Cool News Story Bro! Week of 01-30-2015

by Otakun
Categories: News
Comments: Leave a Comment

Hi Guys,

Time for another news post.  A fairly slow week this week, but we still have some good stuff for you, so let’s get going!

  1. Links Found between NSA, Regin Spy tool and QWERTY Keylogger

    1. First article of the day, and it’s a pretty interesting one. The sophisticated espionage malware that was brought to late in recent times is apparently linked to the NSA. A german newspaper leaked source code for a piece of NSA software called “QWERTY”, a keylogger, and the code has enough similarities to Regin for researchers at Kaspersky to claim that they are linked. Given NSA’s cyber espionage capabilities, this is not that surprising.
    2. Read More @ http://thehackernews.com/2015/01/nsa-regin-qwerty-keylogger_27.html
  2. EFF’s Game Plan for Ending Global Mass Surveillance

    1. Next, another interesting article dealing with things on the privacy front. The Electronic Frontier Foundation has outlined a plan on how mass surveillance can be ended. The plan would require a global effort to succeed but it outlines the measures needed in order to help stem the rampant information collection, and surveillance like the ones outlined by the Snowden leaks. Whether this can, or will, actually happen is an entire separate issue…but you can’t help but think somethings needs to happen for us to keep our privacy, going forward.
    2. Read More @ https://www.eff.org/deeplinks/2015/01/effs-game-plan-ending-global-mass-surveillance
  3. New DYRE Variant Hijacks Microsoft Outlook, Expands Targeted Banks

    1. Next, a new development on the banking Trojan front (oh the fun!). Dyre Banking Trojan’s most recent variant has included a mail worm in order to spread even faster through the use of Outlook. This allows the Trojan to exponentially increase it’s spamming activity.
    2. Read More @ http://blog.trendmicro.com/trendlabs-security-intelligence/new-dyre-variant-hijacks-microsoft-outlook-expands-targeted-banks/
  4. Army cyber defenders open source code in new GitHub project

    1. The U.S army has released their python based internal forensics framework called “DSHELL” to the public. This looks to be a modular framework and the Army is hoping that people will create their own custom modules in order to tailor the software for their use.. Interesting read.
    2. Read More @ http://www.army.mil/article/141734
  5. ‘GHOST’ bug in Linux library enables remote takeover of victim’s system

    1. A new Linux vulnerability named “GHOST” has been discovered by researchers at Qualys. GHOST is a buffer overflow vulnerability in the glibc library that could allow for remote code execution, if exploited.
    2. Read More @ http://www.scmagazine.com/buffer-overflow-vulnerability-in-linux-identified/article/395025/
  6.  Analyzing CVE-2015-0311: Flash Zero Day Vulnerability

    1. Last week, we had an article about a new Adobe Flash Zero Day, and this week we have a follow up that takes a deep dive into analyzing the vulnerability itself. For all the reversing people out there this is a great read.
    2. Read More @ http://blog.trendmicro.com/trendlabs-security-intelligence/analyzing-cve-2015-0311-flash-zero-day-vulnerability/

Leave a Reply

Your email address will not be published. Required fields are marked *

Today is Friday