Podcast Episode 32: WordPress Vulnerabilities Targeted, iOS Security Update & the Equifax Settlement

This week, we cover WordPress vulnerabilities targeted by a malvertising campaign and an important iOS security update. We also look at Equifax’s $700 million settlement and a recent uptick of new breaches added to Have I Been Pwned. Along with other news and a summary of WordCamp Boston, we talk about the film project we’ve worked on since late last year. Open | The Community Code will premiere November 2019. We talk about how and why we created this film about the open-source WordPress community.

Here are timestamps in case you would like to jump around:

0:45 Kathy reviews WordCamp Boston
3:40 Open.film, how and why we created a documentary short about WordPress
12:15 WordPress vulnerabilities targeted by malvertising campaign
17:30 iOS security update
19:40 Equifax settlement
24:15 New breaches in Have I Been Pwned
29:32 Russian Intelligence Hack
31:50 Bulgaria tax agency hacked
33:45 Kazakhstan’s plans to add man-in-the-middle certificate
39:45 A plea to cybersecurity reporters

Find us on your favorite app or platform including iTunes, Google Podcasts, Spotify, YouTube, SoundCloud and Overcast.

Click here to download an MP3 version of this podcast. Subscribe to our RSS feed.

This week in the news we cover:

  • A malvertising campaign is targeting recently disclosed WordPress vulnerabilities.
  • An iOS update released July 22 contains numerous security patches.
  • Equifax settles with the Federal Trade Commission for $700 million for the data breach that happened in 2017.
  • Numerous new breaches have been added to Have I Been Pwned. They include breaches from the following:
    • Online photo editing site piZap
    • Fashion retailer SHEIN
    • Hacking site BlackSpigotMC
    • Video making service Animoto
    • Broadcasting service YouNow
    • Bulgarian National Revenue Agency
    • Food ordering service EatStreet
    • Auction website Artvalue
    • Roleplaying website Roll20
    • Gaming site Armor Games
    • Gaming site Game Salad
    • Gaming site Stronghold Kingdoms
    • Gaming site Flash Flash Revolution
    • Smartphone manufacturer Xiaomi user forum
  • Russian Intelligence has been hacked, exposing social media and TOR intelligence projects
  • The Bulgarian National Revenue Agency had records of 5 million taxpayers stolen by hackers, which is likely the entire taxpaying population.
  • The government of Kazakhstan ordered all ISPs in the country to force customers to install a government-issued root certificate by Quaznet Trust Network on all of their internet accessing devices.

You can find Mark on Twitter as @mmaunder and Kathy as @kathyzant. To learn more about Open, visit open.film or follow on Twitter @opendotfilm. Please feel free to post your feedback in the comments below.

The post Podcast Episode 32: WordPress Vulnerabilities Targeted, iOS Security Update & the Equifax Settlement appeared first on Wordfence.