• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Patches and Pwns – WSWiR Episode 143

March 13, 2015 By Corey Nachreiner

What do DRAM, Jamie Oliver, Half Life 2, Apple, and Microsoft all have in common? They were all affected by information security issues this week. The amount of information security news coming out each day is off the charts. If you need help keeping up, check out this weekly video summary.

Today’s show covers Apple and Microsoft security updates, a new science fiction-like DRAM hack, some gamer focused ransomware, and much more. Learn about it in the video, or peruse the References section for details if you prefer.

(Episode Runtime: 10:55)

Direct YouTube Link: https://www.youtube.com/watch?v=SG5xRcNMZbc

EPISODE REFERENCES:

  • Daily Security Bytes:
    • Monday: Apple Patches Freak – Daily Security Byte EP.40
    • Tuesday: Microsoft March Patch Madness – Daily Security Byte EP.41
    • Wednesday: Rowhammer Pwns DRAM – Daily Security Byte EP.42
    • Thursday: Gamer Ransomware – Daily Security Byte EP.43
    • Friday: Jamie Oliver Hacked Again – Daily Security Byte EP.44
  • Apple’s March Patch Day
    • OS X Security Update 2015-002 – Apple
    • iOS 8.2 security update – Apple
    • Apple TV 7.1 security update– Apple
    • Xcode 6.2 security update – Apple
  • Microsoft’s March Patch Day
    • WatchGuard’s March Patch day summary post – WatchGuard Blog
    • Microsoft’s March Summary bulletin – Microsoft
    • Stuxnet’s .LNK vulnerability was not fixed until now – HP blog
  • Rowhammer Pwns DRAM
    • Google researchers’ blog disclosure about Rowhammer – Google Project Zero
    • Easy to understand Slate article on Rowhammer – Slate
    • The original research Rowhammer was based on – CMU.edu
  • Gamer Ransomware
    • Bleeping Computer unveils TeslaCrypt Gamer Ransomware – Bleeping Computer
    • Bromium post on Gamer Cryptolocker – Bromium
  • Jamie Oliver’s web site was hacked again! – Business Insider

EXTRAS:

 

  • Popular Viner alleges that a hacker deleted all his Vines – BBC
  • Ulbricht wants a new trial against Fed for allegedly hacking Tor – Wired
  • FBI looking into a bunch web site defacements allegedly from ISIS – IT Pro Portal
  • The CIA is restructuring to focus on Cyber Espionage – The Washington Post
  • The French allegedly have state-sponsored malware too – Computer World
  • The NCC Group to audit OpenSSL for security – ZDNet
  • Serious flaw in Asus routers allow local pwnage – PC Advisor
    • PoC exploit for Asus flaw – Github
  • Xiaomi smart phone ships with malware (they say it’s counterfeit) – SC Magazine
  • Can DNS help us spot malicious sites before they’re born? – The Register
  • Three charged for stealing over a billion email addresses – Phys.org
  • Anthem turned down a government audit before breach – The Register
  • US-CERT recommendations on preparing for Destructive malware – US-Cert
  • Man detained at Canadian border for not sharing his password – The Register
  • Full recording of a Window’s phone tech support scammer – CSO Online
  • New Point-of-Sale malware called LogPoS – Morphick.com
  • Malicious USB devices can fry computers – The Register
  • Adobe released an critical Flash update; get it – Adobe
  • Congress quietly pushing through CISA bill – Wired
  • The latest on Hilary Clinton’s email security issue – Business Insider
  • Major vulnerability in WordPress SEO plugin – ZDNet
  • Zoup soup franchise may have suffered a data breach – Dark Reading
  • CIA has targeted iOS for year – The Intercept
  • Malware infects router and then erases itself – TechWorld
  • Hacker says he has more info from South Korean Nuclear hack – Reuters
  • Kaspersky publishes more info about Equation Group (NSA?) malware – Securelist
  • CryptoWall 3.0 spreads via help (.chm) files – NetworkWorld
  • A new trojan can bypass CAPTCHA systems – Securelist
  • Panda AV recognizes itself as malware and breaks your computer – The Register
  • Think CSI: Cyber couldn’t get worse? Think again! – Gizmodo

— Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Security Bytes Tagged With: Apple, Cryptolocker, DRAM, Hacking, Infosec news, Jamie Oliver, Microsoft, ransomware, rowhammer, Software vulnerabilities, TeslaCrypt, Updates and patches

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • Here Come The Regulations
  • Successfully Prosecuting a Russian Hacker

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use