2014/12/13

Cool News Story Bro! Week of 12-12-2014

by Otakun
Categories: News
Tags: No Tags
Comments: Leave a Comment

Hey All!

Welcome to another edition of our weekly news roundup. As usual, we have some good stuff for you, so let’s just jump in.

  1. British ‘Porn Filter’ Blocks Access To Chaos Computer Club

    1. First story of the week is on the privacy and censorship front.  It looks like the recently implemented British “Porn Filter” has had some unintended consequences. It has blocked access to the well known “Chaos Computer Club”. While their site can hardly be classified as “porn” this stuff will happen. Anyone that has worked with proxies, and content filtering in general can attest to their imperfect nature when it comes to blocking. Whether it’s miscategorization, human error, or simply technical limitations it’s technology that is error prone and hardly ideal for deployment on this type of scale. I am sure this is only the first of many similar stories we will see over the coming months, regarding such content filtering implementations.
    2. Read More @ http://ccc.de/en/updates/2014/ccc-censored-in-uk
  2. Feds probe threats against Sony Pictures employees’ families

    1. Next, back to Sony Pictures news. It looks like the feds are investigating threats made against families of the Sony Pictures employees. Threatening E-mails claiming to be by the GOP, the group responsible for the hack were supposedly sent to certain employees.
    2. Read More @ http://www.afterdawn.com/news/article.cfm/2014/12/06/feds-probe-threats-against-sony-pictures-employees-families
  3. Sony Reportedly Is Using Cyber-Attacks To Keep Leaked Files From Spreading

    1. Next, we stay with the SPE themed news posts. Reports are surfacing claiming that Sony is using DDoS attacks in order to limit spread of the information leaked through the breach. Supposedly, they are utilizing servers in Asia to do this. I have to say, this is a bad move, in my opinion. Let’s face it, once the files are out there, there is no stopping it, and this is a bad delay tactic at best. Not to mention the fact that it should by all means be illegal, as plenty have been prosecuted for DDoS attacks prior, this should be no different.
    2. Read More @ http://www.slate.com/blogs/future_tense/2014/12/11/sony_pictures_is_using_ddos_attacks_to_keep_its_leaked_files_from_spreading.html
  4. Congress Passes Bill Allowing Warrantless Forfeiture of Private Communications

    1. Another story on the privacy front. It looks like Congress passed a bill to allow warrantless forfeiture of private communications. Well, this was apparently already allowed due to an executive order that was in affect since the Reagan years, but it does not bode well for privacy when we are still putting a stamp of approval on bills such as this, despite the Snowden leaks and other similar ones that we have witnessed over the previous years.
    2. Read More @ http://thehill.com/policy/technology/226752-gop-rep-attempted-late-bid-to-kill-spy-bill
  5. Cloud Atlas: RedOctober APT is back in style

    1. Now for some news on the APT front. For those familiar with the “Red October” campaign from earlier this year/last year it looks like the same group is back with a new campaign, dubbed “Cloud Atlas”. Number of similarities between campaigns were highlighted by the Securelist report. Good read as usual. For those interested, they link to the “Red October” write up as well in the article and is also an excellent read.
    2. Read More @ https://securelist.com/blog/research/68083/cloud-atlas-redoctober-apt-is-back-in-style/
  6. The POODLE bites again

    1. Next, we have a comeback of a vulnerability from earlier in the year. The “POODLE” SSLv3 vulnerability that made quite a stir when it was discovered is back, this time discovered to affect certain implementations of TLS as well.
    2. Read More @ https://www.imperialviolet.org/2014/12/08/poodleagain.html
  7. North Korea says Sony Pictures hack was a ‘righteous deed’

    1. Next, another SPE related story. I felt the need to include it as it’s fairly amusing. Apparently North Korea, while not admitting to have had anything to do with the SPE hack, has referred to it as a “righteous deed”. Hardly a surprise that they would be pleased, but having an official comment on the matter I find rather amusing.
    2. Read More @ http://www.afterdawn.com/news/article.cfm/2014/12/07/north-korea-says-sony-pictures-hack-was-a-righteous-deed
  8. FBI says there’s nothing linking North Korea to Sony hack

    1. As a fitting follow up to the above article, it looks like the FBI so far at least is claiming that the SPE hack has not been linked to North Korea in any way. This is interesting, as several articles on the subject, from various researchers have made claims to the opposite. Hopefully we will have something a bit more concrete in the near future, as details continue to materialize.
    2. Read More @ http://www.csoonline.com/article/2857455/business-continuity/fbi-says-theres-nothing-linking-north-korea-to-sony-hack.html
  9. Why Do Russia and Iran Have More Cyber Commandos Than the U.S.?

    1. Next, an interesting opinion piece on the various differences between the cyber-warfare capabilities of the U.S, and countries like Russia and Iran. Good read.
    2. Read More @ http://infosechotspot.com/browser/?onsurl=%3A%2F%2Ffeedproxy.google.com%2F~r%2Fhuffingtonpost%2FRaID%2F~3%2FgSbP385SW_Q%2Fwhy-do-russia-and-iran-ha_b_6289580.html
  10. Suit: Comcast public WiFi hotspot network uses home modems, drives up customer costs

    1. Comcast might be in some hot water over it’s plan to turn customer modems into public WiFi hotspots, as there has now been a lawsuit filed by two people in California alleging that this practice drives up costs for the customer. This particular move by Comcast always seemed very strange for many reasons, not the least of which is the security issues that spring to mind with something like this, but now it might also be creating problems by driving up electric bills for customers as well. Will be interesting to see how this one develops.
    2. Read More @ http://www.scmagazine.com/suit-accuses-comcast-of-exploiting-customers-for-profit/article/387701/
  11.  ‘The Pirate Bay’ Goes Down After Swedish Police Raid Server Room

    1. It looks like the Pirate Bay has been taken down by a raid in Sweden. As of the time of this article, it looks like it might be back up, under a Costa Rica TLD (.cr).  Seems like this happens every once in a while, and they pop up under a new domain and we are back where we started.
    2. Read More @ http://thehackernews.com/2014/12/Torrent-pirate-bay-goes-down.html
  12. Serious Flaw Found in Alibaba’s English e-Commerce Site

    1. Alibaba, the “Chinese Google” has fixed a rather serious flaw in their e-commerce site, that would allow attackers to do things like change prices, and delete a merchant’s shop. As far as bugs go, this was pretty significant as I doubt they want people setting their own prices, just guessing.
    2. Read More @ www.infosecurity-magazine.com/news/serious-flaw-alibabas-english/
  13. Targeted Cyberattacks Logbook

    1. Kaspersky has launched a new site that archives all of their research on various APT campaigns active since 2008. It’s a pretty cool way to look at the APT threat landscape, and it also provides links to all of their related writings, and having read most of them I highly recommend checking it out.
    2. Read More @ https://apt.securelist.com/
  14. Dyreza Banking Threat Back to Target North America

    1. A new Phishing campaign is upon us, and this time around it’s looking to spread the Dyreza banking trojan, as wel as the Upatra downloader. Dyreza has been mostly active in Europe but has now made it’s way to North America as well, it looks like.
    2. Read More @ www.infosecurity-magazine.com/news/dyreza-banking-threat-back-to
Otakun
– Otakun

 


Leave a Reply

Your email address will not be published. Required fields are marked *



Today is Friday
2018/02/23