NASDAQ Vulnerabilities, NASA Defacement, and Hidden Lynx
It’s that time again; when I summarize the biggest information security (Infosec) news into a short video. If you’d like to get a quick take of what’s going on in the computer security industry, this is the show for you.
This week’s episode includes a quick note on the latest software updates, a story about NASDAQ’s delayed reaction to vulnerabilities on their site, news about Brazilian hackers potentially mistaking NASA for the NSA, and the uncovering of an advanced cyber criminal gang responsible for some of the most concerning attacks over the last few years. Check out the video for the full skinny, and don’t forget to take a peek at the Reference section for links to other stories.
Have a fun weekend and a fantastic day.
(Episode Runtime: 8:37)
Direct YouTube Link: http://www.youtube.com/watch?v=V23GxAovB-w
Episode References:
- Software Updates
- XSS flaws found on NASDAQ site – ComputerWorld
- Brazilian hackers mistake NASA for NSA – Daily Mail
- Pastebin post listing defaced NASA sites – Pastebin
- Symantec’s report on the Hidden Lynx gang [PDF] – Symantec
- Article highlighting the Hidden Lynx story – Ars Technica
Extras:
- New malware “freezes” the state of your HD, making it hard to remove – BKAV
- Researchers demonstrate advanced CPU or hardware trojan – Extremetech
- Scientific paper on hardware trojan – Umass.edu
- Infosec community crowdsources iPhone 5S fingerprint hack – HuffPost
- So called long password DoS attack (only affect Django) – The Register
- Illegal porn ransomware actually forces your computer to get illegal porn – Don’t Need Coffee
- FBI admits their part in Freedom Hosting (Tor) hack – Help Net Security
- Fireeye site serves a drive-by download due to malvertising – FireEye
- Watering hole attacks target the energy sector – ThreatPost
— Corey Nachreiner, CISSP (@SecAdept)
Thanks Corey. I always enjoy your video episodes. Keep up the good work. -Ed