• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

BGP Man in the Middle Attacks – WSWiR Episode 86

November 22, 2013 By Corey Nachreiner

Stuxnet Update, I2P Botnet, and BGP Hacking

Do you have too much to do to follow information security news? Or maybe you feel overwhelmed by so much security news (I sure do) that you don’t know which news is most important. In either case, I’m here to summarize the important stuff for you in my weekly Infosec summary video.

Today’s show talks about a sneaky new botnet and its C&C channel, the latest Stuxnet research, a few important credential breaches, and an Internet-wide man-in-the-middle (MitM) attack that leveraged BGP issues. Watch the episode below for all the details… and if you are hungry for more security news, be sure to check out the other stories in the Reference section.

Show note: We will be skipping next week’s episode due to the US holiday weekend. Have a great Thanksgiving, and don’t get trampled on Black Friday!

(Episode Runtime: 9:40)

Direct YouTube Link: http://www.youtube.com/watch?v=hKegyeVs0cQ

Episode References:

  • New botnet called I2Ninja uses I2P darknet as C&C Channel – Trusteer
  • Latest Stuxnet researchs shows a earlier and stealthier variant [PDF] – Langner.com
  • Hacker’s breach vBulletin Forum pages  – Ars Technica
  • No proof yet of vBulletin related 0day – Softpedia
  • Attackers brute force GitHub login – Github
  • Github bans weak passwords – PC World
  • Renesys warns of BGP-based Internet Man-in-the-Middle (MitM) attacks – Renesys

Extras:

  • Cupid Media suffered a credential leaking data breach – Threat Post
  • Exiled hacker finds inappropriate material on Syrian secret police computers – Forbes
  • “Free” Bitcoin generator leads to malware – Help Net Security
  • US Navy worried about BadBIOS like hacks – SFGate
  • Attackers are exploiting a JBoss vulnerability – Computer World
  • Jeremy Hammond, the Lulzsec Stratfor hacker, gets a decade in jail – The Register
  • Targeted attacks exploiting a 0day in Japanese software – The Register
  • Linus Torvald’s dad says the NSA asked for a backdoor in Linux – Vr-zone
  • Dread Pirate Roberts tried to assasinate six people? – Krebs on Security
  • UK police decided to pay the Cryptolocker ransom (bad form) – The Guardian
  • The game company with the sneaky Bitcoin mining feature is fined – IT Pro Portal
  • Researchers find lots of flaws in criminal exploit kits –  ZDNet
  • Cryptolocker charges less due to Bitcoin’s skyrocketing value  – F-Secure
  • Researchers find lots of flaws in criminal exploit kits –  ZDNet

— Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Security Bytes Tagged With: botnet, Github, Hacking, I2Ninja, I2P, Infosec news, Malware (Software Genre), MitM, Security breach, Software vulnerabilities, stuxnet, vBulletin, Zero day exploit

Comments

  1. Alexander Kushnarev says

    November 26, 2013 at 3:33 am

    Never previously analyzed the abilities of Stuxnet Mark I and Mark II modifications. After reading the PDF, provided by the link in this episode – I was realy amazing by the malicious power of it.
    Just imagine – how many members of the malware writers should be to include such abilities in the code of one malware instance? Stuxnet can:
    – be hidden on the systems in sufficient extent;
    – infect SCADA management PC-machines;
    – interact with SCADA management software;
    – “play” with centrifuge using the “knowledge” of particular centrifuge system,
    – evade control of sensors somehow;
    – and control options for not to create immediate critical breakdown.
    All these functions should be optimized, part of code should be obfuscated, and the malware itself should be as small as possible…

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • US National Cybersecurity Strategy
  • Cybersecurity’s Toll on Mental Health
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • Here Come The Regulations

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Here Come The Regulations
  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • Cybersecurity’s Toll on Mental Health
  • Successfully Prosecuting a Russian Hacker
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use