• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

D-Link Backdoor – WSWiR Episode 81

October 18, 2013 By Corey Nachreiner

Hijacked vBulletins, Harvested Email, and Router Backdoors

Do you remember the days where we might learn about one, maybe two, big Infosec stories a month? Well those days are long gone. Nowadays, it seems like more network and information security stories break each week than one person could follow. So why not let me do it for you in my weekly Infosec news summary.

This week, the episode covers a number of important software security patches (including one for WatchGuard customers), an unpatched vulnerability that resulted in 31,000 hijacked web sites, the NSA’s email harvesting campaign, and a backdoor in a popular consumer-brand router. Watch the video below to learn the details, and how to protect your network… and if you’re looking for extra credit, check the Reference section for a bunch of additional security stories.

Have a great weekend, and stay safe online.

(Episode Runtime: 7:41)

Direct YouTube Link: http://www.youtube.com/watch?v=ellxQ5xmt8E

Episode References:

  • Software Updates
    • Oracle’s October CPU – WGSC
    • Critical Chrome Update – Threatpost
    • WatchGuard releases XTM 11.8 and WatchGuard Dimension – WGSC
    • WatchGuard XTM buffer overflow and XSS – WGSC
  • Botherders exploit vBulletin flaw to hijack 35000 sites – Krebs on Security
  • vBulletin developer describes serious vulnerability – vBulletin Forum
  • NSA harvests private citizen’s email addresses – Washington Post
  • Backdoor in D-Link consumer routers – ComputerWorld

Extras:

  • Greenwald, the Snowden journalist, leaves The Guardian – The Guardian
  • Lavabit gets new keys, allowing customers to get email – Ars Technica
  • Researchers can fingerprint smartphones based on their sensors – Information Week
  • Advanced attackers spear-phish Mandiant CEO with limo receipts – Softpedia
  • Researchers find 25 ICS and SCADA vulnerabilities – Threatpost
  • iMessage is not unbreakable – Macworld
  • DDoS attacks continue to grow – Techworld
  • Snowden did not share sensitive documents with China or Russia – New York Times

— Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Security Bytes Tagged With: Backdoor, botnet, Chrome, Fireware XTM, Hacking, Infosec news, MySQL, NSA, Oracle, Snowden, Software vulnerabilities, vBulletin

Comments

  1. narasimhan says

    October 22, 2013 at 9:10 pm

    Hi Corey,

    Very useful information Thank you so mcuh..

    Reply
  2. asus transformer security says

    November 27, 2013 at 2:27 am

    What i do not understood is in truth how you are no
    longer really a lot more well-liked than you may
    be right now. You are so intelligent. You know thus significantly in relation to this
    matter, produced me individually imagine it from numerous
    numerous angles. Its like women and men aren’t involved until it’s
    one thing to accomplish with Woman gaga! Your own stuffs great.
    Always care for it up!

    Reply
  3. Accounting Services Singapore says

    December 15, 2013 at 7:29 pm

    Howdy! Someone in my Myspace group shared this
    website with us so I came to check it out.
    I’m definitely enjoying the information. I’m bookmarking
    and will be tweeting this to my followers! Terrific blog and fantastic design.

    Reply
  4. http://airconditioningmaintenance365.com says

    December 16, 2013 at 5:28 pm

    Please let me know if you’re looking for a article
    writer for your weblog. You have some really good articles and I think I would be a good asset.
    If you ever want to take some of the load off, I’d absolutely love
    to write some articles for your blog in exchange
    for a link back to mine. Please shoot me an e-mail if interested.
    Kudos!

    Reply
  5. league of legends champion guide says

    August 16, 2014 at 5:16 pm

    Hey there! This post could not be written any better!
    Reading through this post reminds me of my good old room
    mate! He always kept talking about this. I will forward this page
    to him. Pretty sure he will have a good read. Thank you for sharing!

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • 3CX Supply Chain Attack
  • Here Come The Regulations

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • 3CX Supply Chain Attack
  • The NSA’s Guidance on Securing Authentication
  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use