/photos/230324/pexels-photo-230324.jpeg

60 episodes available. A new episode about every 8 days averaging 10 mins duration .