The Onion Hack, IE8 0day, and ATM Cyber Heist
Are you an over-worked IT administrator with no time to learn about the latest internet threats? Do you want to keep your network safe, but don’t know what the bad guys are up to? If that’s you, then our weekly information security highlights video is just the thing for you. For just three easy payments of… well, nothing… you can have all that and more!
Today’s episode covers Syrian cyber attackers hijacking The Onion’s twitter feed, a serious zero day vulnerability affecting Internet Explorer 8 (IE8), a major cyber bank heist, and more. For all the details, and some tips to protect yourself, watch the video below or check out the stories in the Reference section.
Have a great weekend.
(Episode Runtime: 7:46)
Direct YouTube Link: http://www.youtube.com/watch?v=hdN9YMjKTXM
Episode References:
- Microsoft releases FixIT for IE8 0day – Microsoft
- Patch day advanced notification for May – Microsoft
- The Onion’s twitter feed hacked – NYTimes
- Darkleech attack now affects nginx and lighthttpd – The Register
- Crime gang steals 45mil in huge cyber bank heist – NYTimes
Extras:
- Hacking group gains access to .edu domains – The H Security
- Suspect SpyEye author extradited to US – Naked Security
- Anonymous’ so called OpUSA project an epic fail – eWeek
- “Honeywords” may help protect password databases – Ars Technica
- Name.com discovers a security breach – The Next Web
- Researchers find security flaws in Google’s “smart building” system – Cylance blog
- Critical 0day Cold Fusion exploit in the wild – InfoWorld
— Corey Nachreiner, CISSP (@SecAdept)
Alexander Kushnarev (Rainbow Security) says
1. MS Patch Day advanced notification: Lucky point, that for vulnerabilities, described from MS13-037 to MS 13-046 – for only one (MS13-038) of them exploit is publicly available.
2. Critical 0day Cold Fusion exploit: During analyze the exploit content (written in python) I’ve faced with a kind of sense of humor from exploit authors:
– They called their exploit “Subzero” (in the name of famous warrior from Mortal Combat);
– Exploit code starts with OS fingerprinting. And if MS Windows Server detected – exploit prints “windows 95 with bonzibuddy” 🙂
– Just look at this (end of code):
flash(cyan,”[~] SUB ZERO WINS”,3)
time.sleep(.5)
flash(red,”[!] FLAWLESS VICTORY”,3)
time.sleep(.5)