From nation state espionage, to Internet rights, to router hijacking emails, each week is packed full on information security (infosec) news. Even if you don’t have time to follow it in depth, you can’t afford to miss the latest intelligence. Let our weekly summary video fill you in.
Today, we cover Snowden’s public interview on Reddit, a dangerous sounding Android threat that’s not so bad, and a spam campaign that’s hijacking Brazilian routers. Press play to learn more, and check out the References for details.
NOTE: Embarrassingly, I wrote this and posted the video on Friday, but forgot to actually publish the blog post. If you subscribe to the YouTune channel you probably already noticed it, but I apologize to blog readers for publishing this post late.
(Episode Runtime: 9:52)
Direct YouTube Link: https://www.youtube.com/watch?v=ri8Sg1V8Y7k
EPISODE REFERENCES:
- Daily Security Bytes:
- Monday: Snowden Goes to the Oscars – Daily Security Byte EP.29
- Tuesday: PowerOffHijack’s a Dud – Daily Security Byte EP.30
- Wednesday: Anthem & SIM Heist Updates – Daily Security Byte EP.31
- Thursday: Net Neutrality Wins – Daily Security Byte EP.32
- Friday: Phishing Pops Routers – Daily Security Byte EP.33
- Snowden, Poitras, and Greenwald do a Reddit AMA – Reddit
- PowerOffHijack is not so bad:
- PowerOffHijack spies when you phone is “off” – Slashgear
- AVG’s source research on PowerOffHjiack – AVG
- The Android PowerOffHijack isn’t as bad as it sounds – Tech Republic
- Anthem & SIM Heist updates:
- Net Neutrality pass the FCC:
- FCC votes to pass Net Neutrality changes – Ars Technica
- Long form article on why provides don’t like Net Neutrality – Ars Technica
- Is the Net Neutrality battle over… nope – Gizmodo
- Security implications of Net Neutrality – SANS
- Spam leads to hijacked routers:
EXTRAS:
- Suit against Lenovo for Superfish – Tech Radar
- Almost half (44%) of attacks use 2 to 4 yr old vulnerabilities – Computing
- Is the TurboTax fraud related to the Anthem breach – Forbes
- PrivDog similar to Superfish – Tech Week
- More products affected by the Superfish issue – Ars Technica
- Yahoo exec grills NSA director on built in “golden keys” – BBC
- More on the NSA/Yahoo showdown – Network World
- NSA Director is grilled about “backdooring” encryption – Tech Dirt
- Chrome continues to warn you of shady web stuff – PC World
- Need an extra $3M? Find this Russian hacker – Times
- This bounty is for the Zeus/Cryptolocker botherder – SC Magazine
- More on why this guy has a $3M bounty – The Telegraph
- Google releases a beta web app scanner – Google
- Hacking Telegraph’s (iOS app) encryption – Zimperium
- Israeli defense suffers from a spear phishing attack – Xedie
- $162M = The cost of the Target breach so far – Techcrunch
- Al Jazeera says they have hundreds of nation state intelligence documents – Business Insider
- NCA claims to have taken down the Ramnit botnet – BBC
- Remote code execution flaw found in Samba server – Redhat
- Another WordPress plug-in flaw imperils millions – Ars Technica
- Wired goes more in depth on NSA firmware hack – Wired
- UK parking ticket payment site suffers from a customer data breach – Neowin
- Trend Micro’s Arid Viper report cause claimed innocent to run – Forbes
- Trend Micro shares updates on Arid Viper – Trend Micro
- Lizard Squad takes credit for Lenovo site hack – Winbeta
- The Lenovo hijack accomplished via an upstream registrar – Ars Technica
- Moxie Marlinspike is over GPG – Thoughtcrime
- This password reset is too easy – CNET
- Latest threat attaching malware to PNG images – Cisco
- Clapper says Iran was behind the Las Vegas Sands cyber attack – Bloomberg
- Firefox 36 fixes 16 vulnerabilities; three critical – Threatpost
— Corey Nachreiner, CISSP (@SecAdept)
Leave a Reply