• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

WatchGuard Security Week in Review: Episode 54 – Nuke Hackers

March 8, 2013 By Corey Nachreiner

Pwn2Own, Evernote Breach, and Nuke Cyber Attackers

Want a quick way to catch up on weekly information and network security (InfoSec) highlights? Well you’ve found the right place. In this episode of our InfoSec summary video, I talk about Evernote’s 50 million user data leak, web browsers falling to the Pwn2Own contest, and a U.S. government document that talks about nuclear retaliation against cyber attackers. Click play below for all the details, and check the Reference section for stories and links associated with the video.

If you have any suggestions, comments, or questions, leave them in the comment section. Meanwhile, stay safe out there.

(Episode Runtime: 7:27)

Direct YouTube Link: http://www.youtube.com/watch?v=ROG2LDBZZ9E

Episode References:

  • Evernote breached, 50 million customer credentials leaked – CRN
  • More Java Security Issues:
    • Another emergency Java update – WGSC
    • Java Exploit Kit sold in the wild – v3.co.uk
    • Java Exploit leverages stolen digital certificate – CRN
  • All the browsers fall at Pwn2Own – Computer World
  • Google releases Chrome 25 security update  – Chrome release blog
  • Mozilla releases Firefox 19.0.2 – Mozilla
  • U.S. DoD considers nuclear retaliation to cyber attacks – Gizmode
  • Resilient Military Systems and the Advanced Cyber Threat [PDF] – OSD.mil
  • EXTRAS
    • Bitcoin heist results in 12K loses – Wired
    • Living without Java, Reader, and Flash – PCWorld
    • Google releases details about FBI info requests – Forbes
    • Freeze and Android phone to crack file encryption – Computer Weekly

— Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Security Bytes Tagged With: Adobe, Chrome, cyber war, DoD, Evernote, firefox, Hacked, Hacking, Infosec news, Internet Explorer, Malware, nuclear retaliation, oday, Oracle, pwn2own, Reader, Security breach, Software vulnerabilities, Updates and patches, Zero day exploit

Comments

  1. Alexander Kushnarev (Rainbow Security) says

    March 14, 2013 at 1:54 pm

    Regarding “old painful theme” – Java. If everything was so easy, as Brad Chacos supposed in article “How I ditched the security risks and lived without Java, Reader, and Flash” (link in the extras for this video, named “Living without Java, Reader, and Flash”).. just like “remove JAVA, most people don’t need it”…
    And if on the home PC you can avoid Java in most cases – a huge number of production networks WILL NOT BE ABLE to avoid it not today, not in the nearest future. A famous products from a number of leading software vendors use Java, and WILL be based on it for a long time. A software product lines from IBM (Tivoli) and Microsoft (System Center), for example.
    Not so easy for modern networks, as it can be imagine…

    Reply
    • Corey Nachreiner says

      March 25, 2013 at 10:35 am

      I agree. Unfortunately, even I still have many local applications, and internal web apps, that require Java. Is suspect consumers may be able to live without Java, but businesses will be harder pressed to drop it (Meanwhile, businesses might be able to live without Flash, but consumers really use it a lot).

      My latest solution is to disable Java by default in the browser by either using plugins like NoScript and Notscripts, or it’s new inbuilt functionality.

      Reply
  2. Alexander Kushnarev (Rainbow Security) says

    March 14, 2013 at 1:54 pm

    Regarding “old painful theme” – Java. If everything was so easy, as Brad Chacos supposed in article “How I ditched the security risks and lived without Java, Reader, and Flash” (link in the extras for this video, named “Living without Java, Reader, and Flash”).. just like “remove JAVA, most people don’t need it”…
    And if on the home PC you can avoid Java in most cases – a huge number of production networks WILL NOT BE ABLE to avoid it not today, not in the nearest future. A famous products from a number of leading software vendors use Java, and WILL be based on it for a long time. A software product lines from IBM (Tivoli) and Microsoft (System Center), for example.
    Not so easy for modern networks, as it can be imagine…

    Reply
  3. justhost coupon says

    November 28, 2013 at 12:02 am

    Right here is the perfect blog for anyone who would like to find out about this topic.

    You realize so much its almost tough to argue
    with you (not that I actually would want to…HaHa).
    You certainly put a fresh spin on a subject that has been written about for decades.
    Wonderful stuff, just wonderful!

    Reply
  4. justhost coupon says

    November 28, 2013 at 12:02 am

    Right here is the perfect blog for anyone who would like to find out about this topic.

    You realize so much its almost tough to argue
    with you (not that I actually would want to…HaHa).
    You certainly put a fresh spin on a subject that has been written about for decades.
    Wonderful stuff, just wonderful!

    Reply
  5. Free Rp Generator no survey says

    July 2, 2014 at 6:15 pm

    As a jungle he is one of my favorite pick due to his bandage toss ability where you close
    the distance between you and enemy champions.
    This is achieved by earning gold from killing minions and enemy champions to acquire better items.
    Then he asked if I could be choked with a deep Judo rear choke, applied with the
    GI.

    Reply
  6. Free Rp Generator no survey says

    July 2, 2014 at 6:15 pm

    As a jungle he is one of my favorite pick due to his bandage toss ability where you close
    the distance between you and enemy champions.
    This is achieved by earning gold from killing minions and enemy champions to acquire better items.
    Then he asked if I could be choked with a deep Judo rear choke, applied with the
    GI.

    Reply
  7. new wtfast crackeado says

    August 8, 2014 at 1:38 am

    Write more, thats all I have to say. Literally,
    it seems as though you relied on the video to make your point.

    You definitely know wwhat youre talking about, why throw away your intelligence on just posting vidros
    to your blog whe you could be giving us something informative to
    read?

    Reply
  8. new wtfast crackeado says

    August 8, 2014 at 1:38 am

    Write more, thats all I have to say. Literally,
    it seems as though you relied on the video to make your point.

    You definitely know wwhat youre talking about, why throw away your intelligence on just posting vidros
    to your blog whe you could be giving us something informative to
    read?

    Reply
  9. wtfast trial Reset says

    October 3, 2014 at 10:27 am

    I’m impressed, I must say. Seldom do I encounter a blog that’s both educative and interesting, and without a doubt,
    you have hit the nail on the head. The issue is something that not enough folks are speaking intelligently about.

    Now i’m very happy I came acfross this in my hunt for something regarding this.

    Reply
  10. wtfast trial Reset says

    October 3, 2014 at 10:27 am

    I’m impressed, I must say. Seldom do I encounter a blog that’s both educative and interesting, and without a doubt,
    you have hit the nail on the head. The issue is something that not enough folks are speaking intelligently about.

    Now i’m very happy I came acfross this in my hunt for something regarding this.

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • Here Come The Regulations
  • An Update on Section 230

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • 3CX Supply Chain Attack
  • The NSA’s Guidance on Securing Authentication
  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use