The Marvel Universe – PSW #628

In the Security News, Disney Plus Blames Past Hacks for User Accounts Sold Online, Why Multifactor Authentication Is Now a Hacker Target, How the Linux kernel balances the risks of public bug disclosure, A critical flaw in Jetpack exposes millions of WordPress sites, and Amazon tells senators it isn’t to blame for Capital One breach!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Full Episode Show Notes

To learn more about our sponsors visit: The Security Weekly Sponsor’s Page

The Marvel Universe

Paul’s Stories

  1. Amazon tells senators it isn’t to blame for Capital One breach
  2. DNS-over-HTTPS is coming to Windows 10
  3. A critical flaw in Jetpack exposes millions of WordPress sites
  4. Throwback Thursday: See if you can wriggle out of this one
  5. Disney Plus Blames Past Hacks for User Accounts Sold Online | SecurityWeek.Com
  6. Why Multifactor Authentication Is Now a Hacker Target
  7. California IoT security law: What it means and why it matters – Help Net Security
  8. D-Link Adds More Buggy Router Models to Wont Fix List
  9. If You Love Your Wi-Fi, Secure It – OpenDNS Umbrella Blog
  10. I ‘Hacked’ My Accounts Using My Mobile Number: Here’s What I Learned
  11. Microsoft Will Bring DNS Over HTTPS (DoH) to Windows | SecurityWeek.Com
  12. Intel Patched 77 Vulnerabilities in November 2019 Platform Update
  13. How the Linux kernel balances the risks of public bug disclosure
  14. Hacking Python Applications
  15. 13 Security Pros Share Their Most Valuable Experiences
  16. Office 365 Admins Targeted in Ongoing Phishing Scam

Lee’s Stories

  1. Thousands of hacked Disney+ accounts for sale

Hosts

Doug White
Doug White – Professor
Matt Alderman
Matt Alderman – CEO
Paul Asadoorian
Paul Asadoorian – Founder & CTO

Guests

Announcements

  • We have exciting news about the Security Weekly webcast program: We are now partnered with (ISC)2 as an official CPE provider! If you attend any of our webcasts, you will be receiving 1 CPE credit per webcast! Register for one of our upcoming webcast with Zane Lackey of Signal Sciences, Ian McShane from Endgame, or Stephen Smith and Jeff Braucher of LogRhythm (or all 3!) by going to securityweekly.com/webcasts If you have missed any of our previously recorded webcasts, you can find our on-demand library at securityweekly.com/ondemand