Tag Archives: DDoS

China’s Great Cannon – Daily Security Byte EP.65

Two weeks ago experts blamed China for a DDoS attack against Github. This week, researchers describe the Great Cannon tool that China allegedly uses for these sorts of attacks. Press play to learn more, and to hear how I think we should combat this threat.

 

(Episode Runtime: 2:30)

Direct YouTube Link: https://www.youtube.com/watch?v=stx9IRTcUBo

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

The Dyre Wolf Bites – Daily Security Byte EP.59

The Dyre trojan has been stealing banking credentials for awhile now, but IBM has discovered a new campaign that adds a human element to this digital attack. Watch the video to learn what to look out for, and how to protect your bank account from getting drained.

 

(Episode Runtime: 2:51)

Direct YouTube Link: https://www.youtube.com/watch?v=E3_jjP3gL3M

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Chinese GitHub DDoS – Daily Security Byte EP.56

Github has suffered a heavy distributed denial of service (DDoS) attack for over four days. Researchers say the attack comes from China, and is related to the political site GreatFire.org. Watch the video to learn about man-on-the-side attacks, and what to look for in DDoS protection.

 

(Episode Runtime: 2:04)

Direct YouTube Link: https://www.youtube.com/watch?v=imoPp5DmFrE

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

JP Morgan Hacked – WSWiR Episode 119

Gaming DDoS, Malvertising, and U.S. Banks Breached

You really need to keep up with the latest attacks to learn how to adjust your defenses to survive. However, with so much infosec news and so little time, it’s hard for many administrators to stay current. This weekly videos tries to keep you in the loop by summarizing the top news items each week.

Today’s show covers a big DDoS campaign against gaming sites that included a diverted plane, a malicious advertising attack that infected popular web sites, and an allegedly Russian attack against U.S. banks. See the video for the details, and check the references for other stories.

If you live in the U.S., enjoy your Labor Day weekend.

(Episode Runtime: 11:26)

Direct YouTube Link: https://www.youtube.com/watch?v=T4dz4wjY5hQ

Episode References:

Extras:

— Corey Nachreiner, CISSP (@SecAdept)

APT Exploits IE 0day – WSWiR Episode 85

Forum Hijacks, Singapore Hacking, and IE 0day

Happy Friday, everyone! The weekend is hours away; but before running off to finish of the last of your work week tasks, why not sit down with a hot cup of joe and catch up on what happened in security news this week?

In this episode, I talk about security patches for Microsoft, Adobe, and OpenSSH, cover some interesting web site hijacks, warn you of a new APT attack that leverages an IE zero day flaw, and mention an interesting hacking arrest in Singapore. Click the big red YouTube play button to learn more, and don’t forget to peek at the Reference section for links to other InfoSec news from the week.

Have fun this weekend!

(Episode Runtime: 8:52)

Direct YouTube Link: http://www.youtube.com/watch?v=VU_7KkQY1m4

Episode References:

Extras:

— Corey Nachreiner, CISSP (@SecAdept)

Bitcoin Weakness & Hack – WSWiR Episode 84

Microsoft Zero Day, PCI-DSS Update, and Bitcoin Attacks

Ingest this week’s biggest security news in one, easy to watch video with WatchGuard Security Week in Review. I consolidate the latest Infosec news in one place, so you don’t have to. 

Today’s episode covers the week’s security-related software updates, a zero day flaw in Windows and Office, the latest update to PCI-DSS, and some security problems with Bitcoin. Watch the video for the details, and check out the Reference section for a whole bunch of other interesting stories.

Thanks for watching, and have a great weekend!

(Episode Runtime: 9:28)

Direct YouTube Link: http://www.youtube.com/watch?v=l-yxD12gSbY

Episode References:

Extras:

— Corey Nachreiner, CISSP (@SecAdept)

NYT Tango Down – WSWiR Episode 75

.CN DDoS and DNS Hijacking

Do you want to hear about the week’s biggest InfoSec news, while learning a few security tips in the process? Well this is the weekly vlog for you.

In today’s video, I share a potential cause for China’s recent distributed denial of service (DDoS) attack, warn about a serious vulnerability in Cisco’s ACS, and explain how a hacktivist group took down the New York Times. I even throw in a bit of Friday fun at the end. Watch the video below, and remember to check out the references for links to other stories.

(Episode Runtime: 10:20)

Direct YouTube Link: http://www.youtube.com/watch?v=cyQX4J0OEyo

Episode References:

Extras:

— Corey Nachreiner, CISSP (@SecAdept)

WatchGuard Security Week in Review: Episode 58 – Darkleech Apache Attack

Telephony DoS, OpFreeKorea, and Darkleech

What do zombie video games, North Korea, and emergency telephone systems have in common? They’ve all been compromised by cyber attackers this week.

If you’re too busy dousing IT fires to keep up with InfoSec news on your own, give our weekly security news summary a try. In this short video, I quickly highlight the biggest security stories from the week, and give some practical defense tips along the way.

This week’s episode covers a new telephony denial of service (TDos) extortion scheme , a serious flaw in a common database system, the latest Anonymous operation, and a mysterious Apache hijacking campaign that has affected over 20,000 web servers. Watch the video below for the full scoop, and check out the Reference section for additional stories.

(Episode Runtime: 9:03)

Direct YouTube Link: http://www.youtube.com/watch?v=K18Snt0Lrm0

Episode References:

— Corey Nachreiner, CISSP (@SecAdept)

March Radio Free Security: Record Breaking DDoS

Record Breaking DDoS, Cracked Crypto, and ICS Honeypots

Radio Free Security (RFS) is a monthly audio podcast dedicated to spreading knowledge about network and information security, and to keeping busy IT administrators apprised of the latest security threats they face online. If you’re looking for the latest security news and best practice tips, this show is for you.

After a small unscheduled hiatus, Radio Free Security is back. Unfortunately, I had to skip our February episode due to a very busy work travel schedule. To make up for it, we return this month with a double heaping of information security (InfoSec) stories and news. Plus, we’ve thrown in a fun security-themed song parody to boot.

Here’s what to expect in this month’s episode:

  • Security Story of the Month (SSotM) [Pt.1 3:20 – 34:05, Pt.2 37:10 – 1:07:00] – During SSotM, Ben Brobak, Chris Shaiman, and Corey Nachreiner highlight the most concerning security stories and incidents from the month. Topics include a new weakness in a cipher associated with SSL and TLS, more zero day Java exploits, a severe sentence in a cyber security trial, the largest DDoS attack ever seen, and more. Follow along to learn which story takes the cake, and what you can do to defend your network.
  • WatchGuard’s Secure Shop Song Parody [34:19 – 37:10] –  We debut our latest security-themed song parody. A talented and creative group of WatchGuard employees wrote a song parody to Macklemore’s popular Thrift Shop rap. We’re proud of this rising Seattle-based rapper, so thought how better to celebrate his success than making our own tongue-in-cheek security tune in this honor. I think the song turned out great, and you can expect us to post the accompanying music video soon. Give it a listen (I will post a new direct link shortly).

So settle in, adjust your volume, and enjoy the show.

[runtime: 1:08:17]

You can always find the latest episode of Radio Free Security:

— Corey Nachreiner, CISSP (@SecAdept)

Follow

Get every new post delivered to your Inbox.

Join 7,901 other followers

%d bloggers like this: