Tumblr Worm, Spoofed Tweets, and Madcap McAfee
Wow. I knew information security news was picking up over the past few years, but lately it seems like our own little industry reality show; complete with mysterious murders, border-crossing heists, and random heart attacks (not to mention, colorful personalities).
This week’s security news episode covers updates on the John McAfee melodrama, news of a fast-spreading Tumblr worm, and a Twitter SMS spoofing issue that can allow attackers to hijack your tweets. It also informs you about the latest important software vulnerabilities and updates. If you’d like a short video to quickly fill you in on the biggest security headlines from the week, click play below.
Of course if video isn’t your thing, you can also read about these stories using the helpful reference links I’ve provided. I’ve even thrown in a few extra news items for your enjoyment.
Let us know what you think in the comments, and see you next week.
(Episode Runtime: 12:41)
Direct YouTube Link: http://www.youtube.com/watch?v=9Cwvuz_TpXM
Episode References:
- Story Updates
- Parastoo steals more from IAEA than first suspected – PasteBin
- Photo EXIF data reveals John McAfee’s location – Naked Security Blog
- John McAfee has heart attacks in Guatemalan Jail – Huffington Post
- Software Vulnerabilities and Updates
- Kingcope finds many MySQL Vulnerabilities – Slashdot
- IPv6 DoS flaw in Bind – The H-Online
- December Microsoft Patch Day notification – WGSC
- Tumblr worm caused by XSS flaw – Help Net Security
- Twitter SMS Spoofing allows rogue tweets – Threat Post
- Extra Stories
- Anonymous targets the ITU – Network World
- Obama signs the Safe Web Act – Engadget
- Foreign attackers target ex-US Gov. Official – Reuters
- Japanese NASA (JAXA) hit by hackers again – Network World
- CIA and MI6 get pwned – ZDNet
- More Mac Dalai Lama Malware – Ars Technica
- Anonymous targets the ITU – Network World
— Corey Nachreiner, CISSP (@SecAdept)
As always, Corey, a top presentation