Cool News Story Bro! Week of 12-26-2014

by Otakun
Categories: News
Comments: Leave a Comment

Hey Guys!

First and foremost, Merry Christmas from all of us at MalWerewolf. I hope you had a great holiday and are as excited about 2015 as we are! However, we still have some news to go through (though a bit of a slower week) so let’s not delay any further!

  1. Did North Korea Really Attack Sony?

    1. We’re finally winding down a bit on SPE breach news, but we still have a few related stories this week. First one is by the renown cryptographer Bruce Schneier, and he questions whether North Korea really was behind the attack. The true source is still very much a point of debate as there are a number of differing opinions, ranging from insider threat, to North Korea and everything in between. Wonder if we will ever know for sure, but it has been an interesting discussion to follow, at least.
    2. Read More @ https://www.schneier.com/blog/archives/2014/12/did_north_korea.html
  2. North Korea Goes Offline

    1. So, it seems like the North Korea’s internet connection has gone done, and up over the past week or so. There is a lot of speculation as to the reasons behind it, but the timing is interesting.
    2. Read More @ http://www.arbornetworks.com/asert/2014/12/north-korea-goes-offline/
  3. We Spoke To A North Korean Defector Who Trained With Its Hackers — What He Said Is Pretty Scary

    1. With all the talk of North Korea hacking, it does pose the question of what their actual capabilities are in this space? This article looks at the interview with a North Korean defector who trained with their hacking division and it’s a very interesting insight into North Korean cyber-warfare capabilities.
    2. Read More @ http://www.businessinsider.com/north-korean-defector-jang-se-yul-trained-with-hackers-2014-12
  4. Sony Begins Streaming North Korea Comedy “The Interview” Online

    1. Despite only as recently as last week Sony saying that they have no interest in releasing “The Interview” in any form it seems like they have had a change of heart and have released the movie online in various forms (Youtube, Xbox Live, PSN). Even though I have no expectation of the movie being good, I do believe it’s the right move to make. And if there is a silver lining for Sony this movie has gotten a lot of buzz and has marketed itself better than Sony ever would have. Check it out, you know, for freedom and such.
    2. Read More @ http://www.securityweek.com/sony-begins-streaming-north-korea-comedy-interview-online
  5. Rackspace Recovers From Major DNS DDoS

    1. So, I was wondering if this was even note worthy to make a story out of, but I figured I might as well, even though DDoS at this point is so common and so low level it’s hardly news. But, if you are a rackspace customer it might be of interest. They along with several other companies were under a DDoS in recent times but they have recovered.
    2. Read More @ http://www.darknet.org.uk/2014/12/rackspace-recovers-major-dns-ddos/
  6. Backoff Malware Validates Targets Through Infected IP Cameras

    1. Back into the PoS malware news we go. Been a bit, with all the SPE fuss. It looks like the new research by RSA has found some interesting tidbits about the recon process used in these attacks, ,mainly that the attackers are using hacked IP cameras as part of their recon process. Additionally, there is some interesting theories about the potential origin of the attackers as well.
    2. Read More @ http://www.darkreading.com/attacks-breaches/backoff-malware-validates-targets-through-infected-ip-cameras/d/d-id/1318377
  7.  Russian hackers stole millions from banks, ATMs

    1. Our next story takes a look at a pretty active Russian hacking group “Anunak” whose main targets were banks and payment systems. The group was responsible for stealing a fairly large amount of cash throughout their activities. The paper taking a look at their activities is a pretty good read.
    2. Read More @ http://www.net-security.org/secworld.php?id=17781
  8. Cowards Attack Sony PlayStation, Microsoft xBox Networks

    1. Next, a story by Krebs that takes a look at the recent DDoS attacks on Xbox Live, and Playstation Network, by the group of angry script-kiddies known as “The Lizard Squad”. Their activity reminds of the stuff “Lulzsec” used to do, except even less skilled, due to the fact that all they are doing is DDoSing. Honestly, as much as I generally think DDoS  type attacks tend to carry a rather harsh sentence on people involved, this group is one that it might be appropriate for as they have no motive other than because they can.
    2. Read More @ http://krebsonsecurity.com/2014/12/cowards-attack-sony-playstation-microsoft-xbox-networks/
  9. The World’s Biggest Data Breaches, In One Incredible Infographic

    1. Did you ever want to see what the world’s largest breaches look like in fancy graph form? Well, wait no more dear reader…your day has finally arrived! Seriously though, this is pretty cool.
    2. Read More @ http://www.businessinsider.com/data-breaches-infographic-2014-12
  10. South Korean Nuclear Power Plant Hacked

    1. Next, the other Korea is in the news. Looks like one of the South Korean nuclear power plants was hacked by an unknown group. However, it looks like no critical data was taken but it did cause the plant operators to conduct a full cyberattack defense drill to ensure they are prepared.
    2. Read More @ http://thehackernews.com/2014/12/Korea-nuclear-power-plant-hacked.html
  11. Two-Factor Snafu Opened Door to JPMorgan Breach

    1. Remember the “JP Morgan” breach we mentioned a while back? New details have surfaced that pinpoint a failure in employing two-factor authentication on one of their servers as the reason the attackers were able to breach the network. Just goes to show you that it really is true when people say all you need is 1 unprotected machine to invalidate all your security.
    2. Read More @ http://threatpost.com/two-factor-snafu-opened-door-to-jpmorgan-breach/110119
– Otakun

Leave a Reply

Your email address will not be published. Required fields are marked *

Today is Friday