• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

WatchGuard Security Week in Review: Text Version

July 22, 2012 By Corey Nachreiner

As you probably noticed, I did not post a WatchGuard Security Week in Review episode this week. An extremely busy travel schedule, and a day off to run a long distance race with the WatchGuard team, made it impossible for me to record and produce my weekly video. But don’t worry… The weekly security recap video will return next week with a special episode.

I am attending the Blackhat Vegas security conference next week. Blackhat Vegas and Defcon (which falls on the same week) are two of the biggest security conferences of the year. Security researchers often disclose major breaking research and vulnerabilities during these exciting shows. You can look forward to an “on the road” edition of my weekly video next Friday, and it’ll likely include some big stories from Blackhat.

In the meantime, I won’t leave you hanging for your weekly security news fix. Below, you’ll find a bulleted-list, which quickly summarizes many of this week’s most interesting security stories. See you next week.

  • Oracle Quarterly Patch Day, July 2012 – On Tuesday, Oracle posted their quarterly patch update for July. They fixed 87 security vulnerabilities in many of their popular products. If you use Oracle software, you should check their CPU advisory and apply the necessary updates.
  • Rumored Android botnet may just be Yahoo MitM attack – Last week’s video, warned you about a potential new botnet might affect Android devices. Microsoft and others noticed spam coming from Android devices via Yahoo, and thought an android botnet may be involved. It turns out these emails may be the result of a Man-in-the-Middle (MitM) attack on Yahoo email from public hotspots.
  • Android 4.1 Harder to Hack – Various researchers have pointed out that Google’s upcoming Android Jellybean update (4.1) will make Android devices harder to hack. This new version implements some OS memory protection features like Address Space Layout Randomization (ASLR) and Data Execution Prevention (DEP) to make memory corruption flaws, such as buffer overflows, harder to exploit.
  • Anonymous is targeting Oil Companies in the Arctic – Anonymous has pointed their guns at oil companies drilling in the Arctic, such as Exxon and Shell. So far they have stolen a bunch of email account credentials.
  • Possible Dropbox breach – Many Dropbox users have complained about spam to their Dropbox accounts, which has the company investigating for a potential network breach. Little else is known yet, but I’ll update you if they find anything relevant.
  • Facebook photo tag spam – Attackers are spamming out a new malware campaign on Facebook. It arrives as a message saying someone has tagged a photo of you on Facebook. If you interact with it, it tries to install malware on your computer. Be wary of any unusual Facebook photo tagging messages.
  • DHS warns of ICS vulnerabilities – The US Department of Homeland Security has warned of vulnerabilities in a popular Industrial Control System (ICS) application called Niagara. If you work at an organization that uses this software, you need to implement the recommended workarounds (see this article).
  • Grum botnet partially disabled – Researchers and authorities have shutdown two of the Command and Control (C&C) servers used by a huge botnet called Grum. The botnet still has two other C&C servers to fallback on, but hasn’t so far. This takedown has significantly lessened email spam, however, botherders often just rebuild their zombie networks. So I wouldn’t expect the spam decrease to last for long.
  • ITWallStreet.com data breach – Attackers claimed to have gained access to 50,000 user records from the IT Wall Street web site. If you use this site, you should changed your password, and monitor your accounts for identity fraud.

— Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Security Bytes Tagged With: Android 4.1, Anonymous, Dropbox, Facebook, Google, Grum, Hacking, ICS, Jellybean, Malware, Oracle, SCADA, Updates and patches, yahoo

Comments

  1. mrs. joseph says

    July 23, 2012 at 12:47 am

    Let me preface this by say, I’m a huge fan of TrueBlood however july 22nd episode is showing a bad direction the show is heading! First why would Russell get back on top again.. Roman should hav stayed longer..secondly why are the afro-americans either enslaved,(I.e.Tara) or alwaz doing stupid acts (I.e. Lafayette)and lastly this guy in Lillys new circle,(he’s very tall n dark)the only one bent over a bar,draining someone blood-by going down on her! Come on now,the directors, producers whoever,can at least make the african american characters hav more of a character and stronger positive look.. Its only about 3 altogether tht has a “major” part! PS please let sookie keep her powers and help save these maniacalvampires..pass this on to the producers,directors and actors.Thank you. And I know I’m not important,but it is something to think about,bcuz TrueBlood has a diverse group of followers.

    Reply
    • Corey Nachreiner says

      July 23, 2012 at 9:30 am

      heh… I think you have the wrong blog for that comment. ^_^

      Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • US National Cybersecurity Strategy
  • Cybersecurity’s Toll on Mental Health
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • Here Come The Regulations

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Here Come The Regulations
  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • Cybersecurity’s Toll on Mental Health
  • Successfully Prosecuting a Russian Hacker
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use