China APT1 Attackers and Java 0day Breaches
Welcome to another week of InfoSec news. If you’re subscribed to the YouTube channel directly, you probably noticed I posted last week’s video late last Friday. Unfortunately, I was catching a plane at the time, so I decided to wait until today to post the video blog entry. If you missed any of last week’s big information and network security news, you’ve come to the right place.
This week’s “on the road” episode covers Apple and Facebook network compromises, the zero day Java exploit that caused them, and one security company’s research alleging the Chinese government is behind many recents advanced persistent threat (APT) attacks. I also recommend some critical updates for Windows, Linux, and OS X users, so make sure to watch below.
This week I’ll be attending the RSA security conference, and recording another episode on the go, which means I may also post next week’s episode earlier or later than normal depending on my travel and event schedule. Until then, thanks for watching and stay frosty out there.
(Episode Runtime: 6:39)
Direct YouTube Link: http://www.youtube.com/watch?v=MolGboEK7nE
Episode References:
- Facebook network breach (due to Java issues) – CBR Online
- Apple employees infected by Malware – The Guardian
- iPhonedevSDK site responsible for Java malware attacks – InfoWorld
- Java updates for Windows and Mac due to attacks – WGSC
- Mandiant China APT1 report (PDF) – Mandiant
- Not everyone agrees with Mandiant research – Jeffrey Carr Blog
- Mandiant video of supposed APT attack – The Next Web
- EXTRAS
- Many Corp. Twitter accounts hijacked – ComputerWorld
- NBC web site temporarily hijacked? – Reuters
- VMware may start scheduling alerts – The Register
- Microsoft affected by malicious Java attack too – Forbes
- Adobe patches previous 0day reader vulnerabilities – Adobe
- Many Corp. Twitter accounts hijacked – ComputerWorld