• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Blackhat and More – WSWiR Episode 116

August 15, 2014 By Corey Nachreiner

Blackhat Summary,Lots of Patches, and MonsterMind

Times have changed. Cyber attacks have increased 10-fold, causing a ton of information security (infosec) news each week. Can’t keep up with it all? Let me help out. In this weekly video summary, I highlight the biggest information and security news every week.

Last week, I had meant to post a Black Hat video summary, but simply couldn’t find the time during my two week travel schedule. I try to make up for it in this week’s episode. In today’s video, I share a bit about Black Hat, cover the latest security patches, comment on the alleged huge password theft, and highlight Snowden’s latest interview and disclosures. Watch the video for the details.

Also, don’t forget to check out the big reference section below for two weeks of security news links, and some videos from Black Hat. Have a great weekend.

(Episode Runtime: 9:09)

Direct YouTube Link: https://www.youtube.com/watch?v=Xv1fUT15AP8

Episode References:

  • Blackhat Summary
    • Black Hat Briefings Day 1 – WGSC
    • Black Hat Briefings Day 2 – WGSC
    • Blackhat Presentation Videos
      • CyberSecurity as RealPolitik
      • BadUSB – On Accessories that Turn Evil
      • Cellular Exploitation on a Global Scale
      • Mission MPOSsible
      • SATCOM Terminals: Hacking by Air, Sea and Land
      • Breaking the Security of Physical Devices
      • Bringing Software Defined Radio to the Penetration Testing Community
  • Software Updates
    • Microsoft Patch Day
      • August IE update – WGSC
      • Windows consolidated alert – WGSC
      • SQL Server patch – WGSC
      • Office updates for August – WGSC
    • Latest OpenSSL security update – OpenSSL
    • Latest Safari update fixes drive-by download vulnerabilities – Apple
    • Adobe patches Flash flaws – Adobe
    • August Reader and Acrobat Updates – Adobe
  • Russian cyber gang stole 1.2 billion user credentials – WGSC
  • Snowden talks about MonsterMind; NSA’s strikeback tool – Wired

Extras:

  • Research disclosed on APT campaign (Turla, Snake, Uroburos) targeting diplomats – Symantec
  • U.S. consumer finance agency warns of risks of virtual currency – Consumer Finance
  • Attacker hunts and pwns WiFi Pineapples at DEF CON using 0day – Network World
  • Yahoo’s ad networks spread CryptoWall – Sky
  • He’s back… John McAfee surprises DEF CON and launched new web site – The Inquirer
  • WiFi collar turns “kittehs” into hackers – Silicon Republic
  • Chinese teen arrested after creating Android “Heart App” malware – SC Magainze
  • Anonymous and others hack and DDoS Ferguson police – CNET
  • Teaching kids to hack for good at DEF CON – Fox News
  • Blackphone rooted, demo at DEF CON – Ars Technica
  • Ukranian hackers claim to attack Polish web sites – Phys.org
  • SOHOpelessly broken uncovers 15 vulnerabilities in consumer routers – SOHOpelessly Broken
  • Hackers think they are above the law according to (flawed) survey – CNET
  • U.S. SuperValu supermarket chain suffers data breach – Bloomberg
  • iTunes sync is iOS’s security weak spot – The Register
  • 300Gbps DDoS leverages motherboard flaw – Tech World
  • Free iOS UnTrust tool claims to protect against Apple’s silent info sharing – Techweek
  • I hate to say it, but if you run VNC without a password you should be pwned – Naked Security
  • Forget hackers knowning down the Internet; it’s the sharks! – Huffington Post
  • Exploit released for Symantec Endpoint Protection – ISC SANS
  • Details about Finfisher nation-state espionage tools leaked – Netzpolitik.org
  • FBI exploits drive-by download on Tor to infect suspected kiddie porn criminals – Wired
  • PF Changs releases more details about June data breach – Mashable
  • New malware only infects registry; not files – Darknet
  • Hacking airplane’s entertainment systems (can’t crash planes) – RT
  • China drops Symantec and Kaspersky as approved AV vendors – PCMag
  • Sony and Microsoft’s Twitch accounts hijacked – Forbes

— Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Uncategorized Tagged With: Adobe, Black Hat, Black Hat 2014, DEF CON, Hacking, Infosec news, MonsterMind, NSA, OpenSSL, Reader, Safari, Snowden, Software vulnerabilities, Updates and patches

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • US National Cybersecurity Strategy
  • Cybersecurity’s Toll on Mental Health
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • Here Come The Regulations

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Here Come The Regulations
  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • Cybersecurity’s Toll on Mental Health
  • Successfully Prosecuting a Russian Hacker
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use