Think Like a Hacker Episode 23

Podcast Episode 23: Security News from WCEU in Berlin

This week, we’re at WordCamp Europe in Berlin, Germany and there is a lot of WordPress and security news to cover. We talk about the recent outage with WordPress VIP Go, what’s new in WordPress version 5.2.2, vulnerabilities in two of Facebook’s WordPress plugins, a Google Chrome extension for reporting bad URLs and a Chrome extension found to hijack search results. We talk about the importance and future of Troy Hunt’s “Have I Been Pwned” project as he preps it for sale, a Firefox 0Day exploited in the wild, and two more American municipalities affected by malware. Evite disclosed a recent breach, Telegram gets DDoSed, a vulnerability found in Evernote’s Web Clipper and Netflix’s discovery of multiple Linux and FreeBSD vulnerabilities.

Here are approximate timestamps in case you want to jump around:
1:42 WordPress VIP Go outage
3:29 WordPress 5.2.2 Update
4:28 Security implications of WordPress multisite
8:34 Self-promoting security troll strikes again
12:06 Chrome Suspicious URL Extension
13:36 Should Google be monetizing GSB data?
18:31 Malicious “YouTube Queue” chrome extension
21:25 Have I Been Pwned for sale
28:46 Firefox 0-day
30:00 Ransomware hits Philly
34:00 House lawmakers demand end to warrantless surveillance
37:20 Evite data breach
39:32 Telegram servers DDoSed
43:19 Evernote XSS flaw
46:22 Linux and FreeBSD vulns

Find us on your favorite app or platform including iTunes, Google Podcasts, Spotify, YouTube, SoundCloud and Overcast.

Click here to download an MP3 version of this podcast. Subscribe to our RSS feed.

This week in the news we cover:

Thanks to Micah Dailey for the review on Apple Podcasts!

You can find Mark on Twitter as @mmaunder and Kathy as @kathyzant. Please feel free to post your feedback in the comments below.

Did you enjoy this post? Share it!

Comments

No Comments