• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

WatchGuard Security Week in Review: Episode 57 – 300Gb DDoS

March 29, 2013 By Corey Nachreiner

POS Trojans, Android Spear Phishing, and Record DDoS

Extra, Extra, the Internet almost broke (no it didn’t). Read… View all about it!

Too much security news, and too little time? Let me summarize the highlights for you in my weekly InfoSec recap video. This week I cover two trojans targeting point-of-sale (POS) computers, a few software updates, a targeted spear phishing campaign spreading Android malware, and the record-breaking SpamHaus DDoS attack, which didn’t really break the Internet despite some reports. Click play for the details

There were also a ton of other interesting Infosec tidbits this week, beyond what’s in the video. If you’re interested, check out the Reference section below. Stay frosty out there, and have a Happy Easter weekend.

(Episode Runtime: 9:47)

Direct YouTube Link: http://www.youtube.com/watch?v=sC1zLvbjzI4

Episode References:

  • vSkimmer point-of-sale (POS) trojan – SC Magazine
  • BlackPOS point-of-sale (POS) trojan  – PCWorld
  • Authorities bust a big credit card and POS cyber fraud ring – Computer World
  • Cisco IOS DoS Vulnerabilities Alerts – WGSC
  • Chrome 26 fixes 11 security flaws – Threat Post
  • Tibetian activist spear phishing campaign spreads Android malware – Forbes
  • SpamHaus DDoS attacks break record (300Gbps) – NYT
  • CloudFlare post details SpamHaus DDoS – Cloudflare blog
  • TIP: Check your network for open DNS resolvers – openresolverproject.org
  • Extras:
    • “Skript Kiddie” journalist shows how easy password cracking is – Ars Technica
    • Teenager charges with smart phone hacking – IB Times
    • Adware malware plagues OS X machines – Digital Trends
    • Vulnerability found in Battlefield video game – Tech News Daily
    • Pirated software often carries malware (no duh!) – Tech World
    • Employees ignore security rules – Computer Weekly
    • Cool, yet scary, DSLR camera hacks – Network World
    • Did Stuxnet break international laws? – Help Net Security
    • New cyber legislation proposes harsher penalties – SC Magazine
    • Wisconsin man charges with Anonymous-related LOIC DoS – The Register
    • Microsoft Metro App security updates will not follow Patch Day – Microsoft
    • Linkedin fixes some web application flaws on their site – Tech News Daily

— Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Security Bytes Tagged With: Apple, botnet, Chrome, cisco, DDoS, DNS amplification, DoS, drive-by download, Google, Hacked, Hacking, Infosec news, Malware, open DNS resolver project, POS. Point of Sale, Software vulnerabilities, SpamHaus, spear phishing, Tibetian activists, Updates and patches, vSkimmer

Comments

  1. Alexander Kushnarev (Rainbow Security) says

    March 31, 2013 at 12:01 am

    Wow, a pile of news in this episode. I’ve read the most interesting (from my point of view), and want to share some thoughts as always.
    1. About POS hacking and “virtual skimmers”. In most cases – there is a simple but splendid idea lies behind “innovative hacking technology”. Why cracking 2 000 user’s PCs for PII (inc. cards info)? It’s better to hack 2 POS machines with 2 000 cards info (inc. related PII). I have no doubt, that besides making/sending/analyzing memory dumps from POS software to have Track 1/Track 2 info – cyber criminals will find a way to get EMV data (chip and PIN info), though it is not trivial programming task. That is why “physical” skimmers are still wide used.
    2. DDOS of SpamHaus with answers from recursive DNS servers. Once again – simple but splendid idea lies behind “innovative hacking technology”. Create 300 Gbps DDOS… I can say that this method “ingenious terrible” and “terribly ingenious”. Both statements are true at the same time. I can enumerate (without time to remember) about 5-7 publicity available provider’s DNS servers here in Russia, which unrestricted for DNS-recursive queries. Hope providers will follow recommendations to configure rate limiting and restrict recursion to customer IP-ranges (last, sometimes, can be overcome with IP-spoofing).

    Reply
  2. mulligans dew says

    March 31, 2013 at 4:41 am

    Thanks a lot for the link to the “password cracking skript kiddie” article. THIS is stuff we need to know in order to create secure passwords!!

    Reply
  3. mulligans dew says

    March 31, 2013 at 4:41 am

    Thanks a lot for the link to the “password cracking skript kiddie” article. THIS is stuff we need to know in order to create secure passwords!!

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Malvertising, Ransomware, and Alleged IRS Breach
  • Law Enforcement Infiltrate and Seize Hive Ransomware Operation
  • The RCE Vulnerability That Wasn’t
  • Cybersecurity News: ACLU Unveils Mass Surveillance Program, (More) Malvertising, and Breaches

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • CISA Warns of Weaponized RMM Software
  • Cybersecurity News: ACLU Unveils Mass Surveillance Program, (More) Malvertising, and Breaches
  • Law Enforcement Infiltrate and Seize Hive Ransomware Operation
  • Report Roundup
  • Cybersecurity News: Malvertising, Ransomware, and Alleged IRS Breach
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use