Mikey Veenstra joins us to talk about three WordPress plugins with severe vulnerabilities affecting well over 150,000 WordPress installations. Two plugins have been patched, one has not. With Mark under deadline for a film project, Mikey also talks some security news with Kathy. We cover a Docker vulnerability, anatomy of a SIM port attack, zero-day Windows exploits released by a disgruntled security researcher, two large scale data leaks affecting millions of people, and revisit the Baltimore ransomware problem and how the NSA's Eternal Blue tool was used in the attack.
1:00 Interview with Mikey Veenstra on 3 severe WordPress plugin vulnerabilities 13:00 The news, and where's Mark? 13:30 Docker vulnerability not yet patched 16:24 Anatomy of a SIM port attack 20:17 Microsoft 0-day exploits on github 25:34 XSS vulnerability discovered in Slimstat plugin 26:26 Over 49 million Instagram users data exposed 29:28 First American Financial leaked hundreds of millions title insurance records 34:20 How an NSA malware tool was used in the Baltimore ransomware attack