WatchGuard Security Week in Review: Episode 33 – Elderwood Project

Advanced Attack Campaigns and Stealthy Botnets

The weekend is almost upon us… Yay! Before you run out and enjoy some fun in the sun (hopefully), take eight minutes to check out this summary video highlighting some of the bigger information and network security stories this week.

In this episode, I share a quick UDID leak update, talk about a long-term advanced attack campaign, warn you of a potential HTTPS weakness, and discuss a botnet evolution. I throw in a few “fun” security news tidbits as well. If you want to stay on top of the latest security issues, click the play button below.

As always, if I skim over a topic too quickly for your tastes, feel free to check out the Reference section, where you will find links to all these stories. See you next week.

(Episode Runtime: 8:09)

Direct YouTube Link: http://www.youtube.com/watch?v=gmNPx8dx7Yw

Episode References:

• UDID update: The FBI didn’t do it - Gizmodo
• Wired Elderwood project story - Wired
• Symantec Elderwood infographic - Symantec
• Symantec Elderwood report [PDF] - Symantec
• CRIME: A new HTTPS attack - Ars Technica
• Microsoft takes down Nitol - Krebs on Security
  
• IRC Botnets hides in Tor – Computer World
  
• Be careful searching on Emma Watson – NBC
• Extra Stories
  • GoDaddy outage: Hack or network issue?  –  The Register
  • Mobile malware focuses on SMS toll fraud – Dark Reading
  • Blackhole exploit kit improved - Ars Technica

— Corey Nachreiner, CISSP (@SecAdept)