Backdoors and Watering Holes – WSWiR Episode 162

Cyber security has become mainstream. Nowadays, there’s more information security (infosec) stories each week than the average IT professional can keep up with. If you find yourself falling behind, let our daily and weekly videos keep you informed. If you watch my Daily Security Bytes, you can probably skip this weekly summary. However, if you prefer to recap the week in one go, this video is for you.

This week’s episode includes surprising new updates to the Ashley Madison hack, a backdoor in a bunch of consumer routers, and a watering hole attack targeting the EFF. Watch the video below for the scoop, and check out the references section for more.

(Episode Runtime: 8:41)

Direct YouTube Link: https://www.youtube.com/watch?v=DkcT9sFEfWc

Show Note: A couple notes this episode. First, while I posted last week’s summary video to YouTube, I was not able to blog about it due to my early week travel. If you missed it, you can view it here, or just subscribe to my YouTube channel to see my videos right when they come out. 

Also, I will be traveling in Europe all week to attend WatchGuard partner conferences. I will try to post some videos, but I probably won’t get to one every day, and will post them at unusual times. 

EPISODE REFERENCES:

• Monday:
  • N/A
• Tuesday:
  • N/A
• Wednesday: Ashley Madison Extortion – Daily Security Byte EP.131
  • Two suicides allegedly associated with AM breach – Ars Technica
  • Biderman email leaks suggest AM CTO hacked competitors – Krebs on Security
  • Four class action suits against AM in the US – Motherboard
  • Attackers extorting AM hack victims for 1 BTC – TechCrunch
  • Research cracks 4000 AM passwords (despite bcrypt) – Motherboard
  • Canadian fed investigates AM for privacy issues – Motherboard
  • AM hacked played “Thunderstruck” on victim computers – Business Insider
  • Toronto police investigating AM breach and offering reward – Motherboard
  • Eccentric John McAfee claims AM hack is the work of lone female ex-employee – IBTimes
  • Krebs and his researchers also think they’ve found the hacker – Krebs on Security
  • Few women really on Ashley Madison – Gizmodo
  • Noel Biderman, Ashley Madison’s CEO, resigns – Wired
• Thursday: Backdoor in Multiple DSL Routers – Daily Security Byte EP.132
  • US-CERT advisory on consumer router backdoor – CERT.org
  • Original vulnerability advisory for LTE router – CERT.org
  • Article describing the hardcoded password in a bunch of DSL routers – The Register
• Friday: EFF Watering Hole Attack – Daily Security Byte EP.133
  • EFF’s blog post about a spear phishing campaign using their name – EFF.org
  • Tech article describing this fake EFF site attack – Ars Technica

EXTRAS:

• My tech analysis for episode 9 of Mr. Robot – GeekWire
• Adobe settles the old 2013 breach case – V3.co.uk
• Netcraft research shows 600k+ Win2K3 servers on the Internet – Netcraft
• Eugene Kaspersky reacts to last week’s allegations – Kaspersky.com
• Cornell paper on ambient sound as an auth factor [PDF] – ARXIV.org
• Bittorrent used to power DDoS Attacks – Ars Technica
  • USENIX research paper on the Bittorrent DRDoS [PDF] – USENIX
• Plenty of fish dating site pushed to malware via ads – Malwarebytes
• Portmapper; yet another reflection friendly for DDoSer – Level3
• Hackers already using the IE 0day on Hong Kong sites – The Register
• IRS says their database breach was bigger than first mentioned – Time
• Botnet clean up efforts seems to be useless – The Register
• Research finds flaw in United’s Mileage app – Motherboard
• Hacking satellites is simple?! – Motherboard
• Good article on the actual security tech used in Mr. Robot – Wired
• You can’t change your fingerprint (something I’ve said before) – ZDNet
• @DadSecurity is DDoSing and SWATing Mumsnet – IT Pro Portal
• Angler EK increasing malvertising 325% – SC Magazine
• Ins0mnia: Patched iOS flaw allows apps to break backgrounding rules – Fireye
• Video demonstration of Ins0mnia – YouTube
• Researchers steal Gmail creds for Samsung Smart Fridge – Betanews
• Long-form article on the car hacking era – Ars Technica
• FTC holding Wyndham liable for lack of security – Bloomberg
• Amazon drops Flash ads due to malvertising – Tech Week
• Researcher finds flaws in less popular Android browsers – The Register
• Australia’s primary telco serving malvertising from website – The Register
• 3D printer high heels hid hacking kit – The Register
  • Researchers Imgur post of the hacking heels (slight NSFW) – Imgur
• Netflix dropping traditional AV – Forbes
• Sundown EK using the latest IE vulnerability – SC Magazine
• Ex-security company employee pleads guilty to creating Dendroid kit – SC Magazine
• NIST recommends energy industry use better auth & access control – Computer World
• Phishing education does work according to Poneman research – CIO
• Github DDoSed again for hosting anti-Great Firewall software – Motherboard
• Illegal Dark Web sites shuts down due to Tor weakness – Ars Technica
• US Gov. does use a drone to kill a hacker (ISIS terrorist) – TechDirt
• Paypal fixes a critical XSS flaw – Betanews
• AutoIT tool leveraged by malicious RAT – The Register
• Adobe releases a ColdFusion update – Threat Post
• UK police arrest teens who use Lizard Stressers DDoS tool – Engadget

— Corey Nachreiner, CISSP (@SecAdept)

Share This: