SnapChat Snaffu, Backdoored Routers, and Target Turmoil
Happy New Years, and welcome to the first episode of WatchGuard Security Week in Review for 2014!
If you are new to the show, this is a weekly video podcast dedicated to summarizing the most important Information Security (InfoSec) news, while also sharing security tips and best practices. If you are too busy to follow the always active security industry yourself, this is a great way to catch up at the end of each week.
Today’s episodes covers a number of stories from past three weeks (due to our holiday hiatus), including news of the big Target data breach, info on a SnapChat vulnerability, the latest Hactivist attack, and a story about vulnerabilities in a number of consumer DSL routers. Watch the quick YouTube clip below, and check out the Reference section for more details, and links to extra stories.
I hope you have a prosperous and secure year!
(Episode Runtime: 10:07)
Direct YouTube Link: http://www.youtube.com/watch?v=f4rsOzekEjQ
Episode References:
- Target Breach:
- Target suffers PoS system breach (affects physical stores) – Krebs on Security
- Target breach may have been insider attack – CSO Online
- Customer pins stolen during Target breach – Computer World
- SnapChat vulnerability allows 4.6 millions phone records to leak – Forbes
- OpenSSL defacement doesn’t affect OpenSSL software – OpenSSL
- Syrian Electronic Army hijacks Skype Social Networks – Network World
- Security researcher finds backdoor in DSL routers using Sercomm – Ars Technica
Extras:
- DERP group DDoS many game related sites, like Steam – T3
- New Cryptolocker copycat is pretty lame – We Live Security
- Latest NSA hacking revelations about ANT – Wired
- Details on old DoE breach [PDF] – Energy.gov
- DGA changer malware makes C&C harder to take down – ThreatPost
- GNUPG security vulnerability – Security World
- Jack Barnaby’s death (pacemaker hacker) was due to drug overdose – The Verge
- Trojan targets WoW gamers – Kotaku