• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Sony Breach & More – WSWiR Episode 131

December 5, 2014 By Corey Nachreiner

Operation Cleaver, FIN4, Regin, and Sony Breach

Now that cyber attacks have gone primetime, every week is filled with new information security (infosec) news, leaving administrators little time to catch up. If you’re falling behind, let our weekly video summarize the biggest security news for you.

No vacation goes unpunished.

Unfortunately, skipping last week’s video due to holidays resulted in missing a week of pretty important security news, and those revelations continued this week. In result, this weeks video covers four security stories, and is much longer than normal. The theme for the week—advanced attack campaigns and breaches.

To make thing easier, I share specific video links to each individual story below. If you don’t want to watch the whole thing at once, use the links to skip to the topics you care about. Otherwise, click play below to catch up on two weeks of infosec news, and check out the Extras section for links to many other stories.

  • Operation Cleaver: Is it Iran’s Stuxnet payback? (1:16)
  • FIN4: Phishing scheme to affect stock trades (3:11)
  • Regin: Sophisticated new spying malware (7:33)
  • Sony Pictures Breach: All Sony’s base belong to #GOP (14:14)

(Episode Runtime: 22:20)

Direct YouTube Link: https://www.youtube.com/watch?v=NX4fvTqJHWE

EPISODE REFERENCES:

  • Cylance’s Operation Cleaver report [PDF] – Cylance
    • Is Operation Cleaver Iran’s “payback” for Stuxnet? – Forbes
  • FireEye’s FIN4 report [PDF] – FireEye
    • Article describing the FIN4 Wall Street phishing scheme – BGR
    • Indicators of Compromise (IoC) for FIN4 – GitHub
  • Regin: Sophisticated new APT
    • Symantec’s report on Regin APT [PDF] – Symantec
    • Kaspersky’s report on Regin APT [PDF] – Securelist
    • Was Regin part of the Belgian ISP hack? – Firstlook
    • Some believe Regin is NSA & GCHQ malware – Mashable
  • Sony Pictures Breach
    • Initial Reddit post about alleged Sony Pictures breach – Reddit
    • Was Sony breach insider assisted attack? – The Verge
    • Sony breach exposed much more data than initially thought – KrebsonSecurity
    • Malware related to Sony breach found – Packetninjas
    • Movies leaked after Sony breach – Neowin
    • Was Sony breach done by North Korea? – Bloomberg
    • Sony breach keeps getting worse – Gizmodo
    • FBI warns of wiper malware, may be related to Sony Breach – TrendMicro

EXTRAS:

  • Don’t forget Microsoft Patch Day is coming. Seven updates – Computer World
  • Canadian government sites DDoSed after the arrest of a teenaged SWATer – Vice
  • Interview with the Craigslist hacker (web redirect) – SlashGear
  • FBI flash warning about destructive malware attacks (related to Sony?) – Dark Reading
  • Cyber threats are affected holiday purchasing behaviour (both online and at stores) – Help Net Security
  • New PoS malware kit (LusyPOS) sold on underground for $2K – Network World
  • IBM fixes critical EndPoint Manager RCE vulnerability – ThreatPost
  • OpenVPN fixes server-side DoS Vulnerability – OpenVPN
  • Add US parking garage operators to the list of PoS malware victims – The Register
  • Xbox Live went down last weekend, Lizard Squad takes credit for DDoS – PC Mag
  • An update to Adobe’s recent Flash Update – Adobe
    • Color around why Adobe had to do this quick update – The Register
    • Microsoft IE users need this new Flash update too – Microsoft
  • It seems many of use don’t really care about our online security – Slate
  • Digital Video Recorder suffers from RCE vulnerability – ThreatPost
  • Subway PoS hacker sentenced – Network World
  • Lots of potential 0day found in Windows Journal (no exploit code) – PasteBin
    • Technical blog post that inspired the research (only for InfoSec geeks) – Beyond Trust
  • The Uber app sure has a lot of access to data on your mobile – GironSec Blog
  • An e-cigarette allegedly the vector for malware – The Register
  • Be wary of attackers exploiting PowerShell via XSS – PCPro
  • Major, account-hijacking PayPal XSS, but it’s fixed – Yasserali Blog
  • Microsoft calls for international anti-hacking laws – CBR Online
  • Watch out for pre-infected smart phones (DeathRing) – Computer Weekly
  • Only one in three computers use antivirus – Information Week
  • Detekt helps you find nation state surveillance tools on your PC – Computer World
  • Craigslist DNS temporarily hijacked (prank?) – Ars Technica
  • Add BeBe Stores to the list of breached retailers – Krebs on Security
  • The DoJ is adding a unit to protect citizen’s from hacks – Re/code
  • US Senator trying to block FBI from power to backdoor software – The Verge
  • 70 Chinese nationals held for cyber attacks in Kenya – Reuters

— Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Security Bytes Tagged With: Advanced Persistent Threat, APT, encryption, FIN4, Guardians of Peace, Hacking, Infosec news, Operation Cleaver, Regin, Software vulnerabilities, Sony, Sony Breach, Sony Corporation (Computer Manufacturer/Brand), Sony Pictures Entertainment (Production Company)

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • 3CX Supply Chain Attack
  • Here Come The Regulations

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • 3CX Supply Chain Attack
  • The NSA’s Guidance on Securing Authentication
  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use