Adobe warns customers of a Cold Fusion 0day, Washing courts owned by that 0day, web servers found compromised with the Cdorked/Darkleech, critical vulnerability in Nginx, Anonymous’ opUSA turned out to be a bunch of nothing, too many admins is bad for security, Name.com gets compromised, The Onion’s twitter feed is compromise by the SEA, slippery slope of BYOD and Google’s plans for authentication.
This week: Twitter warns news agencies of attacks and to use dedicated PCs for using twitter, the US department of Labor website was compromised and serving up an 0day for IE8, 18 12-13 year olds in Alaska socially engineered passwords for 300 computers out of their teachers, iOS did NOT have a malicious app discovered, AV vendors are starting to shun Windows XP, 7 elements of a successful security awareness program, and the unforeseen impacts of cyberwar.
In this episode, another Java 0day, Symantec’s Q1 2013 0day roundup, the Akamai State of the Internet report, the Verizon 2013 DBIR, AP’s twitter feed hack, and cyber terrorists.
This week: Twitter account hacks highlight opportunity for exploitation by attackers, Microsoft and Malwarebytes both release bad patches, Oracle releases a Java patch which fixes 42 security bugs, Oracle announces that Java 8 is delayed due to the focus on Java 7, a new botnet is being created by compromising WordPress installations for some unknown purpose, Linode was compromised in an attack targeted at some Linode customers, Microsoft finds a trojan that cleans up after itself in the next wave of anti-forensics, the Boston marathon bombing and West, Texas explosions see many phishing scams leading to malware installations, spam is down, targeted attacks via email are up, Microsoft released it’s second half 2012 Security Intelligence Report with some odd mixes of data, Microsoft releases EMET 4.0 beta, and a former employee has been charged with planting back doors on 2723 Hostgator servers.
I’ll be picking someone to give an e-copy of @Taosecurity’s new book “The Practice of Network Security” who sends me an email with feedback on the show.
Encrypt your drives, eve. If you don’t think the computer will leave the office: http://feedly.com/k/ZM172z
Spate of MS and Adobe patches fix numerous remote code execution and priv escalation bugs
SEC filings seem to disagree with the growing furor over cyber attacks: http://feedly.com/k/ZM1IRB
Interesting Writeup by ESET on sink holing the zortob.b botnet http://www.welivesecurity.com/2013/03/08/sinkholing-trojan-downloader-zortob-b-reveals-fast-growing-malware-threat/
– common phishing emails emanating from it at the rate of 80m per hour Continue reading “Defensive Security Podcast Episode 10”
Episode 9 – From Las Vegas
Comments/questions/hate mail to info@defensivesecurity.org
Follow podcast on twitter @defensivesec
DDOS attack on Bank of the West masked a $900,000 theft from the account of Ascent Builders. http://krebsonsecurity.com/2013/02/ddos-attack-on-bank-hid-900000-cyberheist/
Bible.org- https://isc.sans.edu/diary/When+web+sites+go+bad%3A+bible+.+org+compromise/15250
Site compromised – serving malware, had rudimentary defense against automated analysis
Bit9 update: https://blog.bit9.com/2013/02/25/bit9-security-incident-update/
– kudos to bit9 for transparency and disclosure – hopefully works in their favor