• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

WatchGuard Security Week in Review: Episode 42 – Vulnerability Markets

November 30, 2012 By Corey Nachreiner

Vuln Market 0day, Printer Backdoors, and Downed Internet

We’re back from hiatus. After a two week break, our weekly security news podcast has returned.

This week’s episode covers interesting new malware that leverages new command & control channels or targets specific victims, lots of zero day exploits being sold on vulnerability markets, a security industry murder mystery, and much more. If you’d like the latest information security updates, watch below.

As always, I’ve also included a Reference section, which contains links to all the stories mentioned in the video, as well as a few extra ones. Don’t forget to leave your feedback in our comments section.

Enjoy the show, and see you next week.

(Episode Runtime: 11:41)

Direct YouTube Link: http://www.youtube.com/watch?v=_DW3EcXbFlM

Episode References:

  • South Carolina SSN Breach Investigation results – SC Government
  • New Malware
    • Malware uses Google Docs & Drive for C&C – Computer World
    • Malware targets Iran and corrupts MSSQL DB fields – Gizmodo
  • Vulnerability Markets
    • Yahoo Mail 0day for sale – Naked Security blog
    • Java 0day for sale – SC Magazine
    • Revuln to auction off SCADA vulnerabilities – eWeek
  • US-CERT warns of Samsung printer backdoor – US-CERT
  • Hacktivists Breach UN atomic agency’s servers – NBC News
  • UN atomic agency breach PasteBin post – PasteBin
  • Syria mysteriously drops from the Internet – NBC News
  • UPDATE: Syria Internet blackout likely caused by government despite claims otherwise – CNN
  • UPDATE: Anonymous reacts to Syria Internet blackout – CNet
  • John McAfee wanted for questioning in murder case – Huffington Post
  • Extra Stories
    • Consumer routers vulnerable to email hack – Acunetix Blog
    • French claim Sarkozy’s office affected by Flame – Ars Technica
    • Ebay fixes two web application flaws – ZDnet
    • Xtreme RAT targets governments – Computer World
    • Major Domains hijacked in Romania – TechWorld

— Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Security Bytes Tagged With: Adobe, Anonymous, Apple, Fawkes Day, graveyard virus, Hacking, Infosec news, Malware, Microsoft, Paypal, quicktime, Security breach, Software vulnerabilities, source code, spear phishing, Twitter, Updates and patches, video, VMware, Zero day exploit

Comments

  1. Alexander Kushnarev says

    December 1, 2012 at 9:00 pm

    Thank you, Corey. Very interesting review, especially about embedded backdoor in Samsung 🙂 I think it was created for the troubleshooting, but of course, can be used in a different ways.

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • Here Come The Regulations
  • Successfully Prosecuting a Russian Hacker

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use