swn175

Security Weekly News Episode #175 – December 21, 2021

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Conti Group, log4j2, log4shell, Joker App, Zoho 0-Day, & haveibeenpwned Passwords – 02:00 PM-02:30 PM

Description

This week Dr. Doug talks: Conti, log4j2, log4shell redux, the return of the Joker, Your Car’s warranty is expired, HaveIbeenpwned, Zoho, Microsoft, and more! All this, the Expert Commentary of Jason Wood, and Doug’s farewell to 2021 on this edition of the Security Weekly News!

Hosts

DougWhite

Doug White

@dougwhitephd

Professor at Roger Williams University

  1. Conti Ransomware Gang Has Full Log4Shell Attack Chain
  2. Third Log4J Bug Can Trigger DoS; Apache Issues Patch
  3. Malicious Joker App Scores Half-Million Downloads on Google Play
  4. Robocalls More Than Doubled in 2021, Cost Victims $30B
  5. UK govt shares 585 million passwords with Have I Been Pwned
  6. FBI: State hackers exploiting new Zoho zero-day since October
  7. Microsoft Urges Customers to Patch Recent Active Directory Vulnerabilities
JasonWood

Jason Wood

@Jason_Wood

Founder; Primary Consultant at Paladin Security

  1. Facebook Bans Spy-for-Hire Firms for Targeting 50K People