Update your OpenSSH ASAP - ThreatWire
ฝัง
- เผยแพร่เมื่อ 14 ก.ค. 2024
- ⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️
@endingwithali →
Twitch: / endingwithali
Twitter: / endingwithali
TH-cam: / @endingwithali
Everywhere else: links.ali.dev
Want to work with Ali? endingwithalicollabs@gmail.com
[❗] Join the Patreon→ / threatwire
00:00 0 - INTRO
00:12 1 - Rabbits vs Hackers
04:57 2 - Polyfill Supply Chain Attack
07:16 3 - OpenSSH RCE Found
09:08 4 - OUTRO
LINKS
🔗 Story 1: Rabbits vs Hackers
rabbitu.de/articles
x.com/xyz3va/status/180120137...
www.rabbit.tech/security-inve...
🔗 Story 2: Polyfill Supply Chain Attack
sansec.io/research/polyfill-s...
x.com/triblondon/status/17618...
web.archive.org/web/202406252...
web.archive.org/web/202402291...
🔗 Story 3: OpenSSH RCE Found
www.qualys.com/2024/07/01/cve...
blog.qualys.com/vulnerabiliti...
www.openssh.com/releasenotes....
github.com/acrono/cve-2024-63...
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → www.hak5.org
Shop → hakshop.myshopify.com/
Community → www.hak5.org/community
Subscribe → th-cam.com/users/Hak5Darr...
Support → / threatwire
Contact Us → / hak5
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community - where all hackers belong. - วิทยาศาสตร์และเทคโนโลยี
You sound so much much better with the Shure mic 🎙️❤
👍
It's not the brand. Type, proximity, preamp, diaphragm, polar pattern, projection, environmental absorption/diffraction/diffusion are the variables, not the brand lol
@@greptheloot it doesn't negate the fact it is better for some people ;)
@@19watcher86 agreed, just breaking down why it sounds better. I own shure, neumann and sennheiser condenser mics. All are surgically accurate with transients, but each brand has subtle eq coloration that makes it specially unique, at least to me lol.
yeah i was struggling with a way to get the lav to clip properly and i got so frustrated i gave up and switched mics!
I prefer the mic over the lav.
I consider Threatwire a news show, but I’d love instructional episodes that can lead us to security rabbit holes.
good to know! thanks for the feedback!
Second mic is really good 😂You sound more authoritative and secure. While not changing your voice tone.
yeah proximity to it definitely helps lol
Thanks! I hope the team at Hak5 has a wonderful July 4th
thank u!
Great Idea - enjoy technical specifics. Excellent Program.
I prefer the Shure mic. It’s a lot louder & makes you easier to hear. I’m not put off by a mic being in the frame. I think you should keep using that.
hmmm good to know
Also yeah I called out Rabbit and their sketchy marketing at the very beginning several months ago right at launch and and I got absolutely ratio’d by their fanboys… I gotta find that post so I can pull the ‘I told you so’
sorry that happened :(
I miss the old round tables and white board videos with darren and shannon like back in the old firehouse. can hak5 do some more content like that along with threatwire?
me too... I can't stand the new girl and wished she would stand behind the mic next time; she criticizes rabbit but likewise 'fakes it to makes it' - bring back shannon or darren
definitely would love to see this happen one too - will let the team know !
stand behind the mic? what do you mean? like directly behind it?
I like Threatwire as is, a cybersec news aggregator giving an overview of prominent stories. I wouldn't want that to change.
I do however encourage the Hak5 channel to do more in depth technical demonstration videos. If I see Glytch in the thumbnail, I drop what I'm doing and watch it.
! im sending him a screencap of this comment!!!!
Happy Birthday Ali
wat
Thanks for another great episode!
That cut at 1:01 almost blew my ear drums out 🤯
Was at 55 seconds when I saw this, thanks for saving mine
oop D:
Shure mic so much better! Best outfit yet too!
thanks!
Oh wow, your voice sounds WAY better with the bigger mic.
Please use it more!
omg! good to know
Happy 4th Ali! The Polyfill situation I fear is happening in other supply chains as well and hopefully will be uncovered.
yeah the developer community is about to have a shake up
Wow, so Rabbit is just a garbage company all together? They don't care about security, ignore people telling them "dude, we're in your systems", and when they're embarrassed by public disclosure of their negligence and incompetence, they LIE about implementing the fixes…
I questioned what their product did that a smartphone could not already do better. Add security to that list!
Ducky season!!
Appreciated now I just need a local.
Certificates are handed out willy nilly😂
So I use my linux with disabled ssh service and no openssh is installed, am I secured?
The openssh have been discuss now for like 2 weeks, why did it take long to be cover?
Not for threat wire but something like what jackreciter does? Full breakdowns and deep dives. Ps love you all!
good feedback thank you!
@@endingwithali you are doing a great job, thanks for asking us!
Nice longsleeve, where can I get it?
It is a pretty cool shirt.
i got it on sale at urban outfitters last year 🫠
@@endingwithali Fabulous! Thank you so much for taking the time to respond. 🥰💫
At least ! a much better mic ! thanks !
I just found out you exist and I'm interested. *clicks buttons*
Wabbit season!
Radio DJ Ali 🎉
Popular lies buries 😁
Small bit of feedback as a user with visual impairment. The sections of the video with text are incredibly difficult to read. The motion of the background coupled with the font choice are painful and create a feeling of minor motion sickness. Thanks for the always-informative videos!
Oh and alpha brain helps to
😻😻😻😻😻😻😻😻
100% more detailed on threatwire made me always watch threatwire as soon as it was uploaded to TH-cam. Now it goes to the watch later as it seems not to be as relevant in the infosec news realm... have lots of hak5 gear watched this channel gor at least 5 years but use to be better...
Who's this? Haven't been here in a while, where's shanon at ? 😆
I do love an intelligent person, especially one that listens to their viewers, and on a creepy level, I also love the dimples 😊
Had a focus group eh...
Still garbage & late.
Coding is an activity.
She has that “I’m going to ruin you life but you’re going to love every second of it” vibe
She’s cute, smart and those dimples 🔥
RABBIT R1 is piece of rubbish. No offense!
Security mommy
Regarding OpenSSH, I'm surprised that these "programmers" weren't checking that objects ACTUALLY exist before making ASYNCHRONOUS function calls. Lol, just ask any JS programmer about Promises (and I'm not talking about the ones they make to their wives either 😭😭😂) Even Hawk Tuah girl would know that!
i fear the security decisions of a javascript programmer more
You have not accepted my boyfriend pull request yet!
Buy a R0DE mic ..
im using a rode mic 🫠
@@endingwithali The Shure mic is better. Shure is what they use for almost all guitar recording (SM-57).
Shure is WAY better than Rode.
❤DIMPLES!❤
🙄
CREEPER