From Security Weekly Wiki
Jump to navigationJump to search

Security Weekly News Episode #61 - September 01, 2020

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Slack RCE, Charming Kitten, & KryptoCibule Malware - 02:00 PM-02:30 PM

Visit https://securityweekly.com/crowdstrike for more information!


This week, Dr. Doug talks Tesla, Slack, Charming Kitten returns, KryptoCibule, and Tweets from the great beyond! In the Expert Commentary, we welcome Ian McShane,VP, Product Marketing at CrowdStrike, to discuss remote work/return to office, and the challenges therein!

This segment is sponsored by CrowdStrike.

Visit https://securityweekly.com/crowdstrike to learn more about them!


Ian McShane

With almost twenty years in information security including practitioner, product manager, and a shift as the lead Gartner analyst for endpoint security and EDR, CrowdStrike’s VP of Product Marketing Ian McShane has seen a lot of crazy things in his time.


Doug White's Content:


  1. Tesla was the target of a Russian national's malware attempt.
  2. Slack RCE can allow total takeover in versions less than 4.4
    1. Slack paid a 1750$ bug bounty on this one.
  3. Charming Kitten targets Whatsapp and LinkedIn.
  4. Iranian hackers also targeting the F6 Big-IP flaw from earlier.
    1. CVE-2020-5902
  5. NZ Stock Exchange shut down with DDoS attack.
    1. NZ freezes Russian Cyber Criminal Assets of 90 Million dollars.
  6. NYSE says they are likely not vulnerable to NZ style DDoS attacks.
  7. New Malware family called KrytpeCibule revealed by ESET.
  8. Herman Cain from tweets from beyond the grave.