• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Ebay Pwned – WSWiR Episode 108

May 23, 2014 By Corey Nachreiner

Ebay Data Breach, IE8 0Day, and Alleged Chinese Hackers

With all the information security (InfoSec) news coming out each week, it’s hard to believe anyone can keep up with it; let alone an already busy IT professional with other things on his plate. If that sounds like you, rather than worrying about finding the most important security news you can let my weekly summary video fill you in.

Today’s episode covers the 145M record Ebay breach, and new zero day Internet Explorer (IE) 8 vulnerability released early by the supposedly good guys, and the Department of Justice’s official charges against five alleged Chinese government hackers. Check out the video below for the details, and peruse the Reference section for links to other InfoSec stories.

If you’re in the USA, enjoy your extended holiday weekend. See you next time…

(Episode Runtime: 8:00)

Direct YouTube Link: https://www.youtube.com/watch?v=Ib7nI1H13P8

Episode References:

  • Ebay user data stolen in a network breach – Forbes
  • ZDI Discloses IE8 0day since MS takes too long to patch – ZDI
    • Microsoft’s EMET tool – Microsoft
  • US charges Chinese PLA members with hacking
    • US Accuses Chinese Military of Hacking… Hypocrisy? – The Register
    • Another view on the subject – TechCrunch
    • Meet the alleged Chinese PLA hackers – Telegraph
    • The actual DoJ release – Justice.gov

Extras:

  • DHS warns of a successful SCADA attack to a US Public Utility – ICS Cert
  • FBI cracks down on Blackshades (used for webcam peeping) trojan users – Malwaretech
  • Apple release security update for Safari – Apple
  • Remode code execution flaw fixed in MSN, Oragne, and Yahoo – CyberDefense Magazine
  • Sweet Orange exploit kit distributing from GoDaddy subdomains in Russia – Dynamoo Blog
  • Watch out for a somewhat sophisticated Google Drive phishing campaign – Help Net Security
  • Hackers rumored to have defeated “Find my iPhone” – Intego
  • Red Bull’s Racing website hacked and defaced – CyberWar Zone
  • Miniduke (APT) still duking it out – WeLiveSecurity
  • Filipino Anonymous hacktivists deface many Chinese sites – The Hacker News
  • FBI wants to hire hackers, but too many smoke pot – WSJ
  • Global botnet infecting POS systems – Computer World
  • Pentagon announces “Hacker proof” drone (bad omen… nothing is hacker proof) – Naked Security

— Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Uncategorized Tagged With: Adobe, Advanced threats, APT, Flying Kittens, Hacking, Infosec news, Internet Explorer, Microsoft, NSA, Reader, router hijack, Saffron Rose, Snowden, Software vulnerabilities, TAO, Updates and patches

Comments

  1. Vis Viva says

    September 8, 2014 at 12:31 am

    Gotta love 0Day vulns!

    The ebay hack again shows how no online entity is invulnerable to hacks. As long as human beings are involved, there’s a vulnerability!

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Weaponizing WinRAR
  • The Qakbot Takedown
  • iPhone’s Latest 0-Day
  • Meta’ One Good Deed

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Meta’ One Good Deed
  • iPhone’s Latest 0-Day
  • The Qakbot Takedown
  • Weaponizing WinRAR
  • U.S. Cyber Trust Mark
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use