This week in our news-focused episode we cover the WhatsApp zero-day vulnerability that allegedly was used to infect phones with malware by simply calling a phone with the app. We announced a new update to the Wordfence plugin, making an updated two-factor authentication feature available to all Wordfence users. We cover a story about SIM hijacking and discuss why we need to move away from SMS 2-factor authentication. We also cover an ongoing supply-chain attack affecting thousands of sites, three antivirus companies that have been compromised, a malvertiser indictment, and other stories.
Here are approximate timestamps in case you want to jump around: 0:30 WhatsApp voice calls used to inject malware 7:07 New Wordfence login security features 12:30 Ongoing supply-chain attack 18:58 SIM card hijacking campaign 22:05 Three US Antivirus companies compromised 23:55 Malvertiser compromised 30:12 Opting out of facial recognition at airports 32:48 Microsoft Word gets politically correct 37:38 Binance intrusion 41:25 Federal agencies spending millions to hack into phones