RSA 2013: Big Data, Chinese APT, and User Awareness
This week’s InfoSec news video comes from the 2013 RSA Security Conference in San Francisco. As such, much of the episode covers the major themes from the show flow. However, cyber attackers don’t take a break just because the security industry is having a pow-wow. I also cover other big stories from the week, including an emergency Flash update, a cPanel breach, new nation-state malware, and even an HTML5 trick than can fill you hard drive. Check out the episode below.
As always, feel free to browse the Reference section for more details on any of these stories, and thanks for watching. Comment if you have any suggestions.
(Episode Runtime: 10:11)
Direct YouTube Link: http://www.youtube.com/watch?v=AJbDQnkUToE
Episode References:
- RSA-related Articles:
- Big Data helps and hinders security – ComputerWorld
- We need more user security education – v3.co.uk
- How to stop China hacking – CRN
- China claims the US attacks their military sites – Phys.org
- Emergency Flash Patch Fixes 0day – WGSC
- Researchers find two more Java 0day – ZDNet
- cPanel support server breached, credentials stolen – The Register
- Miniduke APT blog post [and PDF report] – Securelist Blog
- FillDisk HTML5 (LocalStorage) hack – Jeffrey Carr Blog
- EXTRAS
- Australia teen raided for gaming network hacks – ComputerWorld
- Stuxnet may have existed in 2005 – NetworkWorld
- Anonymous leaks BoA data, supposedly via a third party – ComputerWorld
- Australia teen raided for gaming network hacks – ComputerWorld
— Corey Nachreiner, CISSP (@SecAdept)
Both Kaspersky Lab and CrySyS Lab found very professional crafted malware (MiniDuke). Just think about it this way – how many efforts of professional coders (I think it was not created by a single person) were spent to create such “chain of worklogic”: using 0-day vulnerability as transport, 3 stages of infection (using 20KB downloader, created on assembler, at 1st stage), using Google search and Twitter as a pointers to the next piece of malware, highly obfuscated code, 4 C&C servers in different countries, self-generated and polymorphous body-files and various masquerading memorandums inside PDF? Looks like hacker’s team work. If only such peoples work for professional security companies – their great talent wasn’t used in so destructive manner.
Yup.. miniduke was impressive. Have you read about the new South Korean malware (deleted drives). Not that advanced, but still interesting.
Good day I am so glad I found your site, I really found you by mistake, while I was looking on Yahoo for something else, Nonetheless I am here now and would just
like to say kudos for a marvelous post and a all round thrilling blog (I also love the theme/design),
I don’t have time to read it all at the moment but I have saved it and also added your RSS feeds, so when
I have time I will be back to read much more, Please do keep up the superb b.
My spouse and I stumbled over here different web address and thought I
may as well check things out. I like what I see so now i’m following you. Look forward to looking at your web page for a second time.