The Daily Decrypt

Last Ep of 2024 - FTC bans data brokers, Phishers exploit corrupted documents

Play Episode Pause Episode

Mute/Unmute Episode Rewind 10 Seconds 1x Fast Forward 30 seconds

00:00 /

Apple Podcasts Spotify YouTube

RSS Feed

Share

Link

Embed

Video Episode: https://youtu.be/eeLKwEsL8Ho

In today’s episode, we discuss the FTC’s recent ban on data brokers Mobilewalla and Gravy Analytics from selling sensitive location data linked to healthcare and religious sites, marking significant changes in data privacy regulations. We also cover the new phishing attack method utilizing corrupted Microsoft Office documents to bypass email security, and the urgent need for updates in Progress Software’s WhatsUp Gold following the release of a critical RCE exploit. Additionally, Cisco highlights ongoing exploitation attempts of a decade-old vulnerability in its ASA devices, emphasizing the need for users to secure their systems.

**Sources:**
1. https://www.bleepingcomputer.com/news/security/ftc-bans-data-brokers-from-selling-americans-sensitive-location-data/
2. https://www.helpnetsecurity.com/2024/12/03/phishers-send-corrupted-documents-to-bypass-email-security/
3. https://www.bleepingcomputer.com/news/security/exploit-released-for-critical-whatsup-gold-rce-flaw-patch-now/
4. https://thehackernews.com/2024/12/cisco-warns-of-exploitation-of-decade.html

Music: https://youtu.be/B4gk5tWMvyY?si=q_JjohozMBH7XPNe

1. What are today’s top cybersecurity news stories?
2. FTC bans data brokers from selling location data—what does it mean?
3. How are phishers using corrupted documents to evade email security?
4. What is the critical severity flaw in WhatsUp Gold and how to patch it?
5. What should I know about the exploitation of a decade-old Cisco ASA vulnerability?
6. How do data brokers collect and sell sensitive location data?
7. What are the latest tactics used by phishers in email scams?
8. Why is it important to patch the WhatsUp Gold RCE flaw immediately?
9. What vulnerabilities should federal agencies focus on according to CISA?
10. How can organizations protect themselves from network vulnerabilities?

FTC, Mobilewalla, Gravy Analytics, consumer privacy, Phishers, MS Office, Any.Run, credentials, WhatsUp Gold, vulnerability, exploit, unauthorized code, Cisco, WebVPN, vulnerability, malware,