Flash 0day, DailyMotion Watering Hole, and New POS Malware
With Seattle celebrating our Super Bowl victory (Sea-Hawks!), it’s hard for locals to keep their minds on Information Security (Infosec), but criminal hackers don’t stop for American football. If you’ve been too busy to follow security news this week, let WatchGuard’s Friday video fill you in on the details, and help you with your defenses.
In today’s video, I cover an Adobe Flash 0day exploit that advanced attackers are leveraging in the wild, warn about a popular video site that has been turned into a FakeAV watering hole, give you the latest breaking update on the Target breach, and more. Watch the video below to learn the latest security news, and check out the Reference section if you’d like links to other security stories from the week.
Quick show note; I’ll be traveling in the UK next week, so will have to produce the next episode from the road. This also means the video may go live either early or later in the week than it normally does.
Enjoy your weekend, and stay safe out there.
(Episode Runtime: 10:04)
Direct YouTube Link: https://www.youtube.com/watch?v=aJMAyKpTaYI
Episode References:
- Next week’s Microsoft Patch Day to deliver five updates, two critical – Microsoft
- Adobe fixes zero day flaw discovered by Kaspersky – WGSC
- Kaspersky previews details about “The Mask” APT Campaign – Securelist
- Dailymotion still serving FakeAV three weeks later – Threat Post
- Details on Dailymotion watering hole attack – Invincea
- RSA warns of new POS trojan called Chewbacca – RSA blog
- Attackers stole credentials from HVAC contractor to get into Target’s network – Krebs on Security
- My Help Net Security article on Drive-by Downloads and Watering Hole attacks – Help Net Security
Extras:
- Malicious PNG meta data used to serve iframes – Securi
- Anonymous going after animal abusers – Softpedia
- Recent Zeus variants learn new tricks – Network World
- Hackers targeting Sochi visitors – NBC News
- Video of Sochi hacking – YouTube
- However, others suggest it’s a misleading report – Gigamon
- Latest Chrome update warns if your browser is hijacked – Ars Technica
- Malware campaign seems to target cryptographers – PC World
- French company, Orange, suffers data breach – Digital Spy
- Bell Canada data breach, also affects Comcast – Help Net Security
- GCHQ DDoSed and served malware to Anonymous – Wired
- CDorked Linux server malware still active – Reverse Engineering Mac
- CBS broadcast their wifi password during Super Bowl; Oops – ZDnet
- New ransomware gets victims to mine Bitcoin – Techcrunch
- iOS vulnerability allows you to disable Find My Phone – Macrumors
- India alleges that Huawei hacked into telecoms – ZDNet
- Legal firm hit hard by Cryptolocker – ZDnet
- New ransomware gets victims to mine Bitcoin – Techcrunch
— Corey Nachreiner, CISSP (@SecAdept)
Now Google Chrome has an ability to reset settings to defaults, but more interesting points are:
– On what level such function is developed? Is it “hard-coded” in browser?
– If calling such function can be debugged/traced – then is it really secure?
– Let’s hope, that due to current implementation – malicious add-ons will not be able to manipulate conditions of appearance factor…
Does your site have a contact page? I’m having problems locating it but,
I’d like to shoot you an e-mail. I’ve got some ideas
for your blog you might be interested in hearing.
Either way, great site and I look forward to seeing
it expand ovr time.
Hello there, I believe yopur weeb site might be having
internet browser compatibility issues. Whenever I look at your weeb site in Safari, it
looks fine however whrn opening in Internet Explorer, it’s
got some overlapping issues. I just wanted to provide yoou
woth a quick heads up! Apart fdom that, excellent site!