IE 0day, Bank Attacks, and Massive Apple Update
Are you too busy to follow security news yourself, but would like quick updates about the latest attacks, vulnerabilities, and trends? Then WatchGuard Security Week in Review is for you. In this weekly video (posted every Friday), I quickly summarize the biggest information and network security news. Rather than let your busy schedule keep you in the dark, give this short recap video a try.
Today’s episode covers a major zero day vulnerability in Internet Explorer (IE), a bunch of security updates for Macs and iOS devices, and a few stories about attackers targeting banks. If you manage Windows systems, it’s worth a watch for the IE vulnerability alone.
As an aside, I’ve been traveling in Europe all this week, so I had to produce this episode quickly, from my hotel room, on my iPhone. The quality is not quite up to its normal par, and due to my schedule, I had to skim over a few details and skip a few stories. However, if you are interested in more information, or would like to see some of the stories I didn’t mention in the video, be sure to check out the Reference section below.
Finally, if you have suggests for what you’d like to see in future episodes, let me know in the comments.
(Episode Runtime: 5:40)
Direct YouTube Link: http://www.youtube.com/watch?v=AqN8zgFj5z8
Episode References:
- IE Zero Day Vulnerability
- WatchGuard IE zero day alert – WGSC
- Microsoft releases FixIt – WGSC
- Microsoft Security Advisory – Microsoft
- Original researcher’s blog post on IE 0day – Eric Romang
- WatchGuard IE zero day alert – WGSC
- OS X, Safari, and iOS security updates – WGSC
- FBI warns of targeted bank attacks – NBC News
- Hacktivists/cyberterrorists DDoS Bank of America – Gizmodo
- Follow up attack on Chase Bank – Gizmodo
- Extra Stories
- Romanian attackers plead guilty to Subway PoS hack – Net Security
- New Flame analysis – Network World
- New TDL-4 variant infects Fortune 500s – Computer World
- Researchers DoSes bank PBX – The Register
- Sophos detects itself as malware – Network World
- Oracle DB suffers password cracking flaw – Ars Technica
— Corey Nachreiner, CISSP (@SecAdept)
Leave a Reply