Tag Archives: Anonymous

Defensive Security Podcast Episode 44

Another tip from Bob; Anonymous blamed for stealing US Department of Health and Human Services Data; Cupid Media loses 42M unencrypted passwords in a breach they apparently did not disclose; Looking at a Ponemon study about views of IT security staff; Botnet take downs might be more marketing than helpful; New malware uses I2P for C&C; A longer than expected discussion on Stuxnet.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email

Anonymous government hacks: http://www.reuters.com/article/2013/11/15/us-usa-security-anonymous-fbi-idUSBRE9AE17C20131115

http://krebsonsecurity.com/2013/11/cupid-media-hack-exposed-42m-passwords/

http://blogs.technet.com/b/mmpc/archive/2013/11/20/carberp-based-trojan-attacking-sap.aspx

http://sophos.files.wordpress.com/2013/11/2013-ponemon-institute-midmarket-trends-sophos.pdf

http://www.networkworld.com/news/2013/112013-expert-botnet-takedowns-are-about-276161.html

Block TOR and i2p: http://www.infoworld.com/d/security/cyber-crime-forum-advertises-financial-malware-uses-stealthy-i2p-communications-231410

Brief mention of the stuxnet report: http://www.langner.com/en/wp-content/uploads/2013/11/To-kill-a-centrifuge.pdf

Defensive Security Podcast Episode 6

Suggestions to podcast@defensivesecurity.org

News:

  • ISD Podcast shuts down
  • Noticeable uptick in phishing attacks recently, leading to various exploit kit web sites
  • Yet another Java update.  Oracle seems to have gotten the message.
  • Combofix, a free tool for removing certain kinds of malware, was infected with Sality
    • Do not download repackaged software from other file hosting sites.  Bad!
  • Cisco released it’s 2013 security report.
    • Legitimate sites much more likely to be malicious than traditional pornography
    • Ad networks and content delivery networks worst offenders
  • Anonymous stole information on 4600 bank executives from a Federal Reserve emergency communication application.