Talkin’ About Infosec News – 1/14/2021





ORIGINALLY AIRED ON JANUARY 10, 2021

Articles discussed in this episode:

01:58 – Story # 1: WordPress Core Vulnerabilities – https://www.searchenginejournal.com/wordpress-core-vulnerabilities/432042/#close

11:32 – Story # 2: Card-stealing code on over 100 Sotheby’s luxury real estate sites – https://therecord.media/card-stealing-code-found-on-more-than-100-sothebys-luxury-real-estate-sites/

14:55 – Story # 3: France hits Facebook & Google with $210 million in fines – https://www.bleepingcomputer.com/news/legal/france-hits-facebook-and-google-with-210-million-in-fines/

22:14 – Story # 4: Pwn2Own, ShmooCon security conferences postponed due to COVID-19 surge – https://therecord.media/pwn2own-shmoocon-security-conferences-postponed-due-to-covid-19-surge/

24:48 – Story # 5: BREAKING! Cyber Threat Map – https://www.fireeye.com/cyber-map/threat-map.html

27:21 – Story # 6: Open source developer corrupts widely-used libraries – https://www.theverge.com/2022/1/9/22874949/developer-corrupts-open-source-libraries-projects-affected

34:38 – Story # 7: FTC warns companies to remediate Log4j security vulnerability – https://www.ftc.gov/news-events/blogs/techftc/2022/01/ftc-warns-companies-remediate-log4j-security-vulnerability

39:58 – Story # 8: Trojanized dnSpy app drops malware cocktail – https://www.bleepingcomputer.com/news/security/trojanized-dnspy-app-drops-malware-cocktail-on-researchers-devs/

45:33 – Story # 9: Norton 360 Cryptominer – https://krebsonsecurity.com/2022/01/norton-360-now-comes-with-a-cryptominer/

55:56 – Hot Takes and Sadness



We are self-publishing free Infosec Zines called PROMPT#.

PROMPT# will contain: 

  • Infosec articles 
  • Challenging puzzles 
  • Comic book based on real-life hacking adventures 
  • Coloring contests 
  • Bonus Backdoors & Breaches Consultant Cards (print version only) 
  • Other stuffs 

You can check out current and upcoming issues here: https://www.blackhillsinfosec.com/prompt-zine/