Hijacked vBulletins, Harvested Email, and Router Backdoors
Do you remember the days where we might learn about one, maybe two, big Infosec stories a month? Well those days are long gone. Nowadays, it seems like more network and information security stories break each week than one person could follow. So why not let me do it for you in my weekly Infosec news summary.
This week, the episode covers a number of important software security patches (including one for WatchGuard customers), an unpatched vulnerability that resulted in 31,000 hijacked web sites, the NSA’s email harvesting campaign, and a backdoor in a popular consumer-brand router. Watch the video below to learn the details, and how to protect your network… and if you’re looking for extra credit, check the Reference section for a bunch of additional security stories.
Have a great weekend, and stay safe online.
(Episode Runtime: 7:41)
Direct YouTube Link: http://www.youtube.com/watch?v=ellxQ5xmt8E
Episode References:
- Software Updates
- Oracle’s October CPU – WGSC
- Critical Chrome Update – Threatpost
- WatchGuard releases XTM 11.8 and WatchGuard Dimension – WGSC
- WatchGuard XTM buffer overflow and XSS – WGSC
- Botherders exploit vBulletin flaw to hijack 35000 sites – Krebs on Security
- vBulletin developer describes serious vulnerability – vBulletin Forum
- NSA harvests private citizen’s email addresses – Washington Post
- Backdoor in D-Link consumer routers – ComputerWorld
Extras:
- Greenwald, the Snowden journalist, leaves The Guardian – The Guardian
- Lavabit gets new keys, allowing customers to get email – Ars Technica
- Researchers can fingerprint smartphones based on their sensors – Information Week
- Advanced attackers spear-phish Mandiant CEO with limo receipts – Softpedia
- Researchers find 25 ICS and SCADA vulnerabilities – Threatpost
- iMessage is not unbreakable – Macworld
- DDoS attacks continue to grow – Techworld
- Snowden did not share sensitive documents with China or Russia – New York Times
— Corey Nachreiner, CISSP (@SecAdept)
narasimhan says
Hi Corey,
Very useful information Thank you so mcuh..
asus transformer security says
What i do not understood is in truth how you are no
longer really a lot more well-liked than you may
be right now. You are so intelligent. You know thus significantly in relation to this
matter, produced me individually imagine it from numerous
numerous angles. Its like women and men aren’t involved until it’s
one thing to accomplish with Woman gaga! Your own stuffs great.
Always care for it up!
Accounting Services Singapore says
Howdy! Someone in my Myspace group shared this
website with us so I came to check it out.
I’m definitely enjoying the information. I’m bookmarking
and will be tweeting this to my followers! Terrific blog and fantastic design.
http://airconditioningmaintenance365.com says
Please let me know if you’re looking for a article
writer for your weblog. You have some really good articles and I think I would be a good asset.
If you ever want to take some of the load off, I’d absolutely love
to write some articles for your blog in exchange
for a link back to mine. Please shoot me an e-mail if interested.
Kudos!
league of legends champion guide says
Hey there! This post could not be written any better!
Reading through this post reminds me of my good old room
mate! He always kept talking about this. I will forward this page
to him. Pretty sure he will have a good read. Thank you for sharing!