MH370 Scams, Google Play DDoSed, and Operation Windigo
Each week I summarize the biggest information security news in a short video, so you don’t have to go searching for it yourself. If you’re interested in the latest infosec updates, be sure to watch each Friday.
Today’s late episode covers a few cyber security stories around the disappeared MH370 flight, news about a penetration tester downing Google Play, and a report about a cyber attack campaign that hijacked 25,000 Linux servers. Watch the video for the full scoops, and check the Reference section below for more info.
Have a great weekend.
(Episode Runtime: 8:41)
Direct YouTube Link: http://www.youtube.com/watch?v=YJ3Ei1WDyIY
Episode References:
- Hyperbolic story about MH370 disappearance being a cyber hijack – Softpedia
- MH370 related Facebook scams – Time
- Researchers pen-test crashes Google Play… twice – CNN Money
- ESET’s Operation Windigo report [PDF] – We Live Security
Extras:
- Must watch Snowden interview at TED – YouTube
- Exploit for Apple SSL MitM flaw – Corte.si
- Cryptolocker now self-spreading – Trend Micro
- Lights Out campaign targets energy sector – InfoSec Magazine
- Chrome update fixes Pwn2Own bugs – Computer World
- Firefox update fixes Pwn2Own bugs – Computer World
- Coldfusion attack campaign – Arc Technica
- RC Drone used for wifi hacks – CNN Money
- SEA alleges that Microsoft charges NSA for data dumps – Computer World
- EA servers hijacked for phishing attack – Threat Post
- iOS Tor app full of adware and spyware – SC Magazine
- Zorenium botnet has iOS module – Sensecy
— Corey Nachreiner, CISSP (@SecAdept)
Hal says
The video is private!!! Any way to see your report?
Thanks
Hal
Alexander Kushnarev says
It looks like here are 3 kinds of persons/groups, closely related to the term “hacker(s)” in it’s nowadays meaning (we are not talking about script-kiddies and newbie). They are can be classified by the “want to be a famous” factor:
– Cyber-criminals. Making money and trying to work “in a deep darkness”. If they want to be a famous, then inside a limited groups of “like-minded person” (allies). Almost never want to show who they are in real life (public identification of a person).
– Hackers or crackers. Making hacks/cracks and trying to stay, at least, “in shadow”. The more professional they are – the more they want not to show who they are in real life.
– Hacker-artists. They can really do a “big public” hack or a crack, and they know exactly WHAT they are doing (but without(!) any fear of punishment, and I’m curious why?), and want to be classified as, let’s say, members of “hacker’s path of glory”, “worldwide famous IT-rebels” 🙂
I don’t like to judge somebody, as experts should stay impartial, so let’s everybody tries to “put” mr. Ibrahim Balic under this classification independently from my own opinion 🙂