Hope you are having a good week so far. Hopefully we can make it a little better, by making sure you are a little bit more informed about security news after this…so let’s see what we got this week!
- First story of the week looks at the re-emergence of the CryptoWall ransomware. The new variant utilizes I2P network in order to evade analysis and make reversing more difficult. I2P is an anonymous network, similar to TOR. As if ransomware wasn’t enough of a pain before. Make backups folks.
- Read More @ http://thehackernews.com/2015/01/Cryptowall-ransomware-malware.html
- Next, a more light-hearted article about the new Hacker centric movie “BlackHat” that just released. Personally, I expected it to be pretty terrible, but that might not be the case. Seems like even some security experts have good things to say about the portrayal of Hackers in BlackHat. Might actually have to go see this one, color me curious.
- Read More @ http://www.wired.com/2015/01/blackhat-the-best-cyber-movie/
- Next, it looks like the North Korean news agency website is acting as an infection vector, and serving up a malicious ZIP file to unsuspecting visitors. Analysis by Trend Micro provides the details. Good read.
- Read More @ http://blog.trendmicro.com/trendlabs-security-intelligence/north-korean-news-agency-website-serves-file-infector/
- Next, another Lizard script-kiddie related story. As we’ve mentioned before, we had a hunch their shenanigans would end up landing them in hot water with authorities and few arrests later this seems to have been the case. This week, another member of Lizard Squad responsible for attacks on Sony PSN and Xbox Live was arrested in the UK. Another one down, more to go, we imagine.
- Read More @ http://krebsonsecurity.com/2015/01/another-lizard-arrested-lizard-lair-hacked/
- Next, we take a look at new piece of malware being used in a targeted attack against a London based company. Malware is a memory-resident credential harvesting malware deployed on Windows servers.
- Read More @ http://threatpost.com/skeleton-key-malware-opens-door-to-espionage/110433
- Next, a data privacy related story. President Obama is calling for a new law that would strengthen data protection, and also require companies to disclose breaches within 30 days. This would be quite a significant change, as breaches often go unreported for much longer than that.
- Read More @ http://www.scmagazine.com/state-of-the-union-speech-will-outline-privacy-and-data-protection/article/392127/
- Next, continuing the privacy related news posts, it looks like the U.K Prime Minister David Cameron is looking to ban end to end encryption, using the Charlie Hebdo attacks in France as justification. This is hardly a surprising development, given the anti-privacy, policies he has already enforced, like the infamous proxy filter.
- Read More @ http://www.theguardian.com/commentisfree/2015/jan/13/cameron-ban-encryption-digital-britain-online-shopping-banking-messaging-terror
- Our last piece of news for the week takes a loot at the compromise of the U.S Central Command Twitter and Youtube account hack at the hands of Pro-ISIS hackers. Both of these accounts were compromised, and used to communicate threatening messages before being taken offline. U.S Central Command has confirmed the hack.
- Read More @ http://www.scmagazine.com/us-central-command-social-media-accounts-hacked/article/392128/