• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Uroburos APT- WSWiR Episode 97

March 7, 2014 By Corey Nachreiner

SOHO Pharming, Trio of Data Breaches, and Russian APT

I still remember ten years ago, when I used to wish more people would realize the dangers of the Internet and the sad state of cyber security. Back then, it seemed like I had to work to convince someone that there was any computer security problem at all. Boy has that changed… Now I feel overwhelmed by the amount of information security news that breaks each week. If you’re interested in computer security news, but feel overwhelmed yourself, let my short video summarize the important news for you.

Today’s episode covers a SOHO pharming campaign that’s hijacking routers in Europe and Asia, another trio of big network and data breaches, and a new advanced, nataion-state level attack that allegedly comes from Russia. Watch the video for my quick summary, and/or check out the links below for more details, and some extra security stories to boot.

Enjoy your weekend, and keep safe out there.

(Episode Runtime: 11:24)

Direct YouTube Link: http://www.youtube.com/watch?v=IQch3fdbzAk

Episode References:

  • Team Cmryu report on SOHO Pharming campaign [PDF] – Team Cmryu
    • A news article on the report, if you prefer a quick summary – Ars Technica
    • WatchGuard’s new Firebox T10 can help – Watchguard
  • Comixology network breach and potential password leak – CNET
  • Smucker’s credit card data leak; also affects others – Krebs on Security
  • Sally Beauty network breach and CC leak – Krebs on Security
  • Report on Russian Uroburos APT campaign [PDF] – G Data
    • Shorter Blog post covering the issue – G Data
  • Microsoft notification for March Patch Day (fixes IE 0day) – WGSC

Extras:

  • Latest details around iOS security – Network World
  • FOR FUN: Can you hack Jurassic Park? – JurassicSystems.com
  • Stephen Colbert gives hilarious/controversial take to end RSA – The Verge
  • Beware Netflix tech support phishing scam – Gizmodo
  • Attackers extort Meetup.com with DDoS – Mashable
  • Major flaw in GnuTLS; similar but not related to last week’s Apple SSL issues – GnuTLS
  • Half of the attacks out there target Java – CIO
  • Androids ship with preinstalled malware – Computer World
  • Kaspersky says Tor increasingly used by malware and hackers – The Register
  • Target’s CIO resigns – Tech Crunch
  • Is Cyberpoaching a thing? (hacking animal GPS collars) – Mashable
  • HTTPS can leak private data – The Register
  • Malicious iOS profile vulnerability – Information Week
  • Cisco WAP and router patches – Computer World
  • Microsoft defends botnet takedown strategy – Computer Weekly
  • Is Russia launching cyber attacks against Ukraine? – Tech News World
  • Beware naked video Facebook scam – Fox News
  • Dendroid New android exploit kit found on criminal underground – Symantec

— Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Security Bytes Tagged With: APT, DNS poisoning, Hacking, Infosec news, Internet Explorer, Microsoft, p2p, Pharming, rootkit, Router, Russia, Sally Beauty, Smuckers, Software vulnerabilities, SOHO Pharming, SQLi, Team Cmryu, TP-Link, Updates and patches, Uroburos, Zero day exploit, Zyxel

Comments

  1. Jeffrey Manfull says

    March 10, 2014 at 5:05 pm

    Somebody butchered “Cymru” not once, but twice in the episode reference link.

    Reply
    • Corey Nachreiner says

      March 11, 2014 at 11:28 am

      Really!?

      While I certainly did not pronounce it with the proper Welsh accent/intonation, I did specifically make a point of looking up how to pronounce Cmryu. While I found many variants, I used the advice published on the Q/A of Team Cmyru’s own site:

      https://www.team-cymru.org/About/

      Where they say it’s pronounced, “Kum-ree”… That’s how I thought I said it…

      ^_^

      Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Malvertising, Ransomware, and Alleged IRS Breach
  • Law Enforcement Infiltrate and Seize Hive Ransomware Operation
  • The RCE Vulnerability That Wasn’t
  • Cybersecurity News: ACLU Unveils Mass Surveillance Program, (More) Malvertising, and Breaches

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • CISA Warns of Weaponized RMM Software
  • Cybersecurity News: ACLU Unveils Mass Surveillance Program, (More) Malvertising, and Breaches
  • Law Enforcement Infiltrate and Seize Hive Ransomware Operation
  • Report Roundup
  • Cybersecurity News: Malvertising, Ransomware, and Alleged IRS Breach
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use