Cool News Story Bro! Week of 12-19-2014

by Otakun
Categories: News
Tags: No Tags
Comments: Leave a Comment

Hey Guys,

Sorry for the late news post this week, got a bit busy so had to delay a bit, but all is well now and we got a lot to go through…I bet you can guess the theme this week (if you have been following the news for the past few ;) ). So let’s get to it!

  1. ICANN Hacked Including Root DNS Systems

    1. First story today is of another breach, and a pretty important one at that. It looks like ICANN (Internet Corporation for Assigned Names and Numbers) was hacked through a spear-phishing campaign that managed to successfully harvest credentials that were then used to access their network and to exfiltrate information including the copies of the data in the the Centralized Zone Data System (CZDS).
    2. Read More @ http://www.darknet.org.uk/2014/12/icann-hacked-including-root-dns-systems/
  2. Sony leaks reveal Hollywood is trying to break DNS, the backbone of the internet

    1. So, let’s get started with the Sony breach related news. First, it looks like leaked documents revealed plans by Hollywood to push harder on the idea of DNS blacklisting as a counter-piracy measure, and are working with providers like COMCAST on figuring out the technical requirements. While this is hardly a new concept, (already implemented in the U.K) it hasn’t made it’s way to the U.S yet. We discussed last week why this is a flawed solution, but Hollywood seems set on the idea, so let’s hope it doesn’t succeed as this would do nothing but create other issues without even solving the intended one.
    2. Read More @ http://www.theverge.com/2014/12/16/7401769/the-mpaa-wants-to-strike-at-dns-records-piracy-sopa-leaked-documents
  3. In Damage Control, Sony Targets Reporters

    1. Next, a story by Brian Krebs, and corroborated by several other media outlets, it looks like SPE lawyers have been contacting journalists and demanding that they stop reporting on the hack, and destroy and associated data in their possession. This is not terribly surprising, but ultimately a futile attempt at damage control, I think. None of these media outlets are under any obligation to comply, and Krebs himself has stated as much.
    2. Read More @ http://krebsonsecurity.com/2014/12/in-damage-control-sony-targets-reporters/
  4. Former employees sue Sony, theaters drop ‘The Interview’

    1. Next, another inevitable piece of the SPE breach puzzle falls into place in form of a lawsuit by former employees of SPE. This was always going to happen, as the affected employees would obviously take some issue with having their personal data exposed. In addition, major theater chains made the decisions to not screen “The Interview” amid threats from the “GOP”.
    2. Read More @ http://www.scmagazine.com/sony-accused-of-not-heeding-security-threats/article/388941/
  5. U.S. Said to Find North Korea Ordered Cyberattack on Sony

    1. It looks like the U.S government has finally made an official claim as to the source of the attack on Sony and unsurprisingly they are blaming North Korea. Details are scarce as to the evidence that led to this, but it is interesting that they publicly accused North Korea. So they either have solid evidence that North Korea was the source, or they at the very least want people to think so.
    2. Read More @ http://www.nytimes.com/2014/12/18/world/asia/us-links-north-korea-to-sony-hacking.html?smid=tw-bna&_r=0
  6. Sony Hack a ‘Serious National Security Matter’: White House

    1. On a similar note as the above article, a new statement by the White House called the Sony hack a a “serious national security matter”, and has even gone as far as to promise retaliatory action. No details on what that could be, but a strong statement non-the-less.
    2. Read More @ http://www.securityweek.com/sony-hack-serious-national-security-matter-white-house
  7. FBI Officially Blames North Korea in Sony Hacks

    1. FBI has now officially gone on record blaming North Korea for the Sony hack. “The FBI announced today that it has gathered enough evidence to say with certainty that the government of the Democratic People’s Republic of Korea is in fact responsible for recent intrusions into the networks of Sony Pictures Entertainment (SPE)”. That is about as direct of a statement as it gets. I don’t necessarily believe that IP addresses, and similarities in the codebase of the tools is 100% conclusive evidence by any means, you can see how that would lead to a conclusion like this. However, I do hope the FBI has undisclosed evidence that is a bit more conclusive than what they decided to share with the public.
    2. Read More @ http://threatpost.com/fbi-officially-blames-north-korea-in-sony-hacks/109999
  8. North Korea Proposes Joint Probe With US Into Sony Cyber Attack

    1. And we keep going. In response to the accusations by the White House, North Korea has proposed a joint investigation into the Sony attack, as a way to prove its innocence in the matter. I have to say, I didn’t quite see this one coming.
    2. Read More @ http://www.securityweek.com/north-korea-proposes-joint-probe-us-sony-cyber-attack
  9. WH rejects North Korea offer of Sony probe

    1. As much as I would have loved to see it happen, just for entertainment purposes, White House seems to have no interest in cooperating with North Korea on the investigation. Going as far as to say that if they want to help, they should compensate Sony for the loses and damage incurred. Hardly a shocking response, but at this point I can’t help but be amused by the narrative that has been created around this whole mess. Can’t say it lacks entertainment, at least.
    2. Read More @ http://thehill.com/homenews/administration/227791-white-house-rejects-north-korea-probe-of-sony-hack
  10. U.S. asks China to help combat North Korean hacking after attack on Sony

    1. Ok, you literally can’t make this stuff up. The U.S has now asked China to help them against the North Korea cyber attacks by blocking North Korea’s access to Chinese internet infrastructure, and by expelling North Korean hackers living in China. If you told me a few months ago that the U.S would ask China for help in preventing U.S companies from being hacked (by actors OTHER than China itself, of course) I would have called you crazy. What a strange mess this has been…
    2. Read More @ http://www.washingtonpost.com/world/asia_pacific/us-asks-china-to-help-combat-north-korean-hacking-after-attack-on-sony/2014/12/20/ffc37f8c-8885-11e4-9534-f79a23c40e6c_story.html
  11. Hackers Used Sophisticated SMB Worm Tool to Attack Sony

    1. In the last piece of SPE related news we shift focus a bit on the actual malware used in the attack. US-Cert has issued an advisory describing the capabilities of the Wiper tool used in the Sony attack. While this has been covered already in the past few weeks by a number of security vendors, including Kaspersky, this is the first “official” information to come from the U.S government on the details of the malware itself.
    2. Read More @ http://www.securityweek.com/hackers-used-sophisticated-smb-worm-tool-attack-sony
  12. Researchers Go Inside Illegal Underground Hacking Markets

    1. Now, onto the rest of the news. Researchers at Dell have just published some new information on their research into the Underground Hacking Markets. It’s a pretty interesting read for anyone interested into the underground economy that surrounds the illegal hacking activities.
    2. Read More @ http://threatpost.com/researchers-go-inside-illegal-underground-hacking-markets/109906
  13. GitHub: Vulnerability announced: update your Git clients

    1. GitHub has announced the discovery of a pretty severe client-side vulnerability that allows command execution on Windows and Mac versions of the GitHub client. Users are encouraged to update as soon as possible.
    2. Read More @ https://github.com/blog/1938-git-client-vulnerability-announced
  14. Chthonic: a New Modification of ZeuS

    1. Next, researchers at Kaspersky have discovered a new Banking Trojan that they have named “Chthonic”, a variant of ZeuS that seems to employ some new techniques that made it stand out. Always interesting to see the way ZeuS variants evolve. Good Read.
    2. Read More @ https://securelist.com/blog/virus-watch/68176/chthonic-a-new-modification-of-zeus/
  15. Staples: 6-Month Breach, 1.16 Million Cards

    1. Remember the story from a few month ago about the possible breach at “Staples”? Looks like finally we have confirmation that a breach did indeed occur, and it resulted in a loss of about 1.16 million credit cards. Not the biggest by any means, but still significant. Though I bet Staples is happy about their timing what with all the focus being on the SPE breach.
    2. Read More @ http://krebsonsecurity.com/2014/12/staples-6-month-breach-1-16-million-cards
  16. After Receiving 65,000 Complaints, Microsoft Files Suit Against Tech Support Scammers

    1. So, it looks like Microsoft is finally taking action against the “Microsoft Support” scammers, 65,000 complaints later. We shown here, what these calls look like and you can definitely see how people would fall for something like this so it is great to see that Microsoft is finally taking action.
    2. Read More @ http://hothardware.com/news/after-receiving-65000-complaints-microsoft-files-suit-against-tech-support-scammers
  17. Hacking Heads up! If Tor VANISHES over the weekend, this is why

    1. The TOR Project developers are warning of a possible attack on the TOR infrastructure int he coming days. They warn that an unnamed group may seize the TOR Directory Authority servers. These servers are responsible for distributing the list of relays in the network. This is certainly something to keep an eye on, as I am sure many people use TOR for legitimate purposes, and it being offline would present a significant problem.
    2. Read More @ http://www.theregister.co.uk/2014/12/20/heads_up_if_tor_goes_down_over_the_weekend_this_is_why/
  18. Exploits Circulating for Remote Code Execution Flaws in NTP Protocol

    1. Researchers at Google have found several serious vulnerabilities in the NTP (Network Time Protocol), that would allow for Remote Code Execution. They also warn that some of these vulnerabilities have been seen in the wild.
    2. Read More @ http://threatpost.com/exploits-circulating-for-remote-code-execution-flaws-in-ntp-protocol/110001
  19. Don’t Let the Grinch Steal Christmas

    1. Researchers at AlertLogic have discovered a new Linux/Unix vulnerability that they have called “Grinch” which they claim would allow for privilege escalation. They have a detailed write up on their findings on their official blog.
    2. Read More @ https://www.alertlogic.com/blog/dont-let-grinch-steal-christmas/


– Otakun

Leave a Reply

Your email address will not be published. Required fields are marked *

Today is Friday