Another news week round up is upon us, so let us delay no further!
- Our first story of the day, courtesy of Symantec, looks at the new espionage campaign targeting Japan. The attack takes advantage of a vulnerability (CVE-2014-7247) in the Ichitaro software suite.
- Read More @ http://www.symantec.com/connect/blogs/operation-cloudyomega-ichitaro-zero-day-and-ongoing-cyberespionage-campaign-targeting-japan
- Our next story, by McAfee, is a part 2 post that looks into how Microsoft’s Sandworm patch is being subverted. Part 1 is available here.
- Read More @ http://blogs.mcafee.com/mcafee-labs/bypassing-microsofts-patch-for-the-sandworm-zero-day-even-editing-can-cause-harm
- Next, an interesting development on the Citadel banking trojan front. Looks like one of the new variants has been seeing going after password management tools. This is the first time I’ve read about a trojan going specifically after password managers. Interesting, if inevitable.
- Read More @ http://threatpost.com/citadel-variant-targets-password-managers/109493
- Next, a pretty cool development on the privacy front. Looks like, as of next year, EFF along with a number of other organizations plans to roll out a service that would provide HTTPS certificates to anyone that needs one, free of charge. Considering how expensive, and time consuming this process can be, this is great news.
- Read More @ http://threatpost.com/eff-others-plan-to-make-encrypting-the-web-easier-in-2015/109451
- Next, back to the breach stories, as STAPLES confirms that an undisclosed number of stores were breached via Point of Sale malware.
- Read More @ http://www.bankinfosecurity.com/staples-confirms-pos-malware-attack-a-7570
- Next, a look at another – fairly nasty, banking trojan named “Dridex”. While it’s method of delivery are fairly old (Word Macro’s) the capabilities are anything but. This story looks at the details behind the trojan as well as some ways to protect against it.
- Read More @ http://www.americanbanker.com/news/technology/the-dridex-threat-how-to-block-the-latest-malware-aimed-at-banks-1071291-1.html?linkId=10637800
- Next, another article on the privacy front, this time the news is not good. The USA Freedom Act, one that was suppose to curb the NSA metadata collection, failed to pass through the Senate. Suppose the modern version of the crypto-wars will continue still. A shame, but not a surprise.
- Read More @ http://www.scmagazine.com/usa-freedom-act-failed-to-pick-up-votes-needed-to-avoid-filibuster/article/384125/
- Next, an interesting report discovers that a majority of Targeted attacks exploit privileged accounts. Either through phishing campaigns, password guessing, or other similar methods. While this is hardly surprising, it’s good to see some research behind it.
- Read More @ https://threatpost.com/most-targeted-attacks-exploit-privileged-accounts/109514
- Last article of the week is an obligatory Exploit Kit related one. It looks like after nearly 8 months of absence, Neutrino Exploit Kit is back. Kaffeine takes a look at a “new” Exploit Kit making the rounds that looks to be the remade version of Neutrino.
- Read More @ http://malware.dontneedcoffee.com/2014/11/neutrino-come-back.html