A Dormant HP Keylogger Found, Uber Pays Ransom – ThreatWire – YouTube

Spread the love

A Dormant HP Keylogger Found, Uber Pays Ransom - ThreatWire

Keyloggers were found in WordPress and HP, mobile apps have all sorts of vulnerabilities, and Uber is hiding behind bug bounties? All that coming up now on ThreatWire. All that coming up now on ThreatWire.

——————————-
Shop: http://www.hakshop.com
Support: http://www.patreon.com/threatwire
Subscribe: http://www.youtube.com/hak5
Our Site: http://www.hak5.org
Contact Us: http://www.twitter.com/hak5
Threat Wire RSS: https://shannonmorse.podbean.com/feed/
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999
Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ
——————————

Links:

Keyloggers:
https://thehackernews.com/2017/12/hp-laptop-keylogger.html


http://www.zdnet.com/article/keylogger-uncovered-on-hundreds-of-hp-pcs/
https://zwclose.github.io/HP-keylogger/
https://support.hp.com/us-en/document/c05827409
https://www.virustotal.com/#/file/706d3dbe8c7f217e3bb10c359bfa8b69c8ab107e3be69e3c00acaaf0a4c32e5d/detection
http://www.securityweek.com/dormant-keylogging-functionality-found-hp-laptops

More than 5,000 WordPress websites plagued with Keylogger


https://blog.sucuri.net/2017/12/cloudflare-solutions-keylogger-on-thousands-of-infected-wordpress-sites.html

Mobile Apps:
https://thehackernews.com/2017/12/android-malware-signature.html
http://www.securityweek.com/vulnerability-allows-modification-signed-android-apps

Android Flaw Allows Attackers to Poison Signed Apps with Malicious Code


https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13156
https://www.guardsquare.com/en/blog/new-android-vulnerability-allows-attackers-modify-apps-without-affecting-their-signatures
https://thehackernews.com/2017/12/mitm-ssl-pinning-hostname.html
http://www.cs.bham.ac.uk/~garciaf/publications/spinner.pdf

Banking Apps Found Vulnerable to MITM Attacks

Uber:
https://thehackernews.com/2017/12/uber-hacker.html
https://www.cnet.com/news/florida-man-20-reportedly-behind-massive-hack-at-uber/
https://www.cnet.com/news/uber-hack-ftc-settlement-data-privacy-security/
https://arstechnica.com/information-technology/2017/12/uber-used-bug-bounty-program-to-launder-blackmail-payment-to-hacker/
https://www.reuters.com/article/us-uber-cyber-payment-exclusive/exclusive-uber-paid-20-year-old-florida-man-to-keep-data-breach-secret-sources-idUSKBN1E101C?feedType=RSS&feedName=technologyNews&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+reuters%2FtechnologyNews+%28Reuters+Technology+News%29

Youtube Thumbnail credit:
https://static.pexels.com/photos/230324/pexels-photo-230324.jpeg

Author: administrator