Cool News Story Bro! Week of 01-23-2015

by Otakun
Categories: News
Tags: No Tags
Comments: Leave a Comment

Another week is behind us, and that means it’s time for another news recap. As usual, we got some good stuff for you this week as well, so let’s get to it!

  1.  New Adobe Flash Zero-Day found in the Wild

    1. First story for this week deals with the discovery of a brand new flash 0-day found being exploited in the wild, by “Angler Exploit Kit”. It’s been a while since Flash vulnerabilities were in the spotlight, so we were due for one. Adobe has since released a patch as well.
    2. Read More @ https://blog.malwarebytes.org/exploits-2/2015/01/new-adobe-flash-zero-day-found-in-the-wild/
  2. Security Budgets Going Up, Thanks To Mega-Breaches

    1. Next, some good news on the security spending front. Looks like the recent breaches of large retailers like Target and Home Depot have had an affect on security budgets as more than half of organizations surveyed planned to increase their security related spending. Good time to be in this field, I say. However, while this is good news, it still makes me a bit sad that this is still such a reactive industry…but hey, take what you can get, right?
    2. Read More @ http://www.darkreading.com/attacks-breaches/security-budgets-going-up-thanks-to-mega-breaches/d/d-id/1318714
  3. Bypass Demonstrated for Microsoft Use-After-Free Mitigation in IE

    1. Next, an interesting story for all the reverse engineers out there. Microsoft has been introducing new protections that make IE more difficult to exploit, and the latest of these are the Heap Isolation and Delay Free mechanism. Both of these protections seem to have been bypassed by a Bromium Labs security researcher.
    2. Read More @ http://threatpost.com/bypass-demonstrated-for-microsoft-use-after-free-mitigation-in-ie/110570
  4. Like a Nesting Doll, Vawtrak Malware Has Many Layers

    1. Next, a very good write up on the technical analysis of the Vawtrak banking trojan. A rather complex, and relatively new banking trojan that was originally targeting Japan, but has since expanded it’s reach to other regions. Excellent read.
    2. Read More @ http://threatpost.com/like-a-nesting-doll-vawtrak-malware-has-many-layers/110553
  5. FBI Seeks To Legally Hack You If You’re Connected To TOR Or a VPN

    1. Next, an article on the privacy front. It seems like FBI is attempting to make some changes in the legal process that would allow them to bypass a number of privacy protections if the target machine is using TOR or VPN services. I am sure for many people out there who use VPN and TOR for legitimate reasons, this is a pretty scary proposition. Is it really a stretch to think that using a VPN doesn’t mean I should give up my privacy?
    2. Read More @ http://fee.org/freeman/detail/youll-never-guess-whos-trying-to-hack-your-iphone
  6. An analysis of Regin’s Hopscotch and Legspin

    1. Next, another awesome analysis, courtesy of Kaspersky. This time, they take a look at two modules of the infamous Regin cyberespionage tool set.
    2. Read More @ https://securelist.com/blog/research/68438/an-analysis-of-regins-hopscotch-and-legspin/
  7. Email Scam Nets $214 Million in 14 Months: FBI

    1. Next, some interesting statistics on a widespread phishing campaign. The “Invoice” phish that fakes unpaid invoice documents has netted over 214 million dollars in 2014 for the scammers. Having seen a number of these in our environment, I can’t say that stat is surprising, but I didn’t quite think the amount would be quite as high. Demonstrates that phishing is still a very lucrative endeavor for cyber criminals.
    2. Read More @ http://www.securityweek.com/email-scam-nets-214-million-14-months-fbi
– Otakun

Leave a Reply

Your email address will not be published. Required fields are marked *

Today is Friday