• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Cisco Patch, Twitch Breach, and BitWhisper – WSWiR Episode 145

March 27, 2015 By Corey Nachreiner

If you want to be the best woodchopper, you need to sometimes sharpen your tools. In information security, this mean keeping track of the latest threats, vulnerabilities, attack methods, and news. Yet, most IT folks barely have the time to go home and sleep. If you struggle to follow security news yourself, my weekly video summarizes the big stuff for you.

In this week’s episode, I cover a new unlikely attack technique, warn you about dangerous documents, and notify you of the latest router patches. See all this and more in the video below, or just follow the links in the Reference section if you prefer.

(Episode Runtime: 11:18)

Direct YouTube Link: https://www.youtube.com/watch?v=ydnP5dZCeGA

EPISODE REFERENCES:

  • Monday: Twitch Account Breach – Daily Security Byte EP.50
    • Twitch account warning blog post – Twitch
    • Article on all Twitch accounts getting reset – Network World
    • Twitch makes passwords short after the breach. What!? – IT Pro
    • Twitch Attack probably included CC data – The Inquirer
  • Tuesday: BitWhisper: Hacking with Heat – Daily Security Byte EP.51
    • Ben-Gurion Cyber Security lab post on Bitwhisper – BGU.ac.il
    • Great Wired article on Bitwhisper –Wired
    • What is TEMPEST – Wikipedia
    • More information and videos about TEMPEST – Climate Viewer
  • Wednesday: Disregard Dangerous Documents – Daily Security Byte EP.52
    • Macro-based malware gaining traction – Help Net Security
    • Trend Micro reports on increase in macro malware –Trend Micro
  • Thursday: Win2003 EoL Danger – Daily Security Byte EP.53
    • Microsoft Windows Server 2003 migration page – Microsoft
    • Death of Win2003 is a big security threat – IT Pro Portal
    • Five security risks with Win2003 EoL – CIO
  • Friday: Cisco Routers Need Patching – Daily Security Byte EP.54
    • Cisco IOS admins should get the latest patch – Computer World
    • Cisco’s advisory on IOS ANS vulnerabilities – Cisco

EXTRAS:

  • Car hacking history (I made this prediction in 2010) – CNET
  • Canadian Government into cyber espionage too – The Intercept
  • Over 700K ISP issued routers still suffer from old vulnerabilities – PC World
  • Interesting OpEd on whether or not DNSSEC is worth it – The Register
  • Apple seems to be removing some iOS anti-malware apps – The Register
  • Windows Mobile password unmasking vulnerability – Windows Central
  • Protecting the power grid – USA Today
  • $60 dollar car hacking tool – Wired
  • Interpol says bad guys can hide porn and malware in virtual currencies – Kaspersky
  • Akamai says most 2014 attacks came from China (US a close 2nd) – Network World
  • PoSeiden: Cisco finds new PoS malware – Tech Radar
  • New debugger helps find integer overflow vulnerabilities – Threatpost
  • Attackers can still hijack APK installers to force Android malware – PCMag
  • “ISIS hacker” probably just searched google – Motherboard
  • Ransomware hits New Jersey school – iDigitalTimes
  • New RC4 weaknesses exposed
    • The RC4 Bar Mitzvah attack – Security Week
    • Dark Reading covers Bar Mitzvah – Dark Reading
    • Two RC4 weaknesses disclosed recently – Ars Technica
  • What out for Apple-themed phishing emails – Help Net Security
  • More “adult” sites (Xtube) redirecting to malware – Help Net Security
  • Many hotels exposed to router vulnerability – Wired
  • Blue Coat tries to cover up a security talk – Forbes
  • New router malware injects Ads and porn into other websites – Digital Trends
  • Another Bitcoin exchange hacked (why do ppl use it?) – ZDNet
  • Github suffered a DDoS attack on Thursday – Motherboard
  • Let dice help with long passphrases – Gizmodo
  • Your Fitbit is probably not that secure (big surprise there) – IT Pro Portal
  • Spear Phishing is the most popular APT technique – Tech Crunch
  • Attackers gained access to working Google certs again – ZDNet
  • Top 10 web hacking techniques of 2014 – Whitehat Security
  • Unpatch Amazon XSS flaw – The Inquirer
  • All browsers hacked (as usual) at Pwn2Own – BGR
  • Kevin Mitnick hacked the audience at CeBIT – PC Pro

— Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Security Bytes Tagged With: cisco, cisco ios, cyber security, Hacking, Infosec news, Malicious documents, Microsoft, Security breach, Software vulnerabilities, TEMPEST, Twitch, Windows Server 2003

Comments

  1. homepage says

    December 24, 2015 at 10:58 pm

    If you would like to grow your experience only keep visiting this website and be updated with
    the hottest information posted here.

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • 3CX Supply Chain Attack
  • Here Come The Regulations

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • 3CX Supply Chain Attack
  • The NSA’s Guidance on Securing Authentication
  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use