• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

WatchGuard Security Week in Review: Episode 52 – China APT1

February 25, 2013 By Corey Nachreiner

China APT1 Attackers and Java 0day Breaches

Welcome to another week of InfoSec news. If you’re subscribed to the YouTube channel directly, you probably noticed I posted last week’s video late last Friday. Unfortunately, I was catching a plane at the time, so I decided to wait until today to post the video blog entry. If you missed any of last week’s big information and network security news, you’ve come to the right place.

This week’s “on the road” episode covers Apple and Facebook network compromises, the zero day Java exploit that caused them, and one security company’s research alleging the Chinese government is behind many recents advanced persistent threat (APT) attacks. I also recommend some critical updates for Windows, Linux, and OS X users, so make sure to watch below.

This week I’ll be attending the RSA security conference, and recording another episode on the go, which means I may also post next week’s episode earlier or later than normal depending on my travel and event schedule. Until then, thanks for watching and stay frosty out there.

(Episode Runtime: 6:39)

Direct YouTube Link: http://www.youtube.com/watch?v=MolGboEK7nE

Episode References:

  • Facebook network breach (due to Java issues) – CBR Online
  • Apple employees infected by Malware – The Guardian
  • iPhonedevSDK site responsible for Java malware attacks – InfoWorld
  • Java updates for Windows and Mac due to attacks – WGSC
  • Mandiant China APT1 report (PDF) – Mandiant
  • Not everyone agrees with Mandiant research – Jeffrey Carr Blog
  • Mandiant video of supposed APT attack – The Next Web
  • EXTRAS
    • Many Corp. Twitter accounts hijacked – ComputerWorld
    • NBC web site temporarily hijacked? – Reuters
    • VMware may start scheduling alerts – The Register
    • Microsoft affected by malicious Java attack too – Forbes
    • Adobe patches previous 0day reader vulnerabilities – Adobe

— Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Security Bytes Tagged With: Adobe, Android malware, Anonymous, DroidCleaner, Federal Reserve Bank, Hacked, Hacking, Honeywell, ICS, Infosec news, Malware, Microsoft, oday, OpLastResort, SCADA, Security breach, Software vulnerabilities, Updates and patches, Zero day exploit

Comments

  1. Alexander Kushnarev (Rainbow Security) says

    March 2, 2013 at 6:55 am

    Ambiguous feeling after reading Mandiant’s report. My personal adore of analytics and precise evidences will not allow me to make damning verdict or acquittal because of:
    1. Too many careful sentences and phrases – “None of the information in this report involves access to or confirmation by classified intelligence”, “APT1 is likely government-sponsored”, “however, we believe it engages in harmful “Computer Network Operations””, “Unit 61398 is staffed by hundreds, and perhaps thousands”. So many “likely”, “maybe”, “perhaps”, “we believe” etc. per one analytical report. Or it’s not analytical?
    2. Interesting material with photos, list of domain names, IP-addresses, describing methods of attacks and so on. Very cognitive from technical point of view, but ones again – not too many “maybe” in the beginning of report?

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • Here Come The Regulations
  • Cybersecurity’s Toll on Mental Health

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use