TV5Monde Pwned, White House Hack, and Snowden – WSWiR Episode 147

Information security threats and attacks are evolving faster than IT generalists can keep up with. If you’re falling behind in your InfoSec news, and need a quick summary, this weekly video can help.

Topics from today’s episode include, more details on an old White House breach, cyber attackers blacking out a French broadcaster, and a funny yet enlightening Snowden interview. Press play to get informed.

(Episode Runtime: 10:38)

Direct YouTube Link: https://www.youtube.com/watch?v=tLbtqmNIGsQ

EPISODE REFERENCES:

• Monday: John Oliver Interviews Snowden – Daily Security Byte EP.60
  • John Oliver interviews Edward Snowden on Last Week Tonight – YouTube
  • The Intercept comments on this John Oliver episode – The Intercept
  • A humorous site based on new context in Olivers interview (adult) – See Link
  • The Verge article referring to the site above – The Verge
• Tuesday: Fake Government Sites – Daily Security Byte EP.61
  • FBI’s PSA advisory on fake government site scam – IC3.gov
  • FBI warns of fake government sites stealing your PII – Threat Post
• Wednesday: White House Breach Unveiled – Daily Security Byte EP.62
  • CNN on how Russian hackers infiltrated the White House – CNN
  • White House attack allegedly did results in theft of sensitive data – CNET
  • USA today on White House Breach – USA Today
  • Article covering how the breach happened – Help Net Security
  • Original story on last years White House Breach – The Washington Post
• Thursday: April Apple Patches – Daily Security Byte EP.63
  • Apple’s April Patch Day Summary
    • April OS X updates – Apple
    • April iOS (8.3) update – Apple
    • April Safari updates – Apple
    • April Apple TV updates – Apple
    • April Xcode updates – Apple
  • Latest OS X update fixes over 80 vulnerabilities – ThreatPost
  • iOS update fixes Phantom flaw – ThreatPost
  • Researcher shares details about OS X root privilege flaw – TrueSecDev
• Friday: Hackers Pwn TV – Daily Security Byte EP.64
  • Alleged ISIS hackers attack TV5Monde – The Guardian
  • TV5Monde taken off the air due to cyber attack – ZDNet
  • French network blames ISIS for cyber attack – Ars Technica
  • TV5Monde expose passwords on a TV broadcast – Ars Technica

EXTRAS:

• How much Infosec truth is in TV? – Engadget
• How stolen data travels through the underground – Help Net Security
• Vulnerability in Dell software gets it marked as malware – Ars Technica
• Bad cyber security legislation could affect InfoSec research – Dark Reading
• Great article on “sinkholing” and its risks – Dark Reading
• Criminals use fake Steam pages to deliver malware – Kotaku
• A Firefox security feature exposed a new vulnerability –  Help Net Security
• Many web servers still vulnerable to Heartbleed – Business Insider
• Latest VMware update fixes old Java flaws – Security Week
• CAPTCHAs get more complex – Phys.org
• SMiShers and vishers targeting BECU customers – BECU.org
• A survey suggests attacks are getting more destructive – NBC News
• New IoT devices don’t focus on security (prediction confirmed) – Network World
• Persistent XSS flaw in WP  Super Cache plugin affects over 1M – Ars Technica
• Security researchers are the immune system of the digital age – Scientific America
• Article on the FBI’s malware – Gizmodo
• FBI warns that ISIL is exploiting WordPress flaws – IT Pro
• An article arguing that CSI: Cyber helps recruit new security pros – Cyber Defense Review
• Police chief explains why he paid cyber ransom – Ars Technica
• Watering hole attacks target specific users (Drive-bu-login) – High Tech Bridge
• Google ads succumbs to some malvertisers – Network World
• Story on a Russian Hacktivist group against Putin – The Guardian
• No NSA Congressional oversight because they lack clearance – The Intercept
• AlienSpy delivers Citadel (just another downloader) – Threat Post
• Android scareware leverages fear of malicious installers – Help Net Security
• Websense’s 2015 threat report is sobering – Websense
• US government says yes to HTTPS only – EFF
• Beebone malware morphed 19x a day – BBC
• Details on Beebone botnet takedown – Help Net Security
• Apple actually talks about removing Adware from Macs – Apple
• No surprise; people still don’t read EULAs – F-Secure
• InfoSec Europe’s annual threat survey results – InfoSec Europe
• AT&T to pay $25M fine after employee steals 300K SSNs – The Next Web
• More frequent flier accounts hacked (Lufthansa) – Reuters
• DARPA unveils tech to search for crime on the “Dark Web” – Forbes

— Corey Nachreiner, CISSP (@SecAdept)

Share This: