Want to know what went on this week in the InfoSec world? Well then, check out my weekly security news recap video. This week I cover a ton of software security patches, news of China’s DDoS and man-in-the-middle tool, and the latest drama in the Sony breach saga. Press play to learn more, and enjoy your weekend.
(Episode Runtime: 13:25)
Direct YouTube Link: https://www.youtube.com/watch?v=uBeOUz40tws
EPISODE REFERENCES:
- Monday: China’s Great Cannon – Daily Security Byte EP.65
- Citizen Lab researchers uncover China’s Great Cannon – CitizenLab
- Ars Technica on the Great Cannon – Ars Technica
- Motherboard covers China’s Great Cannon – MotherBoard
- Tuesday: Patches, Patches Everywhere- Daily Security Byte EP.66
- Consolidated alert covering Microsoft’s April Patch Day – WatchGuard Blog
- Adobe’s Patch Day
- Flash security bulletin – Adobe
- ColdFusion security bulletin – Adobe
- Flex security bulletin – Adobe
- Oracle’s Critical Patch Update (CPU) for April – Oracle
- Google fixes dozens of Chrome vulnerabilities – ThreatPost
- Wednesday: APT Spy vs. Spy – Daily Security Byte EP.67
- Kaspersky’s report on Naikon vs Hellsing – Securelist
- Article on the rival APT gangs – Ars Technica
- Thursday: Wikileaks Spread Sony Dirt – Daily Security Byte EP.68
- Wikileaks creates searchable database of stolen Sony files – The Seattle Times
- Sony condemns Wikileaks for leak – Reuters
- Sony breach investigators interviewed on 60 minutes – TechTarget
- Friday: Match.com InfoSec Fail – Daily Security Byte EP.69
- Reporter demonstrates clear text login for Match.com – Ars Technica
- Twitter users tips Ars reporter to the issue – Twitter
- Not sure how long the issue has gone on – Twitter
- Netflix to default to HTTPS – Ars Technica
EXTRAS:
- Security researcher yanked from a plane by FBI after making a hacking joke – Network World
- Oracle Quarterly Patch Day; 98 flaws fixed – Oracle
- Decade long Chinese cyber espionage campaign (APT 30( [PDF] – FireEye
- Cylance finds an new SMB weakness – Reuters
- Schneier really things IoT security is a disaster – Network World
- Web app attacks, PoS malware, and cyber espionage lead the threat landscape – Computer World
- Five out of six companies targeted by cyber attacks – Computer Weekly
- Voting machines are hackable again (no surprise) – The Guardian
- The latest airplanes are hackable story – Reuters
- 90% of security events are user based – Computer World
- Punkey: New PoS malware – Betanews
- 0day exploits sold on the Dark Web (old news) – Wired
- Google not paying back a customer for cyber fraud – The Register
- Google moving ads to HTTPS too – TechCrunch
- Evasive new banking malware – PC Advisor
- Sounds like CSI:Cyber is still bad – Gizmodo
- Kaspersky can decrypt CoinVault ransomware – Extremetech
- MineCraft DoS vulnerability – Ubergizmo
- DEA buying suspect off-the-shelf malware – Gizmodo
- Simda botnet takedown! – Ars Technica
- White House pushing for crypto backdoor – TechDirt
- Small Banks targeted by cyber attackers – Third Certainty
- Verizon says mobile threats are overblown – Engadget
— Corey Nachreiner, CISSP (@SecAdept)
Leave a Reply