Tag Archives: DDoS

JP Morgan Hacked – WSWiR Episode 119

Gaming DDoS, Malvertising, and U.S. Banks Breached

You really need to keep up with the latest attacks to learn how to adjust your defenses to survive. However, with so much infosec news and so little time, it’s hard for many administrators to stay current. This weekly videos tries to keep you in the loop by summarizing the top news items each week.

Today’s show covers a big DDoS campaign against gaming sites that included a diverted plane, a malicious advertising attack that infected popular web sites, and an allegedly Russian attack against U.S. banks. See the video for the details, and check the references for other stories.

If you live in the U.S., enjoy your Labor Day weekend.

(Episode Runtime: 11:26)

Direct YouTube Link: https://www.youtube.com/watch?v=T4dz4wjY5hQ

Episode References:

Extras:

— Corey Nachreiner, CISSP (@SecAdept)

APT Exploits IE 0day – WSWiR Episode 85

Forum Hijacks, Singapore Hacking, and IE 0day

Happy Friday, everyone! The weekend is hours away; but before running off to finish of the last of your work week tasks, why not sit down with a hot cup of joe and catch up on what happened in security news this week?

In this episode, I talk about security patches for Microsoft, Adobe, and OpenSSH, cover some interesting web site hijacks, warn you of a new APT attack that leverages an IE zero day flaw, and mention an interesting hacking arrest in Singapore. Click the big red YouTube play button to learn more, and don’t forget to peek at the Reference section for links to other InfoSec news from the week.

Have fun this weekend!

(Episode Runtime: 8:52)

Direct YouTube Link: http://www.youtube.com/watch?v=VU_7KkQY1m4

Episode References:

Extras:

— Corey Nachreiner, CISSP (@SecAdept)

Bitcoin Weakness & Hack – WSWiR Episode 84

Microsoft Zero Day, PCI-DSS Update, and Bitcoin Attacks

Ingest this week’s biggest security news in one, easy to watch video with WatchGuard Security Week in Review. I consolidate the latest Infosec news in one place, so you don’t have to. 

Today’s episode covers the week’s security-related software updates, a zero day flaw in Windows and Office, the latest update to PCI-DSS, and some security problems with Bitcoin. Watch the video for the details, and check out the Reference section for a whole bunch of other interesting stories.

Thanks for watching, and have a great weekend!

(Episode Runtime: 9:28)

Direct YouTube Link: http://www.youtube.com/watch?v=l-yxD12gSbY

Episode References:

Extras:

— Corey Nachreiner, CISSP (@SecAdept)

NYT Tango Down – WSWiR Episode 75

.CN DDoS and DNS Hijacking

Do you want to hear about the week’s biggest InfoSec news, while learning a few security tips in the process? Well this is the weekly vlog for you.

In today’s video, I share a potential cause for China’s recent distributed denial of service (DDoS) attack, warn about a serious vulnerability in Cisco’s ACS, and explain how a hacktivist group took down the New York Times. I even throw in a bit of Friday fun at the end. Watch the video below, and remember to check out the references for links to other stories.

(Episode Runtime: 10:20)

Direct YouTube Link: http://www.youtube.com/watch?v=cyQX4J0OEyo

Episode References:

Extras:

— Corey Nachreiner, CISSP (@SecAdept)

WatchGuard Security Week in Review: Episode 58 – Darkleech Apache Attack

Telephony DoS, OpFreeKorea, and Darkleech

What do zombie video games, North Korea, and emergency telephone systems have in common? They’ve all been compromised by cyber attackers this week.

If you’re too busy dousing IT fires to keep up with InfoSec news on your own, give our weekly security news summary a try. In this short video, I quickly highlight the biggest security stories from the week, and give some practical defense tips along the way.

This week’s episode covers a new telephony denial of service (TDos) extortion scheme , a serious flaw in a common database system, the latest Anonymous operation, and a mysterious Apache hijacking campaign that has affected over 20,000 web servers. Watch the video below for the full scoop, and check out the Reference section for additional stories.

(Episode Runtime: 9:03)

Direct YouTube Link: http://www.youtube.com/watch?v=K18Snt0Lrm0

Episode References:

— Corey Nachreiner, CISSP (@SecAdept)

March Radio Free Security: Record Breaking DDoS

Record Breaking DDoS, Cracked Crypto, and ICS Honeypots

Radio Free Security (RFS) is a monthly audio podcast dedicated to spreading knowledge about network and information security, and to keeping busy IT administrators apprised of the latest security threats they face online. If you’re looking for the latest security news and best practice tips, this show is for you.

After a small unscheduled hiatus, Radio Free Security is back. Unfortunately, I had to skip our February episode due to a very busy work travel schedule. To make up for it, we return this month with a double heaping of information security (InfoSec) stories and news. Plus, we’ve thrown in a fun security-themed song parody to boot.

Here’s what to expect in this month’s episode:

  • Security Story of the Month (SSotM) [Pt.1 3:20 - 34:05, Pt.2 37:10 - 1:07:00] – During SSotM, Ben Brobak, Chris Shaiman, and Corey Nachreiner highlight the most concerning security stories and incidents from the month. Topics include a new weakness in a cipher associated with SSL and TLS, more zero day Java exploits, a severe sentence in a cyber security trial, the largest DDoS attack ever seen, and more. Follow along to learn which story takes the cake, and what you can do to defend your network.
  • WatchGuard’s Secure Shop Song Parody [34:19 - 37:10] –  We debut our latest security-themed song parody. A talented and creative group of WatchGuard employees wrote a song parody to Macklemore’s popular Thrift Shop rap. We’re proud of this rising Seattle-based rapper, so thought how better to celebrate his success than making our own tongue-in-cheek security tune in this honor. I think the song turned out great, and you can expect us to post the accompanying music video soon. Give it a listen (I will post a new direct link shortly).

So settle in, adjust your volume, and enjoy the show.

[runtime: 1:08:17]

You can always find the latest episode of Radio Free Security:

— Corey Nachreiner, CISSP (@SecAdept)

WatchGuard Security Week in Review: Episode 57 – 300Gb DDoS

POS Trojans, Android Spear Phishing, and Record DDoS

Extra, Extra, the Internet almost broke (no it didn’t). Read… View all about it!

Too much security news, and too little time? Let me summarize the highlights for you in my weekly InfoSec recap video. This week I cover two trojans targeting point-of-sale (POS) computers, a few software updates, a targeted spear phishing campaign spreading Android malware, and the record-breaking SpamHaus DDoS attack, which didn’t really break the Internet despite some reports. Click play for the details

There were also a ton of other interesting Infosec tidbits this week, beyond what’s in the video. If you’re interested, check out the Reference section below. Stay frosty out there, and have a Happy Easter weekend.

(Episode Runtime: 9:47)

Direct YouTube Link: http://www.youtube.com/watch?v=sC1zLvbjzI4

Episode References:

— Corey Nachreiner, CISSP (@SecAdept)

WatchGuard Security Week in Review: Episode 36 – White House Hack

Pwned DSL Routers, White House Hack, and Phone Scams

Cyber security is on the industry’s mind. As a result, every week seems packed with information and network security news. If you don’t have time to keep up because you are too busy putting out normal IT fires, this weekly podcast is for you. WatchGuard Security Week in Review is dedicated to quickly summarizing the biggest security stories each week, and to sharing tips and best practices that can help protect you from the latest threats. If you want a 10 minute or less summary of each week’s security news, give this video podcast a try.

This week, I talk about a FUD-filled White House hack, an attack campaign that infected 4.5 million Brazilian routers, a couple examples of phone scams and social engineering, and much more. If any of this interests you, or you just want to relax for 10 minutes while sipping your first coffee of the day, press play on the video below.

As always, I’ve included a Reference section below, which links to each of the stories. If you want more details than I can cover in this short episode, check the links out. Hope to see you next time, and stay safe out there.

(Episode Runtime: 10:25)

Direct YouTube Link: http://www.youtube.com/watch?v=MupAGOg-RBI

Episode References:

— Corey Nachreiner, CISSP (@SecAdept)

WatchGuard Security Week in Review: Episode 35 – Adobe Certs

New Java 0day, Cisco DoS, and Stolen Adobe Certs

There’s no shortage of information and network security news lately. If you find yourself struggling to keep up with it, due to all your other daily tasks, let my weekly summary videos fill you in. WatchGuard Security Week in Review quickly highlights the most important stories of the week, and lets you know what to do about the ones that might affect you.

This week’s episode includes two important software updates, news of another Java zero day flaw, a story about advanced attackers breaching a Smart Grid vendor’s network, and details about stolen Adobe code signing certificates. There’s patches to install and certificates to revoke, so give this week’s episode a view to learn what to do.

If you’d like more details on any of these stories, or want to see the ones I didn’t have time to cover in the video, check out the Reference section below. Have a great weekend, and see you next Friday.

(Episode Runtime: 8:50)

Direct YouTube Link: http://www.youtube.com/watch?v=R-DbODYoBLI

Episode References:

— Corey Nachreiner, CISSP (@SecAdept)

WatchGuard Security Week in Review: Episode 34 – IE 0day

IE 0day, Bank Attacks, and Massive Apple Update

Are you too busy to follow security news yourself, but would like quick updates about the latest attacks, vulnerabilities, and trends? Then WatchGuard Security Week in Review is for you. In this weekly video (posted every Friday), I quickly summarize the biggest information and network security news. Rather than let your busy schedule keep you in the dark, give this short recap video a try.

Today’s episode covers a major zero day vulnerability in Internet Explorer (IE), a bunch of security updates for Macs and iOS devices, and a few stories about attackers targeting banks. If you manage Windows systems, it’s worth a watch for the IE vulnerability alone.

As an aside, I’ve been traveling in Europe all this week, so I had to produce this episode quickly, from my hotel room, on my iPhone. The quality is not quite up to its normal par, and due to my schedule, I had to skim over a few details and skip a few stories. However, if you are interested in more information, or would like to see some of the stories I didn’t mention in the video, be sure to check out the Reference section below.

Finally, if you have suggests for what you’d like to see in future episodes, let me know in the comments.

(Episode Runtime: 5:40)

Direct YouTube Link: http://www.youtube.com/watch?v=AqN8zgFj5z8

Episode References:

— Corey Nachreiner, CISSP (@SecAdept)

Follow

Get every new post delivered to your Inbox.

Join 7,560 other followers

%d bloggers like this: