Welcome to another week of news. Hope your 2015 is off to a good start. Seems to be a bit slower news week than usual, but there is still enough to keep us busy..so let’s get to it!
- Firs story of the week looks at some of the more recent cases of malware using PasteBin as a part of its campaign. This isn’t entirely a new method, but we wanted to bring attention to the latest threats leveraging this method.
- Read More @ http://threatpost.com/backdoors-found-leveraging-pastebin/110254
- It looks like Microsoft is starting the new year off by discontinuing the Advanced Notification Service. This was used to give a heads up prior to patch Tuesday and provide information on the upcoming patches. It’s not clear as to why this was stopped at this time.
- Read More https://nakedsecurity.sophos.com/2015/01/09/microsoft-discontinues-advance-notification-service-but-why
- Continuing the gaming related security stories from last week, this week we have a new one. Looks like the Xbox One SDK that has not been released is now out in the open. This looks like it could potentially be big help in opening up homebrew development for the system.
- Read More @ http://www.scmagazine.com/h4lt-hacking-team-leaks-secret-xbox-one-sdk-accesses-unreleased-games/article/390936/
- I promise this is the only SPE related story for the week, I wanted to include it as it’s fairly important. FBI Director has disclosed a bit more information as to why they are so confident that North Korea is responsible for the SONY hack. Primarily, it looks like their real IP was exposed as they failed to make use of a proxy on several occasions during the intrusion.
- Read More @ http://www.darkreading.com/fbi-director-says-sloppy-north-korean-hackers-gave-themselves-away/d/d-id/1318520?_mc=sm_dr
- Next, it looks like there is a new Linux trojan making the rounds by the name of “XOR.DDOS”. What makes this one interesting is that it does have a rootkit component as well. It’s a rather interesting piece of malware. Worth a look.
- Read More @ http://www.scmagazine.com/malware-targets-linux-and-arm-architecture/article/391497/
- Next, a story that takes a look at the Underground Markets, and provides some interesting info on the worth of stolen personal data. With so many breaches in the past year, it’s easy to see that stolen info is big business and this helps put a dollar value on some of it. Interesting read.
- Read More @ http://www.forbes.com/sites/symantec/2015/01/06/stolen-data-in-underground-markets-whats-your-info-worth/?linkId=11595196
- During the midst of all the Sony hack news, another breach occurred in a German steel mill but was mostly lost in the noise. The consequences of this attack, some believe, are even more significant as it caused actual physical damage to the mill by attacking the ICS infrastructure. The only other confirmed case of physical damage caused purely through physical means has of course been the highly publicized StuxNet incident.
- Read More @ http://www.wired.com/2015/01/german-steel-mill-hack-destruction/