• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Major Android Flaw Means More Trojans – WSWiR Episode 69

July 8, 2013 By Corey Nachreiner

Snowden’s Hacker CV, Uplay Breach, and Serious Android Vulnerability

Last Thursday, US citizens celebrated our 4th of July, Independence Day holiday, which traditionally means that few workers came into the office on Friday. For that reason, I decided to hold onto last week’s InfoSec summary video until today. What better way to start the week than learning about the latest security news with a hot cup of joe.

In last week’s episode, I cover news of Snowden’s hacking credentials, the latest OS X update, a Ubisoft network breach, and a critical security vulnerability that affects 99% of Android users. For the details on those stories and more, watch our video below.

As an aside, I am taking a bit of time off at the end of the week, so I will either skip this Friday’s video, or post a short one on Monday.

(Episode Runtime: 7:21)

Direct YouTube Link: https://www.youtube.com/watch?v=DTjkmKKy-Gg

Episode References:

  • Snowden/NSA/PRISM Updates
    • Authorities think Snowden is on Morales’ plane – The Guardian
    • Snowden’s resume shows hacking credentials– NY Times
    • Many countries deny Snowden asylum – CNN
    • UPDATE: Snowden now getting asylum options – USA Today
  • Software Updates
    • Apple releases OS X update to fix Quicktime flaws – Apple
    • July’s Microsoft Patch day to include seven security updates – WGSC
  • Ubisoft breach results in Uplay account leaks – The Register
  • Bluebox Security Team warns of critical, industry-wide Android vulnerability  – Bluebox

Extras:

  • Microsoft talks about symbiotic malware – Threat Post
  • New RAT affects Middle Eastern organizations – Threat Post
  • Security flaw found in encrypted phone call library – Computer World
  • Story about NSA sites being hacked was FAKE – Info World
  • Using Wi-Fi for physical surveillance – Help Net Security

— Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Security Bytes Tagged With: Apple, Blackhat, Edward Snowden, Google, Hacking, Infosec news, Malware, network compromise, NSA, Security breach, Software vulnerabilities, trojan, Ubisoft, Updates and patches, Uplay

Comments

  1. Alexander Kushnarev (Rainbow Security) says

    July 17, 2013 at 1:37 pm

    Compromise of UbiSoft Uplay accounts suddenly reminds me some important points of historical line of “game protection and hacking” from 198X till nowadays. If I’ll miss something – please, add it in next comments 🙂
    1. Protection of starting game with keywords, printed on original booklets, provided with the game distributive (198X). Hacking – illegal copies of booklets (scans) and copies of game files.
    2. Unique serial numbers to start game, printed on original floppy disks with the game distributive. Hacking – illegal copies (scans) of labels on floppies with serials and copies of game files (198X).
    3. “Installing from CD, starting only from DC” concept (199X). Hacking – no-CD patches, make illegal images from CDs.
    4. Unique serial numbers for game activation (each unique for each copy), printed on original CD disks with the game distributive, combined with copy protection drivers. Drivers should be installed from CD with a game (StarForce, for example – 199X and beginning of 200X). Hacking – keygens and no-CD patches, make illegal images.
    5. Unique serial numbers for game activation (each unique for each copy). Activation should be done on developer’s servers on Internet (end of 200X, nowadays (20XX)). Hacking – patches to distributives, substitute of main executable module and DLLs with cracked etc.
    6. Playing the game under personal credentials, and store statistics online on the online developer’s database (end of 200X, nowadays (20XX)). Hacking – stolen accounts of users from developer’s servers.
    What next?

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Scratching the Surface of Rhysida Ransomware
  • An Interview with ChatGPT
  • TikTok is Banned, Kind Of
  • Naming APTs

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • How Not to Update Software
  • Naming APTs
  • TikTok is Banned, Kind Of
  • Scratching the Surface of Rhysida Ransomware
  • An Interview with ChatGPT
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use