It's a packed week on Technado! First up in Rapid Fire, we talk about the Linux backdoor that's got everyone fired up - but all is not as it seems. Then, our Pork Chop Sandwiches segment stars Hot Topic in their latest credential stuffing dilemma (and a brief cybergoth appearance thanks to Christian). Activision is looking into some password-stealing malware affecting some of its players (read: cheaters). We wrap up Rapid Fire by discussing the recent MFA bombing attacks plaguing iPhone users, along with a special Deja News double feature: we have updates on the PyPI and AT&T situations! After a quick break, it's time for our deep dive! Daniel gets into the details of the new and improved (?) Android malware Vultur. Finally, we finish up this week's episode with a mini-dive into Imperva Secure Sphere's WAF bypass. Want more details? Check out this week's references: https://thehackernews.com/2024/03/urgent-secret-backdoor-found-in-xz.htmlhttps://www.bleepingcomputer.com/news/security/retail-chain-hot-topic-hit-by-new-credential-stuffing-attacks/https://techcrunch.com/2024/03/28/activision-says-its-investigating-password-stealing-malware-targeting-game-players/https://www.techopedia.com/news/call-of-duty-hack-alert-malware-drains-bitcoin-from-gamers-walletshttps://www.bleepingcomputer.com/news/security/owasp-discloses-data-breach-caused-by-wiki-misconfiguration/https://www.darkreading.com/cloud-security/mfa-bombing-attacks-target-apple-iphone-usershttps://securityboulevard.com/2024/03/pypi-suspended-500-fakes-richixbw/https://techcrunch.com/2024/03/30/att-reset-account-passcodes-customer-data/https://blog.fox-it.com/2024/03/28/android-malware-vultur-expands-its-wingspan/https://www.hoyahaxa.com/2024/03/imperva-waf-bypass-cve-2023-50969.html

Technado

ACI Learning

iPhone Users Beware: MFA Bombs Imminent!

APR 4, 202472 MIN
Technado

iPhone Users Beware: MFA Bombs Imminent!

APR 4, 202472 MIN

Description

It's a packed week on Technado! First up in Rapid Fire, we talk about the Linux backdoor that's got everyone fired up - but all is not as it seems. Then, our Pork Chop Sandwiches segment stars Hot Topic in their latest credential stuffing dilemma (and a brief cybergoth appearance thanks to Christian). Activision is looking into some password-stealing malware affecting some of its players (read: cheaters).

We wrap up Rapid Fire by discussing the recent MFA bombing attacks plaguing iPhone users, along with a special Deja News double feature: we have updates on the PyPI and AT&T situations!

After a quick break, it's time for our deep dive! Daniel gets into the details of the new and improved (?) Android malware Vultur. Finally, we finish up this week's episode with a mini-dive into Imperva Secure Sphere's WAF bypass.

Want more details? Check out this week's references:

https://thehackernews.com/2024/03/urgent-secret-backdoor-found-in-xz.html
https://www.bleepingcomputer.com/news/security/retail-chain-hot-topic-hit-by-new-credential-stuffing-attacks/
https://techcrunch.com/2024/03/28/activision-says-its-investigating-password-stealing-malware-targeting-game-players/
https://www.techopedia.com/news/call-of-duty-hack-alert-malware-drains-bitcoin-from-gamers-wallets
https://www.bleepingcomputer.com/news/security/owasp-discloses-data-breach-caused-by-wiki-misconfiguration/
https://www.darkreading.com/cloud-security/mfa-bombing-attacks-target-apple-iphone-users
https://securityboulevard.com/2024/03/pypi-suspended-500-fakes-richixbw/
https://techcrunch.com/2024/03/30/att-reset-account-passcodes-customer-data/
https://blog.fox-it.com/2024/03/28/android-malware-vultur-expands-its-wingspan/
https://www.hoyahaxa.com/2024/03/imperva-waf-bypass-cve-2023-50969.html