Router Hacks, WordPress Attack, and Huge Oracle Update
During a week of such tragedy, it’s hard to give much thought to network and information security (InfoSec). Yet, we must stay vigilant, lest abhorrent cyber criminals leverage such tragedies against us in social networking campaigns.
In this week’s InfoSec news summary, I cover Oracle’s quarterly Critical Patch Update (CPU), a research project that uncovered vulnerabilities in consumer routers, a WordPress password cracking botnet, and how scammers are exploiting this week’s tragedies in their spam campaigns. Watch the video below for the highlights and some defensive tips.
As an aside, I will be traveling next week so I may not post the weekly video at its normal time.
(Episode Runtime: 7:38)
Direct YouTube Link: http://www.youtube.com/watch?v=Mvikhwg12k8
Episode References:
- WordPress password cracking campaign – Softpedia
- One of Microsoft’s April patches broken – CRN
- Oracle Critical Patch Update April 2013
- Oracle April 2013 CPU alert – Oracle
- Oracle April 2013 Java SE update – Oracle
- Apple Java update associated with Oracle CPU – Apple
- Article on Oracle CPU for April – ZDNet
- Research on exploiting SOHO routers – Security Evaluators
- Spammers exploit news of Boston Bombing – Information Week
- Spammers exploit news of accidental fertilizer plant explosion – Naked Security blog
Extras:
- House passes the latest version of CISPA – InfoWorld
- “Badnews” android botnet found on Google Play – TechWorld
- Reddit suffers DDoS attack – Express
- Syrian Electronic Army hacks NPR – Huffington Post
- Password security hits primetime (on Ellen Degeneres Show) – Softpedia
- New “magic code” trojan – Seculert
- US and China create cyber security working group – IT News
- LulzSec hacker gets a year in prison – The Inquirer
— Corey Nachreiner, CISSP (@SecAdept)
Kushnarev Alexander (Rainbow Security) says
Deep analyze of “Exploiting SOHO Routers” and, especially, understanding of related content from exploit-db.com and sekurak.pl sites allowed me to draw following conclusion:
Most methods of rooting described SOHO routers are more simple, than you can expect.
– No need to use BackTrack or BackBox;
– All you need – just freeware tftp/ftp client and notebook with OS;
– Do not need to worry about common “hard script modifying”, “calculating address space”, “add some NOOPs” etc. Just need to know the correct file names in router’s OS;
– There is NO shellcode in a couple if exploits, just “ready to use” http URL to send to router, set of “ready to use” http commands, set of “ready to use” Linux commands.
Amazing how things work…