Cool News Story Bro! Week of 10-24-2014

by Otakun
Categories: News
Comments: Leave a Comment

Hey Guys! Another week of news, though a bit slow this week, let’s get to it!

  1. Exploit For Patched Flash Vulnerability Already In Two Exploit Kits

    1. Starting off this week with some Exploit Kit news. Looks like the most recent Flash vulnerabilities are already integrated into the “Fiesta” and “Angler” Exploit Kits. This is pretty fast turnaround even for the Exploit Kit scene.
    2. Read More @ http://threatpost.com/exploit-for-patched-flash-vulnerability-already-in-two-exploit-kits/108972
  2. Researcher Finds Tor Exit Node Adding Malware to Binaries

    1. This is a really interesting article. Apparently a research has discovered a Tor Exit node that was patching binaries that users were downloading with malware. It does highlight an interest issue with TOR, as a way malware writers can abuse the service.
    2. Read More @ http://threatpost.com/researcher-finds-tor-exit-node-adding-malware-to-binaries/109008
  3. Malvertising impacts Yahoo, AOL visitors, spreads ransomware

    1. Next, another Malvertising article. These seem to be popping up almost every week now. This time it looks like a number of Yahoo, and AOL sites are affected, as well as Match.com. The malicious ads lead to “FlashPack” Exploit Kit and CryptoWall ransomware.
    2. Read More @ http://www.scmagazine.com/web-pages-managed-by-yahoo-aol-and-matchcom-contain-malicious-ads/article/379016/
  4. Patch for Windows flaw can be bypassed, prompts temporary fix from Microsoft

    1. So it looks like the patch for the “Sandworm” vulnerabilities in Windows needs a patch. It appears that the patch can be bypassed which has prompted Microsoft to issue a temporary workaround until a new patch is released.
    2. Read More  @ http://www.scmagazine.com/patch-for-windows-flaw-can-be-bypassed-prompts-temporary-fix-from-microsoft/article/378781/?publishDate=False&timestamp=635496776510848541#
  5. SEDNIT malware delivered in ‘Operation Pawn Storm

    1. Next, we have a new APT campaign, identified by TrendMicro as “Operation Pawn Storm” that have been targeting various government entities, as well as military contractors. They are primarily using the SEDINT infostealer malware family.
    2. Read More @ http://www.scmagazine.com/sednit-malware-delivered-in-operation-pawn-storm/article/379021/
  6. JPMorgan: Hackers Had Access to 90 Servers for Two Months

    1. Lastly, another update to the “JPMorgan” hack. New details allege that the hackers have had two month access to their servers prior to being discovered. This is quite a significant amount of time obviously, but when you remember that average time until discovery for network breaches is about 230 days, it could definitely be worse.
    2. Read More @ http://www.infosecurity-magazine.com/news/jpmorgan-hackers-had-access-to-90

Leave a Reply

Your email address will not be published. Required fields are marked *

Today is Friday