• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

NYT Tango Down – WSWiR Episode 75

August 30, 2013 By Corey Nachreiner

.CN DDoS and DNS Hijacking

Do you want to hear about the week’s biggest InfoSec news, while learning a few security tips in the process? Well this is the weekly vlog for you.

In today’s video, I share a potential cause for China’s recent distributed denial of service (DDoS) attack, warn about a serious vulnerability in Cisco’s ACS, and explain how a hacktivist group took down the New York Times. I even throw in a bit of Friday fun at the end. Watch the video below, and remember to check out the references for links to other stories.

(Episode Runtime: 10:20)

Direct YouTube Link: http://www.youtube.com/watch?v=cyQX4J0OEyo

Episode References:

  • Huge DDoS attack affects China’s .CN ccTLD – WSJ Blog
  • Chinese government site confirms the DDoS (translated) – CINIC
  • Critical Cisoc ACS security advisory – Cisco
  • Great post on how SEA took down NYT  – Cloudflare
  • MelbourneIT credentials stolen due to phishing – Network World
  • John McAfee releases another “interesting” video – Who is McAfee

Extras:

  • NSA accused of cracking encryption for UN teleconferencing system – Computer World
  • PayPal fixes account deleting flaw – The Register
  • Java 6 flaw exploited in the wild. Upgrade to 7 – Information Week
  • Pinterest email harvesting flaw fixed – Network World
  • Google’s Palestinian site defaced – ZDNet
  • Hacked cell phone can jam other cellular devices – Threatpost
  • Researchers reverse Dropbox and find flaws (requires local access) – USENIX
  • Attacker pleads guilty to selling super computer logins – Ars Technica

— Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Security Bytes Tagged With: cisco, Cisco ACS, DDoS, dns, DNS amplification, dnssec, Hacking, Infosec news, New York Times, NYT, NYtimes, password, password security, SEA, Secure Access Control Server, Security breach, Software vulnerabilities, Syrian Electronic Army

Comments

  1. Alexander Kushnarev (Rainbow Security) says

    September 2, 2013 at 12:16 pm

    Vulnerability in Cisco secure access control server (EAP-FAST authentication) attracts my attention this time. Thinking logically: if execution of arbitrary commands is possible due to improper parsing of user identities – they are (Cisco), most likely, talking about Phase 1 of EAP-FAST, then system makes use of “protected access credential” (PAC files) to establish a TLS tunnel. Although EAP-FAST can be used without PAC files – “vulnerability is only present when Cisco Secure ACS is configured as a RADIUS server”. If it’s RADIUS – then some attributes should be passed by using port 812 (or UDP 1645 in that case), including credentials (PAC). So, in that case, I suspect that user credentials are provisioned in a PAC form without involving server certificate in a process, because otherwise “allow an unauthenticated (!), remote attacker to execute arbitrary commands” and exploitation of “improper parsing of user identities” (with specially crafted packets) together is hardly-hardly-hardly possible… Besides, if we are coming to “remote attacker to execute arbitrary commands” – that means that it is possible memory corruption or buffer overflow issue… but not sure about the last one.

    Reply
  2. iphone apps development says

    March 8, 2014 at 12:47 pm

    I all the time used to read paragraph in news papers
    but now as I am a user of net thus from now I am using net for posts, thanks to web.

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • Here Come The Regulations
  • Cybersecurity’s Toll on Mental Health

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use