WatchGuard Security Week in Review: Episode 44 – Ar.Drone Virus

Ar.Drone Virus, Skynet Bot, and #ProjectWhiteFox

Despite the upcoming holiday season, information security (infosec) news hasn’t slowed, with plenty of interesting new infosec stories this week. If you want a quick recap of the highlights, check out our short video below.

In this episode, I cover a few breaches—including one that affected an exploit vendor—a botnet that leverages Tor to hide its communications, and a virus that wirelessly infects remote control quadricopters. If you’re passionate about infosec, this was a pretty entertaining and interesting week.

As always, I share links to written versions of these stories in the Reference section below. I had to keep this week’s episode short due to other events, so I’ve also included links to many other stories I couldn’t cover in the video. Be sure to check them out.

As an aside, if you’ve been waiting for December’s promised Radio Free Security episode, which unveils our 2013 Security Predictions, I’ll post it early next week.

(Episode Runtime: 9:03)

Direct YouTube Link: http://www.youtube.com/watch?v=XrEEO7S1mn8

Episode References:

• Breaches
  • Ghostshell’s #ProjectWhiteFox Gov. Breach – PasteBin
  • Exploit Hub’s website hacked by Inj3ct0r team – Computer World
• Skynet botnet uses Tor C&C – Rapid7 Blog
• Skynet bot herder does Reddit AMA – Reddit
• UGNazi claims credit for Gmail and Facebook downtime – The Hacker’s Blog
• Fun Stories
  • John Mcafee extradited to Miami – The Register
  • Humorous story about photographing Mcafee in Miami – CNet
    
  • AR.Drone infected by virus at DroneGames – Gizmodo
• Software Updates
  • MS Exchange update – WGSC
    
  • MS IE update – WGSC
  • MS Word update – WGSC
  • MS Windows updates – WGSC
  • Adobe Patch Day updates – WGSC

• Extra Stories
  • Revuln announces Samsung SmartTV exploit – Betabeat
    
  • Australian medical center held hostage to ransomware – Help Net Security
  • Zynga CEO’s twitter feed hacked – Fast Company
    
  • IE cursor tracking vulnerability – The Register
  • Hackers pwn ICS heating system – Boing Boing
  • Malware targets POS systems – The Register
  • New Mac trojan installs Fake SMS malware – TechNet
  • Pakistani Web site hacker interview – Tech Crunch
  • Windows 8 password reset is local only – Geek.com
  • FBI arrests 10 bot herders (with Facebook’s help) – CBR

— Corey Nachreiner, CISSP (@SecAdept)