Multi-platform Malware, MS Gadget Flaw, and More Password Leaks
No time to follow the security news this week? Let my weekly video fill you in.
Today’s episode includes all the software updates for the week (e.g. Microsoft Patch Day), two more vendor password leaks, some interesting android and multi-platform malware, and an unpatched Microsoft Gadget vulnerability.
This week was so news-packed that I couldn’t cover every interesting or important security story in the video. If you want to check out the stories I skipped, or just prefer reading over watching, scroll down to the Reference section below for links to this week’s stories.
Finally, feel free to share your security tips, favorite security stories, or any other feedback in the comment section.
Production Note: Unfortunately, I felt like I had every post production problem possible this week. A cord issue killed my audio, and forced me to re-record many segments, so please excuse the slight difference in audio during the video. I’m also posting this late since I had a software crash that forced me to re-edit half the video. The joy of modern technology, eh?
(Episode Runtime: 9:59)
Direct YouTube Link: http://www.youtube.com/watch?v=EoS9S2WvPBY
Episode References:
- Software Updates:
- Microsoft Patch Day
- Patch Day summary – WGSC
- IE update – WGSC
- Consolidated Windows alert – WGSC
- Consolidated Office alert – WGSC
- Chrome 20 security update – ZDNet
- Cisco patches
- EXTRA: Oracle Patch coming next Tuesday – Infoworld
- Microsoft Patch Day
- Password/Credential Leaks
- FormSpring password Leak – Mashable
- Yahoo password hack – Washington Post
- EXTRA: Billabong.com password leak – Ars Technica
- EXTRA: Phandroid forum password leak – ZDNet
- EXTRA: Nvidia forums data breach – Nvidia
- Interesting Malware
- Multi-platform web-based malware attack – Ars Technica
- Android remote payload malware – MSNBC
- EXTRA: Warp trojan leverages ARP poisoning – Network World
- Unpatched Microsoft Gadgets vulnerability – Microsoft
- Extra Stories:
- BMW hardware hacks help car theives – ZDNet
- Serious unpatched Tumblr XSS vulnerability – Riyaz Walikar
- Facebook adds security checkpoints – Mashable
— Corey Nachreiner, CISSP (@SecAdept)
Hi to all, how is all, I think every one is getting more from this
web page, and your views are nice in support of new viewers.