Router Hacks, WordPress Attack, and Huge Oracle Update
During a week of such tragedy, it’s hard to give much thought to network and information security (InfoSec). Yet, we must stay vigilant, lest abhorrent cyber criminals leverage such tragedies against us in social networking campaigns.
In this week’s InfoSec news summary, I cover Oracle’s quarterly Critical Patch Update (CPU), a research project that uncovered vulnerabilities in consumer routers, a WordPress password cracking botnet, and how scammers are exploiting this week’s tragedies in their spam campaigns. Watch the video below for the highlights and some defensive tips.
As an aside, I will be traveling next week so I may not post the weekly video at its normal time.
(Episode Runtime: 7:38)
Direct YouTube Link: http://www.youtube.com/watch?v=Mvikhwg12k8
- WordPress password cracking campaign – Softpedia
- One of Microsoft’s April patches broken – CRN
- Oracle Critical Patch Update April 2013
- Research on exploiting SOHO routers – Security Evaluators
- Spammers exploit news of Boston Bombing – Information Week
- Spammers exploit news of accidental fertilizer plant explosion – Naked Security blog
- House passes the latest version of CISPA – InfoWorld
- “Badnews” android botnet found on Google Play – TechWorld
- Reddit suffers DDoS attack – Express
- Syrian Electronic Army hacks NPR – Huffington Post
- Password security hits primetime (on Ellen Degeneres Show) – Softpedia
- New “magic code” trojan – Seculert
- US and China create cyber security working group – IT News
- LulzSec hacker gets a year in prison – The Inquirer