And welcome to another news week round up. Fairly slow week this week, but still got some good stuff as usual. Enjoy!
Wikimedia v. NSA: Wikimedia Foundation files suit against NSA to challenge upstream mass surveillance
- First story of the week is on the privacy front. It looks like the Wikimedia Foundation, the folks behind Wikipedia, have filed a lawsuit against the NSA in order to challenge the mass surveillance the agency has been accused of doing since the Snowden leaks. It will be interesting to see where this one goes.
- Read More @ https://blog.wikimedia.org/2015/03/10/wikimedia-v-nsa/
- Next story comes the way of Google’s project-zero team, that has discovered an interesting vulnerability in certain DRAM chips that allow for kernel privilege escalation exploits. I don’t want to try and explain it here as their write up is much better, so head on over and check it out.
- Read More @ http://thehackernews.com/2015/03/dram-rowhammer-vulnerability.html
- Looks like one of the latest updates included in the last round of Windows Updates is causing a reboot loop in some amount of Windows 7 machines, so it might be wise to hold off on applying that particular update until this issue is addressed by Microsoft.
- Read More @ http://krebsonsecurity.com/2015/03/ms-update-3033929-causing-reboot-loop/
- A story on threat-post brings us the news that the Obama Administration is looking to expand it’s powers in order to be able to better fight against Botnets, and Botnet operators. They are seeking an amendment to an existing federal law that would give them the ability to more directly go after botnets.
- Read More @ https://threatpost.com/obama-administration-seeks-more-legal-power-to-disrupt-botnets/111596
- We brought you a few stories about the “EquationGroup”, a sophisticated APT group brought to light by Kaspersky labs. Well, they have a follow up story that takes a look at the “EquationDrug” espionage platform, the main one used by the “Equation Group”. Really good write-up, as usual.
- Read More @ http://securelist.com/blog/research/69203/inside-the-equationdrug-espionage-platform/
- DDoS attacks have been a problem for a long time, and that doesn’t seem like it’s going to change anytime soon. CloudFlare is looking to help protect businesses from DDoS by offering a new service that they call “VirtualDNS”. Basically they plan to proxy client DNS traffic through the closest CloudFlare edge server to the client, and essentially filter the DNS traffic, only allowing clean traffic back to the client.
- Read More @ http://www.securityweek.com/cloudflare-provides-nameserver-ddos-protection-virtual-dns