2016/05/15

Cool News Story Bro! Week of 05-13-2016

by Otakun
Categories: News
Tags: No Tags
Comments: Leave a Comment

Hi Guys,

Welcome to a Friday the 13th edition of the news recap :) I am currently doing this post while wearing a Jason mask. Feels right! Now let’s get to the stories!

News Stories:

  1.  Hacker reports Vulnerability in Mr. Robot Season 2 Website

    1. First story is about a XSS vulnerability found in the “Mr.Robot” season 2 website. For those who don’t know “Mr.Robot” is a show on USA Network that actually portrays hacking, and hackers, in an accurate way and has been critically acclaimed. The flaw was found and reported by a white hat hacker “” and it was patched hours later. Good on them.
    2. Read More @ http://thehackernews.com/2016/05/hacker-mr-robot-season2.html
  2. Wendy’s admits to payment card malware infection

    1. A while back Brian Krebs reported that Wendy’s might have potentially suffered a PoS system breach, and now we have a confirmation straight from Wendy’s itself. During their earnings report they mentioned that a breach affecting up to 300 of their stores has occurred through compromised 3rd party vendor credentials.Not much in terms of details at the moment.
    2. Read More @ https://nakedsecurity.sophos.com/2016/05/12/wendys-admits-to-payment-card-malware-infection/
  3. Threat Actor Leverages Windows Zero-day Exploit in Payment Card Data Attacks

    1. A Windows 0-day has been responsible for hundreds of attacks on PoS systems. The zero day in question (CVE-2016-0167), has been used since March, and has been patched on April 12 by Microsoft. A detailed FireEye report looks at one group that leveraged the flaw in question to attack PoS systems.
    2. Read More @ https://www.fireeye.com/blog/threat-research/2016/05/windows-zero-day-payment-cards.html
  4. CVE-2016-4117: Flash Zero-Day Exploited in the Wild

    1. It wouldn’t be a security recap without the inevitable Java or Adobe related vulnerability, so here we are with another Flash 0-Day. FireEye discovered and reported the vulnerability to Adobe and it was patched in patch APSB16-15. FireEye report also details the vulnerability as well as how it is being exploited in the wild. Good Read.
    2. Read More @ https://www.fireeye.com/blog/threat-research/2016/05/cve-2016-4117-flash-zero-day.html
  5. Privacy fears ‘deterring’ US web users from online shopping

    1. Next, a story of a different note. A survey has found some interesting results in regards to the concerns of using online services by US web users. It seems like privacy and security concerns deterred about 50% of the people surveyed from online banking, shopping, etc. Seems like the high profile breaches are making their way into the mainstream mindset finally.
    2. Read More @ http://www.bbc.co.uk/news/technology-36285651
  6. The Pirate Bay Loses Its Main Domain Name In Court Battle

    1. Next, some bad news for “The Pirate Bay” as they have just lost their main domain in a court battle. The Swedish courts have ruled against the website and the ruling results in loss of “ThePiratebay.se” and “PirateBay.se” domains.
    2. Read More @ https://yro.slashdot.org/story/16/05/13/2220208/the-pirate-bay-loses-its-main-domain-name-in-court-battle
  7.  Second Bank hit by Malware attack similar to $81 Million Bangladesh Heist

    1. So it looks like the attackers behind the attack on the Bangladesh bank have attacked a second bank now as SWIFT, warned.
    2. Read More @ http://thehackernews.com/2016/05/swift-bank-hack.html
  8. Mozilla Fights FBI In Court For Details On Tor Browser Hack

    1. Mozilla has now also gotten in the fight with the FBI in order to compel the court to force the federal agency to disclose the details of the hack used to compromise the TOR browser. Mozilla is asking for the details of the vulnerability so that it can be patched prior to it becoming public knowledge.
    2. Read More @ https://yro.slashdot.org/story/16/05/12/2335232/mozilla-fights-fbi-in-court-for-details-on-tor-browser-hack
  9. Founder of Online Underworld Bank Gets 20 Years in Prison

    1. The founder of “Liberty Reserve”, a website almost exclusively created to facilitate money laundering for criminals around the globe has been convinced to 20 years in prison. I will admit, I had no knowledge of this “bank” but good to see the guy behind it is behind bars.
    2. Read More @ http://www.securityweek.com/founder-online-underworld-bank-gets-20-years-prison
  10. 10 Biggest Mega Breaches Of The Past 10 Years

    1. Last story of the week is a bit of a history lesson detailing some of the biggest breaches of the past 10 years. Needless to say, there has been quite a few, especially in the past few years.
    2. Read More @ http://www.darkreading.com/endpoint/10-biggest-mega-breaches-of-the-past-10-years/d/d-id/1325374?_mc=RSS_DR_EDT&image_number=1

Leave a Reply

Your email address will not be published. Required fields are marked *



Today is Monday
2018/01/22