Flash Exploit, ICS Hacks, and Federal Reserve Bank Breach
We’ve had another busy week of security news, with more stories than I can cover in a short video. So I’ll stick to the highlights. Today’s episode talks about a couple Adobe Flash zero day vulnerabilities, the latest Anonymous hijinks, some cross-platform mobile malware, and more. If you missed this week’s InfoSec news, and want to learn about the biggest stories (including how to defend against the latest attacks), click the play button below. Also, check out the Reference section for links to some other interesting security stories I skipped.
Enjoy your weekend, and stay frosty out there.
(Episode Runtime: 8:03)
Direct YouTube Link: http://www.youtube.com/watch?v=B6YdI3NGwlg
Episode References:
- February Microsoft Patch Day brings a dozen bulletins – WGSC
- Zero day Adobe Flash vulnerabilities in the wild – WGSC
- Anonymous breaches Federal Reserve site and leaks Banker PII – ZDNet
- Radio Free Security episode including Aaron Swartz/Anonymous story – WGSC
- Lucky 13 SSL and TLS crypto weakness – Ars Technica
- DroidCleaner cross-platform android malware – Gizmodo
- Building ICS software vulnerabilities can affect elevators, boilers, and more – Wired
- EXTRAS
- US Department of Energy breached – Help Net Security
- Beebus: New advanced malware (APT?) – Computer Weekly
- Citadel authors re-focusing on cyber espionage – McAfee
- EU releases Cyber Security Strategy – Tech World
- US President can order pre-emptive cyber attacks – Computer World
- Microsoft legal team takes down another botnet – Naked Security
- Iran releases hacked US drone footage – Rinf.com
- List of vulnerable routers from last week’s UPnP vulnerabilities – DefenseCode Blog
- BREAKING: Bit9 breached, and Certs stolen for malware – The Register
- US Department of Energy breached – Help Net Security