Another week worth of news coming at you. Got some good stuff this week!
- To start off this week’s post we have a story by infosecurity magazine, about Facebook getting into the botnet disrupting game. It seems to be a relatively unknown malware family that mostly spreads through social networking, and installs bit-coin mining malware. Nothing extremely exciting, but worth a mention as it’s a first takedown by Facebook.
- Read More @ http://www.infosecurity-magazine.com/view/39241/facebook-disrupts-its-first-botnet/
- Next, we have an article on a malvertising campaign that utilizes Akamai CDN to spread Exploit Kits (Nuclear Exploit Kit, in this case). Specifically, it uses Akamaihd.net subdomains. This is important, because Akamai is the largest CDN out there, so blocking this traffic can be difficult to do as you are likely to block legitimate traffic as well.
- Read More @ http://news.softpedia.com/news/Exploit-Kit-Dropped-Through-Akamai-Content-Delivery-Network-450214.shtml
- Next article comes courtesy of Krebsonsecurity.com. For those following security news, you most likely know of the “Gameover Zeus” malware family, and you also might know that about 5 weeks ago the botnet was taken down in a coordinated effort. Well, it looks like the people behind the botnet are trying to make a comeback, with some significant changes to the malware itself.
- Read More @ http://krebsonsecurity.com/2014/07/crooks-seek-rivival-of-gameover-zeus-botnet/
- Next, another botnet takedown story. Quite a few of these this week, it looks like. This time it’s the Shylock botnet that is getting hit, and that is good news as Shylock is a fairly nasty financial trojan. This time, the effort is led by the UK National Crime Agency. Let’s hope this one stays down for a while.
- Read More @ http://www.symantec.com/connect/blogs/all-glitters-no-longer-gold-shylock-trojan-gang-hit-takedown
- Last, we have an article that takes a look at the Emergency Windows Update issued by Microsoft today, in order to block a number of rogue SSL certificates issued by the National Information Centre of India. These rogue certificates could be used to impersonate Google and Yahoo websites. Been a while since we had a “rogue cert” story.
- Read More @ http://thehackernews.com/2014/07/microsoft-issues-emergency-windows.html