Episode notes
This episode covers the week's biggest cybersecurity stories. A widespread campaign is exploiting critical, outdated vulnerabilities in WordPress plugins GutenKit and Hunk Companion, with millions of attacks already blocked. Microsoft has issued emergency out-of-band patches to fix a critical, potentially wormable remote code execution flaw in Windows Server Update Service (WSUS) after a proof-of-concept exploit was made public.
Amazon explains its massive AWS outage, tracing the 14-hour incident back to a major DNS failure in its DynamoDB infrastructure. We also look at the "YouTube Ghost Network," a malicious operation using over 3,000 videos on hacked channels to distribute stealer malware disguised as game cheats and pirated software.
Plus, a breakdown of the "Smishing Triad," a China-linked group behind 194,000 mali ...
Keywords
Data privacyIdentity theft preventionBreach disclosure