Chinese DDoS, Cyber Sanctions, and Dyre Wolf – WSWiR Episode 146

I can barely keep up with my daily work tasks and home errands; How do you expect me to know the latest information security news?

Does that sound like you? If so, this security video was designed to help. I cover an important security story every day, and then summarize them all in this quick weekly video. Check it out to keep informed.

Today’s episodes has stories about nation-state sponsored DDoS attacks, President Obama’s latest cyber security executive order, a banking trojan that relies on a phone scam, and much more. Watch the video, and check out the references for more detail.

(Episode Runtime: 12:11)

Direct YouTube Link: https://www.youtube.com/watch?v=vLUAUTvSNoQ

EPISODE REFERENCES:

• Monday: Hackers Pilfer Air Miles – Daily Security Byte EP.55
  • BBC article on unauthorized British Airway account activity – BBC
  • BA admits frequent flyer account hacks – V3.co.uk
  • Users point out account issues on Flyertalk forums – FlyerTalk
  • British Airway’s FAQ on the incident – British Airways
• Tuesday: Chinese GitHub DDoS – Daily Security Byte EP.56
  • WSJ says attack comes from China due to anti-censorship tools – WSJ
  • GitHub DDoS attack continues to evolve over four days – Motherboard
  • GreatFire accuses Cyber Administration of China (CAC) for DDoS – Greatfire.org
  • China responds to accusations – ZDNet
  • Technical details around Biadu/Github hack – Netresec
  • Github survives five days of DDoS – The Next Web
• Wednesday: Obama Orders Cyber Sanctions – Daily Security Byte EP.57
  • White House cyber attack executive order  – Whitehouse.gov
  • White House’s FAQ on today’s executive order – Whitehouse.gov
  • Article on President’s cyber executive order – Engadget
  • Hacking is a national emergency – Motherboard
• Thursday: Google vs. CNNIC – Daily Security Byte EP.58
  • Blog post on unauthorized Google certificates and CNNIC involvement  – Google
  • Article about Google removing CNNIC CA from Chrome – The Verge
• Friday: The Dyre Wolf Bites – Daily Security Byte EP.59
  • IBM details the Dyre Wolf banking attack campaign – Security Intelligence
  • Original post on the Dyre banking trojan – Security Intelligence
  • Dyre Wolf attackers still over $1M from businesses – NBC News

EXTRAS:

• DDoS against Seattle Times site too (unrelated to GitHub) – Seattle Times
• Slack suffers a data breach – Tech Central
  • Slack’s advisory, they handle the breach well, IMHO – Slack
• Uber credentials being sold on the underground market – Threatpost
• Taiwan wants to partner with US against Chinese hackers – The Diplomat
• Two Feds associated with Silk Road charged with fraud – NY Times
• DEA agent alleged to be a paid Silk Road mole – Wired
• A shooting at NSA’s gates – Motherboard
• Symantec’s blog post in their discovery – Symantec
• An “Ask Me Anything” from /r/darknetmarket moderator – Reddit
• Authorities subpoena Reddit’s Darknet market – Wired
• Great example of a phone scam – Teche Blog
• How zmap was used to scan for FREAK vulnerability – Mashable
• Puush screen sharing web app infected with malware – SC Magazine
• Checkpoint report alleging a Lebanese cyber espionage campaign [PDF] – CheckPoint
• Tuesday is World Backup Day – World Backup Day
• mDNS leveraged in DDoS attack – Network World
• YouTube closes a hole that hackers could’ve used to delete videos – ZDNet
• Criminal DarkNet (Tor) sites under attack – Forbes
• Fake PirateBay sites forcing WordPress visitors to malware – The Register
• Grab the latest Firefox (37) security update – Tom’s Hardware
• EFF says the US government still hoards 0day – The Register
• New trojan allegedly targets ME energy sector – Ars Technica
• CISA bill due to hit Senate – The Intercept
• Sony making customers pay for account fraud – Uber Gizmo
• 3rd party audit doesn’t find backdoors in NSA’s TrueCrypt – BetaNews
• Google reposts how it’s improving Android security – The Register
• Snapchat blocks 3rd party apps for security – Digital Trends
• Research finds vulns in online wind turbines – Motherboard
• Another teen pleads guilty to Value and Microsoft game hacking – The Register
• HTTPS usage could have protected Github from DDoS – Computer World
• New malware targeting energy companies
  • Symantec’s original Trojan.Laziok research – Symantec
  • Ars article on the energy sector trojan – Ars Technica
• Premera audit turned up vulnerabilities weeks before breach – Business Insider

— Corey Nachreiner, CISSP (@SecAdept)

Share This: