Discord Vulnerabilities, Chrome 0-Day, & Severe WordPress Flaw – PSW #671
In the Security News, Testing firm NSS Labs closes up shop, stringing vulnerabilities together to pwn the Discord desktop app, a Wordpress plugin aimed at protecting Wordpress does the opposite, the FDA approves the use of a new tool for medical device vulnerability scoring, 8 new hot, steamy, moist cybersecurity certifications, and 5 things you can do to secure your home office without hiring an expert!
Announcements
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Hosts
- 1. Donald Trump says “nobody gets hacked”Yes, it bugged me.
- 1. Almost 800,000 SonicWall VPN appliances online are vulnerable to CVE-2020-5135
- 2. Dickey’s Barbecue Pit Investigating Possible Breach Affecting 3M Payment Cards
- 3. New Emotet campaign uses a new ‘Windows Update’ attachment
- 4. Albion Online game maker discloses data breach
- 5. Discord desktop app vulnerability chain triggered remote code execution attacks
- 6. US charges six Russian intelligence officers with hacking Ukraine, 2018 Olympics, and Skripal investigation
- 7. VoIP Firm Broadvoice Leaks 350 Million Customer RecordsAn unsecure, Elasticsearch database cluster belonging to Los Angeles, Calif.-based voice over internet protocol (VOIP) provider Broadvoice was found exposed online on Oct. 1 containing more than 275 million Broadvoice XBP customers' full names, identification numbers, phone numbers, and states and cities of residence.