A Dormant HP Keylogger Found, Uber Pays Ransom - ThreatWire
Keyloggers were found in Wordpress and HP, mobile apps have all sorts of vulnerabilities, and Uber is hiding behind bug bounties? All that coming up now on ThreatWire. All that coming up now on ThreatWire.
-------------------------------
Shop: http://www.hakshop.com
Support: http://www.patreon.com/threatwire
Subscribe: http://www.youtube.com/hak5
Our Site: http://www.hak5.org
Contact Us: http://www.twitter.com/hak5
Threat Wire RSS: https://shannonmorse.podbean.com/feed/
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999
Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ
------------------------------
Links:
Keyloggers:
https://thehackernews.com/2017/12/hp-laptop-keylogger.html
https://twitter.com/zwclose/status/938354516285706240
http://www.zdnet.com/article/keylogger-uncovered-on-hundreds-of-hp-pcs/
https://zwclose.github.io/HP-keylogger/
https://support.hp.com/us-en/document/c05827409
https://www.virustotal.com/#/file/706d3dbe8c7f217e3bb10c359bfa8b69c8ab107e3be69e3c00acaaf0a4c32e5d/detection
http://www.securityweek.com/dormant-keylogging-functionality-found-hp-laptops
https://www.hackread.com/more-than-5000-wordpress-website-plagued-with-keylogger/
https://blog.sucuri.net/2017/12/cloudflare-solutions-keylogger-on-thousands-of-infected-wordpress-sites.html
Mobile Apps:
https://thehackernews.com/2017/12/android-malware-signature.html
http://www.securityweek.com/vulnerability-allows-modification-signed-android-apps
https://threatpost.com/android-flaw-poisons-signed-apps-with-malicious-code/129118/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13156
https://www.guardsquare.com/en/blog/new-android-vulnerability-allows-attackers-modify-apps-without-affecting-their-signatures
https://thehackernews.com/2017/12/mitm-ssl-pinning-hostname.html
http://www.cs.bham.ac.uk/~garciaf/publications/spinner.pdf
https://threatpost.com/banking-apps-found-vulnerable-to-mitm-attacks/129105/
Uber:
https://thehackernews.com/2017/12/uber-hacker.html
https://www.cnet.com/news/florida-man-20-reportedly-behind-massive-hack-at-uber/
https://www.cnet.com/news/uber-hack-ftc-settlement-data-privacy-security/
https://arstechnica.com/information-technology/2017/12/uber-used-bug-bounty-program-to-launder-blackmail-payment-to-hacker/
https://www.reuters.com/article/us-uber-cyber-payment-exclusive/exclusive-uber-paid-20-year-old-florida-man-to-keep-data-breach-secret-sources-idUSKBN1E101C?feedType=RSS&feedName=technologyNews&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+reuters%2FtechnologyNews+%28Reuters+Technology+News%29
Youtube Thumbnail credit:
https://static.pexels.com/photos/230324/pexels-photo-230324.jpeg