Wyze Cameras Have A Three Year Old Flaw - ThreatWire (AUDIO ONLY) (Patreon)

Wyze had a three year old flaw, VMWare warns of Log4Shell exploits, and Apple patches more zero days! All that coming up now on ThreatWire. #threatwire #hak5

Weekly security and privacy news, brought to you by Shannon Morse. ThreatWire is a weekly news journalism show covering cybersecurity topics for network admins, information security professionals, and consumers.

Watch this on youtube (video may be “private” until the scheduled publish time): https://youtu.be/G9rM7DCxIGc

Shop ThreatWire Merch Directly! - https://snubsie.com/shop

Shop ThreatWire Merch on Teespring! - https://morsecode.creator-spring.com/ 

Support ThreatWire!  https://www.patreon.com/threatwire 

Follow Shannon on Social Media: https://snubsie.com/links 

Links:

Wyze

https://www.theverge.com/23003418/wyze-cam-v1-vulnerability-no-patch-bitdefender-responsible-disclosure

https://www.bitdefender.com/blog/labs/vulnerabilities-identified-in-wyze-cam-iot-device/

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9564

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12266

https://www.bitdefender.com/files/News/CaseStudies/study/413/Bitdefender-PR-Whitepaper-WCam-creat5991-en-EN.pdf

https://www.engadget.com/wyze-cam-security-exploit-three-years-142147258.html

https://www.theverge.com/2022/1/27/22904844/wyze-discontinues-smart-security-camera-wyzecam-v1

Vmware / log4shell

https://thehackernews.com/2022/04/chinese-hackers-target-vmware-horizon.html

https://www.fortinet.com/blog/threat-research/deep-panda-log4shell-fire-chili-rootkits

https://www.zdnet.com/article/chinese-hackers-deep-panda-return-with-log4shell-exploits-new-fire-chili-rootkit/

https://news.sophos.com/en-us/2022/03/29/horde-of-miner-bots-and-backdoors-leveraged-log4j-to-attack-vmware-horizon-servers/

https://www.vmware.com/security/advisories/VMSA-2022-0010.html

https://www.bleepingcomputer.com/news/security/vmware-patches-spring4shell-rce-flaw-in-multiple-products/

Apple

https://thehackernews.com/2022/04/chinese-hackers-target-vmware-horizon.html

https://arstechnica.com/information-technology/2022/03/apple-rushes-out-patches-for-two-zero-days-threatening-ios-and-macos-users/

https://support.apple.com/en-us/HT213219

https://support.apple.com/en-us/HT213220

https://www.zdnet.com/article/apple-updates-macos-ios-and-ipados-to-fix-possibly-exploited-zero-day-flaws/

https://threatpost.com/apple-zero-day-security-exploited/178040/

Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005:

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Our Site → https://www.hak5.org

Shop →  http://hakshop.myshopify.com/

Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1

Support → https://www.patreon.com/threatwire

Contact Us → http://www.twitter.com/hak5

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

____________________________________________

Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.