WatchGuard Security Week in Review: Episode 32 – UDID Leaks and Java Updates

UDID Leak, Java Attack Updates, and Hacktivist breaches

A few years ago, we’d be lucky to see one major information security story in the news each week. Now, we consistently see more security news than the average IT guy can keep up with. If you’re looking for a quick summary of the most important information and network security news, you’ve come to the right place.

This week’s episode covers two updates to last week’s zero day Java exploit, three stories about hacktivist breaches (including on that involves iPhones and the FBI), and an early notification about next week’s Microsoft Patch Day. I even introduce a new virtualization OS that might excite some security professionals. If you’re interested in the latest security news and tips, press play below.

Since I try to summarize these stories quickly, I often forgo some details. If you want the whole scoop, make sure to check the links below. I’d also appreciate you sharing your comments and questions below, if you have any. If you do have questions, I’ll be sure to read and answer them in an upcoming episode.

(Episode Runtime: 11:29)

Direct YouTube Link: http://www.youtube.com/watch?v=KQcHk5kjo7s

Episode References:

• Java Zero Day Updates
  • Apple releases OS X Java Updates – WatchGuard Security Center
  • Security Exploration finds new flaws in Java update – Macworld
• Hacktivists breach news
  • Antisec claims to have stolen UDIDs from FBI – Gizmodo
  • FBI denies the Antisec claim – Mashable
  • Obama’s UDID may be in the list – Mashable
  • Nullcrew hacks a Sony mobile web site – ZDnet
  • Sony confirms Nullcrew breach – Security Week
  • Hacktivists claim to have stolen Mitt Romney tax return – CNet
• Microsoft patch notification for September – WatchGuard Security Center
• Microsoft warns about certificate handling changes  – Network World
• Introduction to Qubes OS – Invisible Things Blog
• Download Qubes OS – Invisible Things Labs
• Extra Stories
  • New HTTPS attack from the BEAST team  –  The Register

— Corey Nachreiner, CISSP (@SecAdept)

Share This: