Hot Girls Help Hackers – WSWiR Episode 138

The information security (infosec) industry is fast paced, and attackers change tactics every week. Do you have trouble following the latest attacks and security news? Well, our regular infosec video is here to help.

Today’s episode covers attackers masquerading as hot girls, a zero day IE11 flaw, malicious Google Play apps, an one of the largest healthcare data breaches. Watch the video for details on all that an more, and visit the Reference section for links to other stories.

(Episode Runtime: 10:50)

Direct YouTube Link: https://www.youtube.com/watch?v=EjDCoG7RxsY

EPISODE REFERENCES:

• Daily Security Bytes:
  • Monday: Syrian Honey Trap – Daily Security Byte EP.16
  • Tuesday: IE11 0day XSS Flaw – Daily Security Byte EP.17
  • Wednesday: Malicious Google Play Apps – Daily Security Byte EP.18
  • Thursday: Huge Healthcare Breach – Daily Security Byte EP.19
  • Friday: Who Cares About Lovely Horse? – Daily Security Byte EP.20
• “Hot girls” honey trap:
  • “Hot Girls” are still an effective lure, even among nation-state attackers – Gizmodo
  • FireEye’s report on the Syrian “Hot Girl” attack campaign [PDF] – FireEye
• Zero day IE 11 XSS vulnerability:
  • New XSS vulnerability affects IE 11 running on Windows 8.1 – Computer World
  • Full Disclosure post about the flaw – Seclists
  • Follow up post on Full Disclosure – Seclists
  • Proof-of-Concept exploit illustrating the issue – Packet Storm
• Malicious app on Google Play:
  • Avast customer finds Google Play apps maliciously forcing ads – Avast Forum
  • Avast blog post about the issue – Avast
  • Ars’ take on the Google apps delivering malicious ads – Ars Technica
• Huge Anthem bata breach:
  • Anthem CEO’s letter to customers about the breach – Anthem
  • FAQ telling Anthem customers what they can do – Anthem
  • CNN story on the Anthem date breach – CNN
  • Already claims of the Anthem hack coming from China – Bloomberg
  • Krebs  covers China’s alleged link to Anthem hack – Krebs on Security
• Operation Lovely Horse:
  • GCHQ uses researchers public feeds to get information – The Intercept
  • Another article about the Lovely Horse campaign – Computing

EXTRAS:

• 80% of Tor traffic is not as gross as FBI alleges – Wired
• Silverlight targeted in exploit kits too – Zscaler
• That “adult” video on Facebook might be malware – The Guardian
• TopFace pays off cyber criminals; bad move – Tech World
• Google’s revamped security warnings may have made things worse – The Register
• Fake Google Chrome update used to spread Ransomware –   CBR Online
• White House asks for a 10% increase in cybersecurity spending – Computer World
• Could this new “wrinkle” prediction theory affect fingerprint biometrics? – MIT
• Tor, the technology of the “Darknet,” has legitimate purpose – Computer Weekly
• One good reason to avoid adult videos on Facebook – The Inquirer
• WOW! A third Flash 0day. This is getting old – Forbes
  • Make sure you’ve patched the third Flash 0day flaw – Ars Technica
• A 2015 Security Prediction roundup – ZDNet
• The US Army open source’s their Dshell forensic tool – Github
• InfoSec lessons from the 2015 SuperBowl – Information Week
• Google to prove grants for security research – ThreatPost
• The Great Firewall of China more aggressively blocking VPNs – WSJ
• Raptr gaming social network had data leak – Help Net Security
• Microsoft to make security by design a priority to protect IoT – IT Pro
• Full Disclosure post about the flaw – Seclists
• Follow up post on Full Disclosure – Seclists
• More details on GHOST exploited by WordPress – SpiderLabs Blog
• Internet-connected “Adult” toys suffer security flaws (potentially NSFW) – Forbes
• Chrome beta is moving forward on calling non-HTTPS sites insecure – CNET
• GHOST can also get exploited through WordPress – Network World
• Security vulnerability could allow thiefs to steal your BMW – Phys.org
• Brokers and financial advisors often targets of cyber attacks – Reuters
• Recent research show criminals are more sophisticated the state actors – Naked Security Blog
  • Actual paper on evaluating different groups exploit skill [PDF] –  Sophos
• Web masters should watch for RansomWeb attacks – The Guardian
  • Documented case of the attack – High-Tech Bridge
• Outlook for iOS allegedly has bad security – The Register
• Arsenal football (soccer) team has bad site security – The Verge
• Malicious ads piggy-back on Grindr app – The Register
• FreeBSD administrators should update – ThreatPost
• Sage Pay temporarily re-introduces POODLE – The Register
• US says China need to stop its espionage campaigns – Politico
• Google claims to have blocked half a billion bad ads – Tech Week
• Breach cost Sony from 15-35M so far – Computer World
• One security firm claims the Sony hack came from Russia – Forbes
• Is the US using security fear to pay for cyber snooping? – The Guardian
• More malvertising, this time from HuffPo and others – Computer World
• Operation Pawn Storm includes iOS malware – Dark Reading
  • Trend Micro’s blog post on Pawn Storm – Trend Micro
• Ulbricht convicted on all counts for running the Silk Road – Bloomberg
• Zero day vulnerability in WordPress FancyBox plugin – ThreatPost
• A playlist for the MotherBoard Hacking video series – YouTube
• Sony Picture’s co-chair steps down due to embarrassing leaked emails – The Guardian
• Lizard Squad claim to be starting new Silk Road-like site – CBR Online
• Learn about passport security features from forgery pros – Gizmodo
• Siemen’s patches vulnerabilities in industrial wireless gear – Network World
• Apparently the US government’s drones still have basic security flaws – Wired
• Fake gaming chat app comes with malware – PC World
• Ransomware; alive and well, and growing – CSO Online
• Interested in web exploit kits in gorey technical detail, read this – blog.0x3a.com
• UK court rules Prism spying unlawful – NY Times
• Good opinion piece on governments and information security attacks – Big Think
• Linux DD0S malware and rootkit – PC World
• Do a DDoS, go to jail – Computer Weekly

— Corey Nachreiner, CISSP (@SecAdept)

Share This: