Apologies for the late post but it’s been a busy time here. However the extra day did bring in some interesting stories so it all works out in the end! So, let’s get to it.
- First story is an interesting one for privacy advocates and TOR users alike. A judge has ordered the FBI to reveal the TOR exploit code used to hack visitors the largest darknet child porn site “PlayPen”. However the FBI is fighting the order, claiming that it’s not necessary. Implications being that if the methods are revealed they would be patched and FBI would lose their ability to spy on TOR users.
- Read More @ http://thehackernews.com/2016/03/fbi-tor-browser-exploit.html
- Next, a good little introduction piece to some basics of Incident Detection and Response from Rapid7. Most people visiting this site are familiar with all of these terms but for those who are not, it’s a nice little guide.
- Read More @ https://community.rapid7.com/community/insightidr/blog/2016/03/29/what-is-incident-detection-and-response
- Next, it looks like Microsoft has decided to release a special version of Windows 10 just for the Chinese marketplace, in cooperation with the Chinese government. Given the size of the Chinese market, Microsoft would not want to miss out and this was a way for them to enter the market in China, so it’s not terribly surprising.
- Read More @ http://thehackernews.com/2016/03/china-windows10.html
- Next, some interesting survey results when it comes to C level executives and cybersecurity. Basically it seems like true understanding of the importance of cybersecurity and how to address it is still largely an after thought to high level executives who still boil security down to an “IT Problem”. Spending is up, but seems like it’s not necessarily leading to a vast improvement in security. Concerning, to say the least.
- Read More @ https://tech.slashdot.org/story/16/04/02/147214/on-cybersecurity-execs-are-burying-their-heads-in-the-sand
- Next, a great analysis of the Petya ransomware. This is a bit different than the usual ransomware we are used to seeing as it actually encrypts the MFT.
- Read More @ https://blog.malwarebytes.org/threat-analysis/2016/04/petya-ransomware/
- Looks like the EC-Council website has been compromised to deliver TeslaCrypt ransomware. The site was compromised to redirect visitors to an Angler Exploit Kit page. Attack doesn’t seem to be targeted and a 3rd party word press plugin was responsible.
- Read More @ http://www.scmagazine.com/irony-strikes-certified-ethical-hacker-website-reportedly-spreading-ransomware-for-days/article/485578/
- Next, another guide, this one is for Two-Factor Authentication. Multi-Factor Authentication is a must these days so having an understanding of what it is and the different ways it can be implemented is important.
- Read More @ http://www.symantec.com/connect/blogs/guide-two-factor-authentication
- State Department database storing VISA application information was found to be vulnerable through an internal audit. Database contains up to half a billion records, though no sign of actual breach has been found.
- Read More @ http://www.nbcnews.com/tech/tech-news/visa-database-found-be-vulnerable-hacking-n549011?linkId=22972935
- Next, arguably the most interesting story of the week. A massive 2.6TB document leak from an offshore law firm “Mossack Fonseca” has shed the light on the offshore tax haven game used by the world’s elite. Journalists from The Guardian and several other news outlets are reviewing the data and already some of the findings are extremely interesting. Can’t wait to see more on this, as it really highlights the massive levels of corruption and abuse of the tax system.
- Read More @ http://www.theguardian.com/news/2016/apr/03/the-panama-papers-how-the-worlds-rich-and-famous-hide-their-money-offshore