Busy news week this week, so let’s get to it =)
- First story brings news of the popular Linux Mint distro website being hacked and having the legitimate ISO replaced with a backdoored version. This effects Linux Mint 17.3 Cinnamon Edition. specifically. The hack seems to have happened on February 20th, so if you downloaded this version of Mint around that time, you might be infected.
- Read More @ http://thehackernews.com/2016/02/linux-mint-hack.html
- Next, a look at some of the changes made to the TPP agreement that seem to have resulted in increased penalties for Copyright infringement. EFF spotted and detailed these changes that seem to impose very, very harsh penalties for Copyright infringement.
- Read More @ news.slashdot.org/story/16/02/21/2022207/tpp-change-means-drastically-higher-penalties-for-copyright-infringement
- Next, some interesting data on the NSA Data Center in Utah. Apparently, since the Snowden revelations in regards to the NSA spying the amount of attacks this data center is experiencing is as high as 300 million per day. It makes sense that an NSA data center would be a target but that number is definitely higher than I expected it to be.
- Read More @ https://feedly.com/i/saved
- Next, some good news for ASUS customers going forward. It looks like the FTC has forced the company to improve their router security after a string of attacks managed to take advantage of poor security on their devices. As a result ASUS is expected to have a comprehensive security program, and be subject to audits for the next 20 years. Good going FTC.
- Read More @ https://www.helpnetsecurity.com/2016/02/24/ftc-forces-asus-to-improve-router-security/
- Next, a look at an APT campaign called “Dust Storm” that has been targeting Japan’s critical infrastructure. The main target was the Japanese oil, gas, and electric utilities. Good read.
- Read More @ https://threatpost.com/five-year-dust-storm-apt-campaign-targets-japanese-critical-infrastructure/116436/
- Next, more on the ongoing story between Apple and the feds regarding the unlocking of the iPhone used by the San Bernardino shooter. Well, it turns out that despite the FBI saying that this would be a one time deal, Apple attorneys have revealed a dozen of other similar requests from the FBI. This is just adding to the evidence that this entire situation is just the FBI wanted to set precedent for device backdoors.
- Read More @ https://threatpost.com/apple-attorney-reveals-dozen-other-iphone-requests-from-fbi/116437/
- Next, Kaspersky along with other security companies has announced Operation Blockbuster, which aims to bring to light the APT group known as “Lazarus Group” which was responsible for the Sony Pictures hack as well as several others. The goal of this operation is to bring awareness to the group and their activities and to provide resources for detecting their tools and techniques. Good read as always.
- Read More @ https://securelist.com/blog/incidents/73914/operation-blockbuster-revealed/
- Next, I just wanted to include this to illustrate the sad state of user awareness when it comes to online security. These are the results of a survey conducted on behalf of a VPN provider “Hide My Ass”, and the results are…yea…less said the better.
- Read More @ https://nakedsecurity.sophos.com/2016/02/24/americans-want-to-be-safer-online-but-not-if-they-have-to-do-anything/
- German Interior Ministry has approved the use of a home brewed trojan that has been around for years in different forms. The police do need a court order before using this trojan and supposedly the functions the are allowed to use are limited, but it is capable of essentially everything a normal RAT can do, so who is to say the more invasive functions will not be used in the future.
- Read More @ https://nakedsecurity.sophos.com/2016/02/24/german-police-given-go-ahead-to-use-home-brewed-spying-trojan/
- Next, a round up of the Top Exploit Kits for February, according to Malwerebytes. Seems to be the usual suspects.
- Read More @ Top Exploit Kits Round Up | February Edition
- Next, researches from Bastille Networks have detailed a new attack aimed at exploited Wireless Keyboards, Mice, etc. in order to gain access to the connected device. Very interesting read.
- Read More @ https://threatpost.com/mousejack-attacks-abuse-vulnerable-wireless-keyboard-mouse-dongles/116402/
- Lastly, it looks like the Silverlight exploits patched in January’s patch Tuseday have found their way into the Angler Exploit Kit. This is rather expected, as it’s typical behavior for Exploit Kit authors.
- Read More @ https://threatpost.com/new-silverlight-attacks-appear-in-angler-exploit-kit/116409/