Tag Archives: malware

APT Spy vs. Spy – Daily Security Byte EP.67

Kaspersky researchers have found two advanced threat actor groups trying to hack one another. Today’s video talks about this spy vs spy phish off, and shares what we can learn from it. Watch the video, but be sure to check out Kaspersky report for all the interesting technical details.

 

(Episode Runtime: 3:12)

Direct YouTube Link: https://www.youtube.com/watch?v=4qTo3gB89GU

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

The Dyre Wolf Bites – Daily Security Byte EP.59

The Dyre trojan has been stealing banking credentials for awhile now, but IBM has discovered a new campaign that adds a human element to this digital attack. Watch the video to learn what to look out for, and how to protect your bank account from getting drained.

 

(Episode Runtime: 2:51)

Direct YouTube Link: https://www.youtube.com/watch?v=E3_jjP3gL3M

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Disregard Dangerous Documents – Daily Security Byte EP.52

According to Trend Micro (and others), Office document macro malware is making a comeback. Watch today’s video to learn why your users should be concerned with all document-based malware in general.

 

(Episode Runtime: 2:36)

Direct YouTube Link: https://www.youtube.com/watch?v=0bEB6QWj_XI

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Gamer Ransomware – Daily Security Byte EP.43

The latest Cryptolocker look-alike is going after gamers. If you want to avoid losing your latest game saves, or your homemade, one-of-a-kind, custom maps, be sure to watch today’s video to see what to do.

 

(Episode Runtime: 2:56)

Direct YouTube Link: https://www.youtube.com/watch?v=4ur_nQ0tIHk

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Gazon Android Worm – Daily Security Byte EP.37

Are you an Android user? If so you’ll probably want to know about the new worm that spreads via texts, and has infected over 4000 US users. Press play to learn more.

(Episode Runtime: 1:43)

Direct YouTube Link: https://www.youtube.com/watch?v=KV-E7EojS3M

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Hot Girls Help Hackers – WSWiR Episode 138

The information security (infosec) industry is fast paced, and attackers change tactics every week. Do you have trouble following the latest attacks and security news? Well, our regular infosec video is here to help.

Today’s episode covers attackers masquerading as hot girls, a zero day IE11 flaw, malicious Google Play apps, an one of the largest healthcare data breaches. Watch the video for details on all that an more, and visit the Reference section for links to other stories.

(Episode Runtime: 10:50)

Direct YouTube Link: https://www.youtube.com/watch?v=EjDCoG7RxsY

EPISODE REFERENCES:

EXTRAS:

— Corey Nachreiner, CISSP (@SecAdept)

Don’t Be ‘fraid of No Ghost – WSWiR Episode 137

If you want the best network defenses, you need to stay abreast of the latest information security news; but I realize most IT folks don’t have the time to stay informed on their own. Let our weekly video do the heavy lifting, and quickly share the biggest infosec news.

This episode, from last week, covers the latest evidence of a nation state malware campaign, a warning about an adult site spreading malware, news of a critical Linux vulnerability, and more. Watch the video for the scoop, and see the links below.

(Episode Runtime: 4:18)

Direct YouTube Link: https://www.youtube.com/watch?v=waS8JjyTjks

EPISODE REFERENCES:

EXTRAS:

— Corey Nachreiner, CISSP (@SecAdept)

Facebook Hacked- WSWiR Episode 74

App Store Hole, LoL Breach, and Zuckerberg Hacked

I’m back with our regular infosec news video summary, where I highlight the biggest or most interesting security stories from the week and share a few tips along the way.

Today’s episode covers a handful of software updates, the breach of a popular multiplayer arena battle game, some drama around a new Facebook vulnerability, and new research describing how to bypass Apple’s App Store protections. Watch the video to learn more, and check out the reference section below for some other stories as well.

(Episode Runtime: 9:43)

Direct YouTube Link: http://www.youtube.com/watch?v=V0Qhxbx1y7g

Episode References:

Extras:

— Corey Nachreiner, CISSP (@SecAdept)

Android Bitcoin Wallets Broken – WSWiR in Words

Hacked Baby Monitors, Broken Bitcoins, and Apache Exploit Kits

By the time you see this on Friday, I’ll be hiking and camping in the Olympic National Forest. I’m taking a day off this week for an extended camping weekend. Unfortunately, that also means I did not have time to produce a full InfoSec summary video… but fear not.

In lieu of this week’s video, I’m leaving you with a written summary of the interesting security stories I would have covered this week. Check out the quick summaries below, and don’t forget to take a peek at the Extra Stories section for links to other interesting news:

  1. Exploit Kit Released for Apache Struts FrameworkStruts is an open source framework for creating Java web applications, created by the Apache Software Foundation. A month ago, Apache released a patch for Struts to fix a number of highly critical vulnerabilities. This week, researchers at Trend Micro discovered that Chinese attackers have created and are sharing an automated toolkit designed to make it very easy to exploit these Struts flaw. Ultimately, the toolkit give attackers enough control that they can inject a malicious backdoor onto vulnerable Struts servers. I you are a web administrator who uses Struts, and you haven’t upgraded yet, you should do so immediately.
  2. Miscreants Troll a Toddler Via a Hacked Baby Monitor – This week, a story came out about parents who heard some hoodlums yelling and cursing at their two year old daughter via a Foscam brand baby monitor, which had allegedly been hacked.

    This isn’t too surprising. Over the years, researchers have discovered and shared many vulnerabilities in IP-based webcams like these Foscam cameras. The Foscam cameras in particular have suffered from directory traversal and cross-site scripting vulnerabilities, both of which could help attackers gain unauthenticated access to the administrative credentials for the cameras. Researchers have even released tools like getmecamtool, which attackers could use to inject malicious firmwares onto these cameras, allowing them to do all sorts of mischief. Finally, tools like Shodan make it dead simple for attackers to find thousands of potential victims easily.

    The good news is Foscam has patched many of these flaws. The bad news is average consumers don’t realize they need to update firmware for hardware devices. If you use any sort of IP-based webcam, I recommend you update its firmware regularly. By the way, there was a semi-happy ending to this baby trolling story. The toddler in question is  deaf, so all the yelling in the world didn’t bother her in the least.

  3. Flaw in Android Bitcoin Wallets results in Bitcoin Pickpocketing – If you use an Android-based Bitcoin wallet, it’s time to move your Bitcoin. According to an advisory this week, Android Bitcoin wallets are unsafe.

    Let me explain. Bitcoin relies on public/private cryptography to protect its virtual currency and transactions. This means that devices that support Bitcoin have to regularly generate public and private keys. The algorithms used to create these keys rely on an element of randomness. If you don’t add enough randomness to the equation, your keys become weaker and easier to predict. Computing devices rely on Randon Number Generators (RNG) to try and create random elements. Unfortunately, creating, random numbers on computer is a fairly difficult problem, since they are very ordered and systematic systems. Usually, computers can only generate psuedorandom numbers.Anyway, it turns out that most Android Bitcoin wallets rely on a particular Java class to create the random numbers necessary to generate private keys. More to the point, this Java class is not good at randomness. This means the private key it generates are much easier to crack than they should be… and this isn’t a theoretical flaw either. Attacker have already exploited it to steal at least 55 Bitcoin, which are worth over $5000 US dollars.

    So what can you do? If you use an Android Bitcoin wallet, you should at least temporarily setup a wallet on another device (preferably a traditional computer) and transfer all your Bitcoin to that wallet. Over the next few weeks and months, Android Bitcoin apps should update to fix this problem. Once they do, you can transfer your Bitcoin back to your Android device. As an Aside, there have also been a number of stories this week about governments and banks starting to look into Bitcoin regulation, and closing Bitcoin accounts. If you’re a Bitcoin user, you may want to consider that governments may try to start and regulate the currency.

Direct YouTube Link: http://www.youtube.com/watch?v=KVxUHCdVM9c (Runtime: 00:30)

Extra Stories:

— Corey Nachreiner, CISSP (@SecAdept)

Follow

Get every new post delivered to your Inbox.

Join 7,888 other followers

%d bloggers like this: