0day Watering Holes – WSWiR Episode 96

Flash and IE 0day, Watering Holes, and Router Worms

It’s Friday, Friday, gotta get your InfoSec on Friday….

Seriously though. If you are looking for a quick round-up of this week’s biggest security news, this is your show. In it, I cover what I think are the top three information and network security stories of the week, vlog style. If that sounds good, keep reading.

This week’s episode covers an advanced watering hole attack that leverages two zero day vulnerabilities, a worm that’s infecting a popular brand consumer router, and new vulnerabilities that affect devices which fall under “the Internet of things” category. If you’d like all the details, including how to protect yourself, watch the video below. Or if you prefer to read, check out the Reference section for links to those stories and more.

Quick show note. Next week I’ll be attending the annual RSA Security Conference. Though I still hope to produce a video on the road, I may have to settle for a text version of our weekly Infosec news if I get too busy. Keep an eye on the blog for the latest, and have a great weekend.

(Episode Runtime: 8:57)

Direct YouTube Link: http://www.youtube.com/watch?v=NbxXXLov6Ek

Episode References:

• Operation Snowman Watering Hole Attacks
  • FireEye’s post on Operation Snowman – FireEye Blog
  • Websenses research on similar watering hole attack – Websense blog
  • Microsoft emergency IE advisory – Microsoft
  • Adobe’s emergency Flash alert – Adobe
• The Moon Worm infects Linksys routers – SANS ISC Diary
  • Tech article on the worm – Threat Post
  • Researcher releases exploit code for issue – ExploitDB
  • Also, news of an Asus router attack – Ars Technica
• IOActive finds five vulnerabilities in WeMo Home Automation Solution [PDF] – IOActive
  • US-CERT advisory on WeMo flaws – US-CERT

Extras:

• Lots of FTP site credentials stolen, including NY Times – PCWorld
• Tesco suffers a Data Breach – The Register
  
• Iranian hack on the U.S. Navy worse than first suspected – The Verge
• SEA hacks Forbes and steals 1 million user credentials – The Register
• KickStarter suffers a hack and user info breach – KickStarter
• Silkroad 2.0 robbed of a fortune of bitcoin – Forbes
• Latest Zeus variant uses stenagrophy to hid config in a JPG – MalwareBytes
• Well written PayPal phishing email – Help Net Security
• New Zeus variant seems to target SalesForce – PC Advisor
• Tinder (a dating app) flaw could allow creepers to track you real-time – IncludeSecurity

— Corey Nachreiner, CISSP (@SecAdept)

Share This: