Welcome to the Valentine’s day edition of security news recap. Let’s not delay, love waits for noone!
- First story of the week is concerning the Neutrino Exploit Kit. It looks like it now has a new way to detect security researchers by doing passive OS fingerprinting. This was discovered by researchers at Trustwave. This is interesting, as Neutrino is one of the most active exploit kits left, and always trying to stay ahead of the researchers.
- Read More @ http://www.csoonline.com/article/3030207/security/the-neutrino-exploit-kit-has-a-new-way-to-detect-security-researchers.html
- A hacker has published personal information of 20,000 FBI agents, around superbowl time. The hacker seems to have left a Pro-Palestine messages in the leak, and claimed this is an ongoing hack against the U.S government. Information includes names, emails, phone numbers, titles, and country.
- Read More @ https://motherboard.vice.com/read/hacker-publishes-personal-info-of-20000-fbi-agents
- Researchers at Kaspersky have released a new report on what they have dubbed as the Poseidon APT group, which they claim to be the first Portuguese Speaking campaign. Their operational details are quite interesting, and seems like they have been around since 2005. Good read.
- Read More @ https://threatpost.com/10-year-poseidon-apt-group-identified-as-first-portuguese-speaking-campaign/116177/
- Next, a number of fixes have been released for Windows, Java and Flash respectively, so make sure you are keeping everything updated.
- Read More @ http://krebsonsecurity.com/2016/02/criticial-fixes-issued-for-windows-java-flash/
- Next, some news that shouldn’t really surprise anyone. AT&T doesn’t seem to care too much about their users privacy. Their CEO said that tech companies shouldn’t have any input into the encryption debate. While I tend to disagree, it doesn’t surprise me that this is coming from AT&T.
- Read More @ https://www.schneier.com/blog/archives/2016/02/att_does_not_ca.html
- Next, continuing on the privacy front, some more analysis has been done on Windows 10 privacy, and the amount of information it sends back to Microsoft, and the news is not good. Even with tweaked privacy settings Windows sends your information to MS over 5500 times a day. I think I am going to stick to Windows 7 for the time being.
- Read More @ http://thehackernews.com/2016/02/microsoft-windows10-privacy.html
- So it looks like some hackers looking to get access to Apple are taking the direct route, and contacting Apple employees in Ireland and straight up offering 20,000 Euro for the login credentials. Makes you wonder how many would actually take the bait. Interesting to see such a direct approach, I have to say.
- Read More @ http://thehackernews.com/2016/02/hacking-apple-id.html
- UK police have arrested a 16 year old who is a member of the hacking group “Crackas With Attitude” that is responsible for a number of high profile hacks, including the one mentioned earlier that resulted in information on 20,000 FBI employees being leaked. The rest of the members of the group have vowed to keep going with their activities despite the arrest.
- Read More @ http://news.softpedia.com/news/uk-police-arrests-16-year-old-boy-for-suspicion-of-hacking-cia-dhs-doj-and-fbi-500352.shtml