App Store Hole, LoL Breach, and Zuckerberg Hacked
I’m back with our regular infosec news video summary, where I highlight the biggest or most interesting security stories from the week and share a few tips along the way.
Today’s episode covers a handful of software updates, the breach of a popular multiplayer arena battle game, some drama around a new Facebook vulnerability, and new research describing how to bypass Apple’s App Store protections. Watch the video to learn more, and check out the reference section below for some other stories as well.
(Episode Runtime: 9:43)
Direct YouTube Link: http://www.youtube.com/watch?v=V0Qhxbx1y7g
Episode References:
- Software Updates
- League of Legends sites breached, customer data stolen – CNET
- Spurned security researcher hacks Zuckerberg’s wall – Khalil’s Blog
- Georgia Tech research team bypasses App Store protections – Computer World
- Research paper outlining the App Store attack – USENIX
Extras:
- Snowden journalist’s partner held at UK airport – The Guardian
- IP cloaking deemed illegal in CFAA related case – Ars Technica
- Zeus updated to create fake instagram “likes” – Mashable
- OK Cupid instant login feature allows others into your account – The Verge
- Previous Apple dev site outage not due to Balic’s flaw – Mac Rumers
- US Intelligence Community (NSA) creates Tumblr page for transparency – Tumblr
- Hasting reportedly feared car tampering before his mysterious crash – Fox News
- Privilege elevation flaw in Linux version of VMware Workstation – Softpedia
- Three US Banks lose millions to recent cyber attacks – Computer World
— Corey Nachreiner, CISSP (@SecAdept)
Alexander Kushnarev (Rainbow Security) says
Zeus and fake “likes” article. Unbelievable…”Likes” and “followers” are more valuable that credit card packs? Maybe malware authors will switch to “likes” and “followers” completely (from stealing PINs and CC numbers), and the world will be slightly brighter? 🙂