• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

JP Morgan Hacked – WSWiR Episode 119

August 29, 2014 By Corey Nachreiner

Gaming DDoS, Malvertising, and U.S. Banks Breached

You really need to keep up with the latest attacks to learn how to adjust your defenses to survive. However, with so much infosec news and so little time, it’s hard for many administrators to stay current. This weekly videos tries to keep you in the loop by summarizing the top news items each week.

Today’s show covers a big DDoS campaign against gaming sites that included a diverted plane, a malicious advertising attack that infected popular web sites, and an allegedly Russian attack against U.S. banks. See the video for the details, and check the references for other stories.

If you live in the U.S., enjoy your Labor Day weekend.

(Episode Runtime: 11:26)

Direct YouTube Link: https://www.youtube.com/watch?v=T4dz4wjY5hQ

Episode References:

  • Sony PSN and other gaming services DDoSed offline – Kotaku
    • LizardSquad bomb threat diverts Sony exec’s plane – Kotaku
    • Lizard Squad DDoS Twitch streaming network – Viral Global News
  • Malvertising campaign affects Java.com and others – CIO
    • Fox-IT’s blog post on the Malvertising – Fox-IT
  • JP Morgan an four other US Banks breached – Bloomberg

Extras:

  • Microsoft has re-released the broken MS14-045 update – WP Central
  • Was Google Images hacked to show a car crash? – Jalopnik
  • How the NSA is providing a Google-like intercepted data search engine – The Intercept
  • Backoff malware has infected 1000 US businesses according to FBI – Naked Security
    • Also, new variants of Backoff found as well – SCMagazine
  • Singapore’s “Messiah” hackers faces 105 charges – Channel News Asia
  • Cyber criminals social engineer patriotic Russians into self-infection – Help Net Security
  • One of the black market information brokers from Carder.su sentenced – Help Net Security
  • Interesting OpEd on the new US “Cyber Czar” lacking any technical security background – Forbes
  • NIST warns of Secure Shell (SSH) security considerations [PDF] – NIST
  • Old ActiveSync passwords may continue to work for a bit after a change – TechRepublic
  • For the devs: Avoiding the Top 10 Software Security Design Flaws [PDF] – IEEE
  • Third-party releases unofficial patch to fix an unpatch OS X SSL flaw (already fixed in iOS) – Computer World
  • Was the mysterious and temporary Google Image hiccup a hack? – Time
  • Thousands of U.S. Android phones infected with ScarePackage ransomeware – BGR
  • FBI and DHS warn about “Google Dorking” TEN YEARS LATE! – Ars Technica
  • NIST recommendations for vetting 3rd party mobile apps – Information Week
  • Sixteen arrested in huge South Korean data breach – IT Pro
  • Fifty Norwegian oil and energy companies hit by breaches – TheLocal.no
  • Feds looking to enact new search and seizure rules that would allow them to hack suspected criminals – Network World
  • Dairy Queen Breach – Consumer Affairs

— Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Uncategorized Tagged With: breaches, Data Loss, DDoS, Hacking, Infosec news, Java.com, JP Morgan Chase, Malvertising, PSN, Software vulnerabilities, Sony, SQLi

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • Here Come The Regulations
  • Cybersecurity’s Toll on Mental Health

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use