Evasive Malware & No More Patch Day – WSWiR Episode 151

In one short week there’s been two new variants of evasive malware, a zero day flaw in a popular blogging framework, some proof-of-concept GPU malware, and a major change to the biggest OS vendor’s patching cycle. How is one poor IT guy to keep up with this every changing Information Security (InfoSec) news? Don’t worry. We got you covered in our weekly InfoSec news round up!

Last week’s episode details that evasive malware and how WatchGuard helps, informs you of the important changes in Microsoft Patch Day, and warns you about the latest Lenovo security flaws. Watch the video for all the details, and check out the Reference section if you’re curious what else happened last week.

As an aside, I’m experimenting with the timing of this weekly blog post. While I will continue to post the weekly video on Friday, I will schedule this blog post the Monday after. If you’d rather see the video on Friday, be sure to subscribe to the YouTube channel.

(Episode Runtime: 14:03)

Direct YouTube Link: https://www.youtube.com/watch?v=hGEPKUqR1mU

EPISODE REFERENCES:

• Monday: Uber Account Hacking – Daily Security Byte EP.75
  • Uber accounts hijacked in the United States – Motherboard
  • How hackers are likely cracking Uber accounts – Motherboard
  • Original Uber account hacking story from last March – Motherboard
• Tuesday: Rombertik Destruction – Daily Security Byte EP.76
  • Cisco’s Talos group research on Rombertik – Cisco
  • General article on Rombertik – The Register
• Wednesday: Bye Bye Patch Day – Daily Security Byte EP.77
  • Microsoft ditches their monthly Patch Day – PCMag
  • Another interesting security announcement from Ignite – Ars Technica
    • Preview Advanced Threat Analytics – Microsoft
  • Microsoft’s Ignite Conference (if you hadn’t heard of it) – Microsoft
• Thursday: Lenovo Security Fail – Daily Security Byte EP.78
  • Security advisory detail three new Lenovo Software Update flaws – IOActive
  • Article about the latest Lenovo security fail – Gizmodo
• Friday: WatchGuard Sees Evasive Malware – Daily Security Byte EP.79
  • Latest Dyre variant evades sandboxes – Seculert
  • Cisco’s Talos group research on evasive Rombertik – Cisco
  • How WatchGuard APT Blocker catches evasive malware (via LastLine) – LastLine

EXTRAS:

• The FBI has a dossier on DEF CON’s “Spot the Fed” – Motherboard
• Cyber attacks cost health industry $6B a year – Bloomberg
  • Short video on why health attacks are on the rise – Bloomberg
• Another 0day flaw in a WordPress plug-in – ZDNet
• WordPress also patches the older 0day flaw – Tech Spot
• Ex-NSA researcher reiterates that Mac are vulnerable too – The Register
• Teams release PoC trojans for GPU malware – Ars Technica
• Latest Google & university research finds 5M adware victims – Tech Radar
• Congress continues to push NSA backdoors despite weak public support – Tech Dirt
  • A more “colorful” article on this topic – The Register
• More support for HTTPS everything – Phys.org
  • As well as EFF’s latest post supporting HTTPS – EFF
  • Meanwhiile, Zuckerberg won’t allow HTTPS on Internet.org – Tech Dirt
• Chrome’s Password Alert keeps failing – Network World
• Congress wonders why the DEA is buying hacking tools – Motherboard
• China blames country traffic hijacking on hackers – Motherboard

— Corey Nachreiner, CISSP (@SecAdept)