• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

WatchGuard Security Week in Review in Writing (Oct.3, 2014)

October 3, 2014 By Corey Nachreiner

iOS Trojan, BadUSB PoC, and Gamer Hackers Charged

Normally, I post a weekly video that summarizes the three biggest information and network security stories every Friday. However, due to a busy travel and work schedule I couldn’t find a convenient time to shoot. But fear not… Instead, I’ll post a written summary this week, and continue with the video posts next week. Read on for the latest security news:

  1. “First” iOS Trojan released in the wild – A mobile security company, Lacoon, claims they have found the “first” iOS trojan being used in the wild. They call the malware Xsser mRAT, and it’s related to a similar Android trojan called Xsser. If it infects your mobile device, it’s capable of stealing all kinds of information including texts, emails, passwords, and so forth. Allegedly, the malware comes from Chinese government actors targeting the Occupy Central protesters in Hong Kong. However, the trojan can only infect jailbroken iPhones.
  2. BadUSB malware exploit is now available to the public – In previous videos, I told you about the extremely dangerous new threat against USB devices. At Black Hat this year, Karsten Nohl of SRlabs showed how you could exploit flaws in USB controller firmware to create malicious USB devices that are almost impossible to detect. Thankfully, Nohl did not release Proof-0f-Concept (PoC) code for the attack, since USB manufacturers did not yet have a solution to the problem. However, this week some of his co-researchers decided to release PoC on Github during DerbyCON; apparently in hopes of pressuring USB vendors into figuring out a fix. Personally, I think this was a major mistake. While I think “full disclosure” is a good thing, I believe it should be done responsibly, after giving vendors time to protect their customers. While historically researchers have used early disclosure as a way to pressure companies to do the right thing, this is an industry-wide, standards-level vulnerability with no easy solution. All these researchers have done is make it easier for the bad guys to start exploiting this issue (IMHO).
  3. Four hacker’s charged with stealing millions in IP from Microsoft, Epic, Valve, and the military – This week, legal documents came out detailing the charges against four hackers who stole data and games from many gaming companies, and even the military. The alleged hackers are from the US, Canada, and Australia. According to documents, this group used mostly SQL injection (SQLi) techniques to steal a ton of data. They stole Xbox ONE and Xbox Live information, games like Gears of War 3, and they even stole a military Apache simulator. This case is related to the SuperDAE hacker I mentioned in a video months ago.

Thanks for following our weekly summary, and be sure to join us next week when I resume the video. Also, don’t forget to check out references to many other interesting security stories below.

Extras Story References:

  • Shellshock still not completely patched on Monday – RedWriteWeb
  • People still don’t read EULAs (give up your eldest for free WiFi) – The Guardian
  • Jimmy John’s one of among many new PoS Malware victims – The Register
  • Latest iOS bypass hack is a hoax – IBTimes
  • Latest CryptoWall variant is now signed and spreading via malvertising – Network World
  • FDA hosts workshop to improve medical device security – Information Week
  • Europol release Internet Organised Crime Threat Assessment (IOCTA) report – Europol
  • Latest study says most attacks originate in US (IPs at least) – Gizmodo
  • Ex-employees say Home Depot was slow to respond to security alarms – NYTimes
  • TOOL: Nethunter. Kali for Android Nexus – Nethunter
  • Researcher releases Metasploit exploit for popular phone scammer software – The Register
  • Satellite company engineer learns the NSA and GCHQ have been watching him – The Verge
  • Lizardsquad claim credit for Destiny DDoS outage again – Kotaku
  • Apple released their OS X Bash update – The Next Web
  • Kevin Mitnick is going to sell zero day – Wired
  • LulzSec’s Sabu got his group to attack other countries, allegedly for the FBI – Computer World
  • Xen Project reports major virtualization platform vulnerability – Xen Project
  • Xen flaw could affect Amazon web services platform – Ars Technica
  • How hackers are exploiting Shellshock – Bloomberg
  • EFF says Cop’s free ComputerCOP security software is actually spyware – ReadWrite
  • Shellshock used to target QNAP NAS devices – Tech World
  • Fake Craiglist job offers lead to malware – CBR Online
  • Meet NSA’s hacker recruiter – NBC News
  • JPMorgan admits 80M account holders information stolen – CNN
  • DARPA says the Internet will never be threat free (agreed) – v3.co.uk
  • SoCal Albertsons breached again – KTLA
  • FBI opens malware investigation portal – FBI.gov
  • Medical records worth more to attackers than credit cards – Slashdot
  • Mac flaw used to create 170K zombie strong botnet – BGR
  • Are JPMorgan’s hackers hiding? – Bloomberg

— Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Uncategorized Tagged With: Apple, Hacking, Infosec news, Internet of Things, iOS trojan, linux, Software vulnerabilities, unix, Updates and patches, Xbox

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • Here Come The Regulations
  • Cybersecurity’s Toll on Mental Health

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use