Tag Archives: Anonymous

WatchGuard Security Week in Review: Episode 53 – RSA 2013

RSA 2013: Big Data, Chinese APT, and User Awareness

This week’s InfoSec news video comes from the 2013 RSA Security Conference in San Francisco. As such, much of the episode covers the major themes from the show flow. However, cyber attackers don’t take a break just because the security industry is having a pow-wow. I also cover other big stories from the week, including an emergency Flash update, a cPanel breach, new nation-state malware, and even an HTML5 trick than can fill you hard drive. Check out the episode below.

As always, feel free to browse the Reference section for more details on any of these stories, and thanks for watching. Comment if you have any suggestions.

(Episode Runtime: 10:11)

Direct YouTube Link: http://www.youtube.com/watch?v=AJbDQnkUToE

Episode References:

— Corey Nachreiner, CISSP (@SecAdept)

WatchGuard Security Week in Review: Episode 52 – China APT1

China APT1 Attackers and Java 0day Breaches

Welcome to another week of InfoSec news. If you’re subscribed to the YouTube channel directly, you probably noticed I posted last week’s video late last Friday. Unfortunately, I was catching a plane at the time, so I decided to wait until today to post the video blog entry. If you missed any of last week’s big information and network security news, you’ve come to the right place.

This week’s “on the road” episode covers Apple and Facebook network compromises, the zero day Java exploit that caused them, and one security company’s research alleging the Chinese government is behind many recents advanced persistent threat (APT) attacks. I also recommend some critical updates for Windows, Linux, and OS X users, so make sure to watch below.

This week I’ll be attending the RSA security conference, and recording another episode on the go, which means I may also post next week’s episode earlier or later than normal depending on my travel and event schedule. Until then, thanks for watching and stay frosty out there.

(Episode Runtime: 6:39)

Direct YouTube Link: http://www.youtube.com/watch?v=MolGboEK7nE

Episode References:

— Corey Nachreiner, CISSP (@SecAdept)

WatchGuard Security Week in Review: Reader 0day

Reader 0Day, Zombie Broadcast, and Bit9 Breach

Due to a busy work week, I was unable to create a fully produced InfoSec news summary video this week. I did post a very brief video (which you can find below), mostly to warn our YouTube subscribers about the missing episode. It contains very minimal detail about this week’s top security stories.

However, I won’t leave you hanging for your weekly security news fix. Below, you’ll find a bullet-list, which quickly summarizes many of this week’s most interesting Infosec news. See you next week.

  • Zero day Adobe Reader vulnerability - A security company, FireEye, discovered attackers exploiting a previously unknown vulnerability in Adobe Reader to install malware. Adobe hasn’t had time to fix it yet, but recommends you use “Protected View” mode to mitigate the issue. We’ll post more details when they patch.
  • President Obama signs cyber security executive order  - As many expected, President Obama signed a cyber security executive order this week that allows government organizations to share security intelligence with some private organizations  and asks critical infrastructure providers to up their security.
  • Bit9 breached and digital certificates stolen - A security company, Bit9, confirmed they were breached this week, and that attackers had stolen their digital certificates and used them to sign malware. Their excuse for the breach? They didn’t use their own product enough.
  • Hacked emergency broadcast system warns of zombie attack  - Folks in some Montana counties were surprise when their television emergency broadcast system warned of a zombie attack. Unsurprisingly, it turns out the system was hacked.
  • More Ruby on Rail vulnerabilities - Researchers have found more vulnerabilities, like SQL injections, in Ruby on Rails. If you are a web developer who uses this package, go patch.
  • Microsoft’s February Patch Day- As always, Microsoft released a bunch of security updates this week. They fixed flaws in Windows, Exchange, Internet Explorer, and a few lesser known products. I released details about the updates here, so hopefully you’ve already patched.
  • Adobe Flash and Shockwave updates – Adobe also released important Shockwave and Flash Player updates during Microsoft’s Patch Day. I talked about those earlier, too. Make sure to patch!
  • The dangers of losing your master password - A well-known security researcher, Jeremiah Grossman, shares a great anecdote on how very strong security practices can come back and bite you due to user error.

Direct YouTube Link: http://www.youtube.com/watch?v=wQP_5bXgHbg (Runtime: 2:08)

Extra Stories:

— Corey Nachreiner, CISSP (@SecAdept)

WatchGuard Security Week in Review: Episode 51 – Flash 0day

Flash Exploit, ICS Hacks, and Federal Reserve Bank Breach

We’ve had another busy week of security news, with more stories than I can cover in a short video. So I’ll stick to the highlights. Today’s episode talks about a couple Adobe Flash zero day vulnerabilities, the latest Anonymous hijinks, some cross-platform mobile malware, and more. If you missed this week’s InfoSec news, and want to learn about the biggest stories (including how to defend against the latest attacks), click the play button below. Also, check out the Reference section for links to some other interesting security stories I skipped.

Enjoy your weekend, and stay frosty out there.

(Episode Runtime: 8:03)

Direct YouTube Link: http://www.youtube.com/watch?v=B6YdI3NGwlg

Episode References:

— Corey Nachreiner, CISSP (@SecAdept)

WatchGuard Security Week in Review: Episode 45 – OpWestboro

Hacktivists Against Hate, SMS Spam Bots, and Exynos Exploits

Hey! Look at that. The world hasn’t ended.

I guess that means my decision to prepare my weekly security news video rather than my apocalyptical fallout shelter wasn’t a tragic mistake. If you are in the mood for some information security (infosec) news on the last Mayan calendar day of the, well, er…ever…then you’ve come to the right place.

In this week’s show, I cover some important software update news, an android SMS botnet, a mobile  zero day flaw, and the latest Anonymous operation, which I suspect many people might appreciate despite its illegal nature. If you’d like to learn how to avoid the latest malware and attacks, or just want to follow the latest infosec drama, play the video below.

Also, don’t forget to check out the Reference section if you’d like to read more details about any of these stories. As always, I’ll include a few extras for those looking for bonus material.

Speaking of end of times, this will be the last WatchGuard Security Week in Review episode for 2012. Enjoy your holiday. I’ll see you next year.

(Episode Runtime: 10:21)

Direct YouTube Link: http://www.youtube.com/watch?v=ua1FfpZy7qI

Episode References:

— Corey Nachreiner, CISSP (@SecAdept)

WatchGuard Security Week in Review: Episode 43 – Tumblr Worm

Tumblr Worm, Spoofed Tweets, and Madcap McAfee

Wow. I knew information security news was picking up over the past few years, but lately it seems like our own little industry reality show; complete with mysterious murders, border-crossing heists, and random heart attacks (not to mention, colorful personalities).

This week’s security news episode covers updates on the John McAfee melodrama, news of a fast-spreading Tumblr worm, and a Twitter SMS spoofing issue that can allow attackers to hijack your tweets. It also informs you about the latest important software vulnerabilities and updates. If you’d like a short video to quickly fill you in on the biggest security headlines from the week, click play below.

Of course if video isn’t your thing, you can also read about these stories using the helpful reference links I’ve provided. I’ve even thrown in a few extra news items for your enjoyment.

Let us know what you think in the comments, and see you next week.

(Episode Runtime: 12:41)

Direct YouTube Link: http://www.youtube.com/watch?v=9Cwvuz_TpXM

Episode References:

— Corey Nachreiner, CISSP (@SecAdept)

WatchGuard Security Week in Review: Episode 42 – Vulnerability Markets

Vuln Market 0day, Printer Backdoors, and Downed Internet

We’re back from hiatus. After a two week break, our weekly security news podcast has returned.

This week’s episode covers interesting new malware that leverages new command & control channels or targets specific victims, lots of zero day exploits being sold on vulnerability markets, a security industry murder mystery, and much more. If you’d like the latest information security updates, watch below.

As always, I’ve also included a Reference section, which contains links to all the stories mentioned in the video, as well as a few extra ones. Don’t forget to leave your feedback in our comments section.

Enjoy the show, and see you next week.

(Episode Runtime: 11:41)

Direct YouTube Link: http://www.youtube.com/watch?v=_DW3EcXbFlM

Episode References:

— Corey Nachreiner, CISSP (@SecAdept)

WatchGuard Security Week in Review: Episode 41 – Coke Cracked

Coca-Cola Cracked, Fawkes Day Fail, and Lots of Updates

This week’s security news round-up includes a story about an old Coca-Cola network breach, the results of Anonymous’ Fawkes Day fiasco, a little Twitter password hiccup, and lots of software security updates. If you have a little extra time on Fridays to catch up on the latest information security news, watch the video below.

Of course, if you have no time for videos, and would prefer to pick and choose your news items, see the Reference section below for link to all this week’s security headlines.

Show Note: I will be out for vacation starting the middle of next week, so will not be posting any WatchGuard Security Week in Review videos for the next couple of weeks. See you again at the end of November, and stay frosty out there.

(Episode Runtime: 10:42)

Direct YouTube Link: http://www.youtube.com/watch?v=S3LyJUK3MLw

Episode References:

— Corey Nachreiner, CISSP (@SecAdept)

WatchGuard Security Week in Review: Post Vacation Edition

If you follow my weekly security recap vlog, you probably noticed I didn’t post a WatchGuard Security Week in Review video last week. Instead, I was soaking up some rays on the beach. Ok… I was on a Washington state beach so there weren’t many “rays” involved — but at least there was sand.

Anyway, my scheduled vacation prevented me from posting the video last week. I would have mentioned the lack of video in a blog post, but I felt that the Security Center had its share of posts during an extremely hectic Black Patch Tuesday, and didn’t want to bother you with yet another one.

To make up for it, I’m posting a belated text-version of last week’s security news summary. If you’re interested in the important and interesting security stories you may have missed last week, check out the bulleted-list below. You can expect my video summaries to resume this Friday, though this week may be an “on the road” episode:

  • Shamoon malware wipes HD and MBR - An Israeli security firm called Seculert discovered a malware variant that steals info, then erases your hard drive (HD) and wipes your master boot record (MBR), preventing your computer from booting. Though the malware has infected at least one Middle Eastern energy company, experts do not think Shamoon comes from the same authors as other APTs.
  • Citadel trojan seems to target airline employees - A security company found a version of the Citadel botnet trojan that seems to target airlines, by attempting to steal employees’ VPN credentials. The malware specifically tries to capture some of the additional authentication tokens certain VPN clients require.
  • Blizzard credential breach - Blizzard is the latest victim of yet another password/credential breach. Though Blizzard salts their hash, you should still change your Blizzard credentials
  • Anonymous claims another PSN hack; Sony says no - In a tweet and Pastebin post, Anonymous claims they breached Sony PSN network again, and stole the information from 10 million PSN users. Sony says the breach didn’t happen. Chalk this one up to an Anonymous hoax.
  • Tridium releases ICS software patches – Tridium creates automation software for lighting and HVAC systems. US-CERT warned of many vulnerabilities in their software, and Tridium released updates to fix them this week. Just more evidence of how digital attacks can affect physical infrastructure.
  • Android malware triples in a quarter - One of WatchGuard’s partners, Kaspersky, released a security report last week that included some interesting facts about mobile malware. They found that Android malware has increased three-fold, and mostly focuses on SMS trojans that steal money.
  • Wikileaks Trapwire release and DDoS attack- A few weekends ago, Wikileaks released information about how certain agencies are leveraging video surveillance systems to track people (codenamed Trapwire). Shortly after this release, the Wikileaks site suffered DDoS attacks from a group called Antileaks. Antileaks says the incidents are unrelated.

Well, that covers the biggest security news from last week. On an unrelated note, I saw a video last week that does a great job of summarizing DEF CON 20. I can’t directly embed the video here, but you can find it in this article. If you missed DEF CON, and want to get its general vibe, I recommend checking the video out.

— Corey Nachreiner, CISSP (@SecAdept)

WatchGuard Security Week in Review: Text Version

As you probably noticed, I did not post a WatchGuard Security Week in Review episode this week. An extremely busy travel schedule, and a day off to run a long distance race with the WatchGuard team, made it impossible for me to record and produce my weekly video. But don’t worry… The weekly security recap video will return next week with a special episode.

I am attending the Blackhat Vegas security conference next week. Blackhat Vegas and Defcon (which falls on the same week) are two of the biggest security conferences of the year. Security researchers often disclose major breaking research and vulnerabilities during these exciting shows. You can look forward to an “on the road” edition of my weekly video next Friday, and it’ll likely include some big stories from Blackhat.

In the meantime, I won’t leave you hanging for your weekly security news fix. Below, you’ll find a bulleted-list, which quickly summarizes many of this week’s most interesting security stories. See you next week.

  • Oracle Quarterly Patch Day, July 2012 – On Tuesday, Oracle posted their quarterly patch update for July. They fixed 87 security vulnerabilities in many of their popular products. If you use Oracle software, you should check their CPU advisory and apply the necessary updates.
  • Rumored Android botnet may just be Yahoo MitM attack - Last week’s video, warned you about a potential new botnet might affect Android devices. Microsoft and others noticed spam coming from Android devices via Yahoo, and thought an android botnet may be involved. It turns out these emails may be the result of a Man-in-the-Middle (MitM) attack on Yahoo email from public hotspots.
  • Android 4.1 Harder to Hack – Various researchers have pointed out that Google’s upcoming Android Jellybean update (4.1) will make Android devices harder to hack. This new version implements some OS memory protection features like Address Space Layout Randomization (ASLR) and Data Execution Prevention (DEP) to make memory corruption flaws, such as buffer overflows, harder to exploit.
  • Anonymous is targeting Oil Companies in the Arctic - Anonymous has pointed their guns at oil companies drilling in the Arctic, such as Exxon and Shell. So far they have stolen a bunch of email account credentials.
  • Possible Dropbox breach – Many Dropbox users have complained about spam to their Dropbox accounts, which has the company investigating for a potential network breach. Little else is known yet, but I’ll update you if they find anything relevant.
  • Facebook photo tag spam - Attackers are spamming out a new malware campaign on Facebook. It arrives as a message saying someone has tagged a photo of you on Facebook. If you interact with it, it tries to install malware on your computer. Be wary of any unusual Facebook photo tagging messages.
  • DHS warns of ICS vulnerabilities – The US Department of Homeland Security has warned of vulnerabilities in a popular Industrial Control System (ICS) application called Niagara. If you work at an organization that uses this software, you need to implement the recommended workarounds (see this article).
  • Grum botnet partially disabled - Researchers and authorities have shutdown two of the Command and Control (C&C) servers used by a huge botnet called Grum. The botnet still has two other C&C servers to fallback on, but hasn’t so far. This takedown has significantly lessened email spam, however, botherders often just rebuild their zombie networks. So I wouldn’t expect the spam decrease to last for long.
  • ITWallStreet.com data breach – Attackers claimed to have gained access to 50,000 user records from the IT Wall Street web site. If you use this site, you should changed your password, and monitor your accounts for identity fraud.

— Corey Nachreiner, CISSP (@SecAdept)


Get every new post delivered to your Inbox.

Join 7,374 other followers

%d bloggers like this: