• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

WatchGuard Security Week in Review: Episode 61 – InfoSec UK 2013

April 26, 2013 By Corey Nachreiner

AP Twitter Hack, Serial Offenders, and InfoSec UK

This week’s security highlights video comes a bit early due to my travels in London to attend InfoSec UK.

If you’re looking for a quick summary of the week’s top security news, this is the vlog for you. In today’s video, I share a few themes from the biggest security conferences in Europe, news of the AP twitter feed hijack, warnings of a new Java exploit, and information about industry-wide flaws affecting serial port servers. Watch for all the details, and check the Reference section below for other interesting stories from the week.

(Episode Runtime: 7:35)

Direct YouTube Link: http://www.youtube.com/watch?v=pWAMN7j0yyg

Episode References:

  • AP Twitter feed hijacked – The Age
  • Newly patch Java flaw exploited in the Wild – Ars Technica
  • HD Moore uncovers serial port service vulnerabilities – Rapid7 blog
  • Moore’s Serial Offenders presentation – Speaker Deck
  • InfoSec UK 2013 News
    • Security Policy must align with business goals – Tech World
    • All businesses at risk of cyber attack – ITPro
    • Cyber Intelligence sharing helps security – Computer Weekly

Extras:

  • Hacking laws used to convict someone who didn’t hack – The Verge
  • FBI legally denied Strickback capability (installing malware to spy on criminal) – Ars Technica
  • My article on why Strickback will strick out – Network World
  • Major Lulzsec hacker arrested in Australia – ReadWrite
  • World of Tanks servers breached – Kotaku
  • CISPA dies again in Senate – ZDNet

— Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Security Bytes Tagged With: botnet, CISPA, Hacked, Hacking, Infosec news, Malware, Oracle, Oracle CPU, password cracking, router hacks, Software vulnerabilities, spam, Spammers, Texas explosion, Updates and patches, Wordpress

Comments

  1. Kushnarev Alexander (Rainbow Security) says

    April 28, 2013 at 8:21 am

    I have not studied the nature of the attacks on JDK and JRE before, but sequence of links from “Newly patch Java flaw exploited in the Wild” led me to an article, which explained a lot to me about “type confusion” vulnerabilities and their worklogic. It seems, that “type confusion” exploitation became classic type of hacking for Java (sine 2008-2009), just like buffer overflow attacks for different HTTP or SMTP service implementations.
    So, if someone is curious about the overview of nature of these type of attacks – “Exploiting Type Confusion Vulnerabilities in Oracle JRE” article is here:
    http://schierlm.users.sourceforge.net/TypeConfusion.html

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • Here Come The Regulations
  • Cybersecurity’s Toll on Mental Health

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use