Railway Hacks, VideoConferencing Espionage, and Security Professionals Gone Bad
Another week, another WatchGuard Security Week in Review. While this week wasn’t quite as action packed as last, there’s plenty of security stories to cover in this episode. I summarize them in the brisk video below (runtime: 6:03 minutes).
If you prefer text to moving pictures, you can also find a quick descriptions of these stories, as well as reference links, underneath the video. Let us know what you think in the comments.
Episode References:
- Anonymous continues their online riot, taking down more recording industry sites, and defacing a US government internet security site:
- TSA claims Pacific Northwest railways fell victim to a cyberattack:
- US railway signals disrupted by cyberattack – InfoSecurity
- DHS later denies the attack – eWeek
- HD Moore discloses security risk with videoconferencing systems:
- Cameras open boardroom to hackers – New York Times
- Microsoft accuses ex-antivirus employee of creating Kelihos botnet:
- Botnet maker worked for security companies – Computer World
- Symantec warns customers to stop using PC Anywhere due to vulnerability:
- Google Releases a Chrome security update:
- Google patches serious Chrome bugs – ComputerWorld
- EXTRA: Attackers are exploiting recent Windows Media vulnerability (MS12-004). This late breaking story didn’t make the video, but I felt I should include it here:
- Hackers pounce on Media Flaw – ZDNet
— Corey Nachreiner, CISSP (@SecAdept)
Good tip on the US-CERT advisory. I wasn’t aware of that.
Thanks.. It’s somewhat useful to sign up for US-CERT’s emails if you are interested. On some vendors issues, they have alerts a bit behind, but sometimes they also alert on overall issues that others don’t.
Cheers