• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

WatchGuard Security Week in Review: Episode 26

July 13, 2012 By Corey Nachreiner

Multi-platform Malware, MS Gadget Flaw, and More Password Leaks

No time to follow the security news this week? Let my weekly video fill you in.

Today’s episode includes all the software updates for the week (e.g. Microsoft Patch Day), two more vendor password leaks, some interesting android and multi-platform malware, and an unpatched Microsoft Gadget vulnerability.

This week was so news-packed that I couldn’t cover every interesting or important security story in the video. If you want to check out the stories I skipped, or just prefer reading over watching, scroll down to the Reference section below for links to this week’s stories.

Finally, feel free to share your security tips, favorite security stories, or any other feedback in the comment section.

Production Note: Unfortunately, I felt like I had every post production problem possible this week. A cord issue killed my audio, and forced me to re-record many segments, so please excuse the slight difference in audio during the video. I’m also posting this late since I had a software crash that forced me to re-edit half the video. The joy of modern technology, eh?

(Episode Runtime: 9:59)

Direct YouTube Link: http://www.youtube.com/watch?v=EoS9S2WvPBY

Episode References:

  • Software Updates:
    • Microsoft Patch Day
      • Patch Day summary – WGSC
      • IE update – WGSC
      • Consolidated Windows alert – WGSC
      • Consolidated Office alert – WGSC
    • Chrome 20 security update – ZDNet
    • Cisco patches
      • Cisco Telepresence Endpoint devices alert – Cisco
      • Cisco Telepresence Manager alert – Cisco
      • Cisco Telepresence Multipoint Swith alert – Cisco
      • Cisco Telepresence Recording Server alert – Cisco
    • EXTRA: Oracle Patch coming next Tuesday  – Infoworld
  • Password/Credential Leaks
    • FormSpring password Leak –  Mashable
    • Yahoo password hack –  Washington Post
    • EXTRA: Billabong.com password leak –  Ars Technica
    • EXTRA: Phandroid forum password leak –  ZDNet
    • EXTRA: Nvidia forums data breach –  Nvidia
  • Interesting Malware
    • Multi-platform web-based malware attack –  Ars Technica
    • Android remote payload malware – MSNBC
    • EXTRA: Warp trojan leverages ARP poisoning –  Network World
  • Unpatched Microsoft Gadgets vulnerability – Microsoft
  • Extra Stories:
    • BMW hardware hacks help car theives – ZDNet
    • Serious unpatched Tumblr XSS vulnerability – Riyaz Walikar
    • Facebook adds security checkpoints – Mashable

— Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Security Bytes Tagged With: Apple, Cisco Telepresence, formspring, Google, Hacking, Malware, Microsoft, Microsoft Gadget, password leak, passwords, trojan, Updates and patches, yahoo

Comments

  1. Tommie says

    December 8, 2012 at 4:20 am

    Hi to all, how is all, I think every one is getting more from this
    web page, and your views are nice in support of new viewers.

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • Here Come The Regulations
  • Cybersecurity’s Toll on Mental Health

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • The NSA’s Guidance on Securing Authentication
  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
  • US National Cybersecurity Strategy
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use