2016/06/19

Cool News Story Bro! Week of 06-17-2016

by Otakun
Categories: News
Tags: No Tags
Comments: Leave a Comment

Hi Guys!

It’s time for the oh so news-y goodness. Ok, that was pretty bad, I know…but I am running out of ways to intro this thing so I had to do it :) But, let’s get to the reason you are here….neeeeeeeews.

News Stories:

  1. Anonymous hackers are fighting Islamic State with porn

    1. First story of the week is regarding the hacker collective “Anonymous” and their ongoing campaign against ISIS. Apparently one of the ways they are doing this is by posting porn to hijacked ISIS and ISIS sympathizer accounts.
    2. Read More @ https://nakedsecurity.sophos.com/2016/06/14/anonymous-hackers-are-fighting-islamic-state-with-porn/
  2. Obama’s Web Rules Upheld in Win for Google, Loss for AT&T

    1. Next, good news for Net Neutrality as a federal court has upheld the recently passed Net Neutrality rules, ensuring that no traffic throttling, or “tolls” will be implemented on the internet, much to the dismay of companies like AT&T. Big win for the likes of Google, Netflix, and the like.
    2. Read More @ http://www.bloomberg.com/news/articles/2016-06-14/fcc-s-net-neutrality-rules-upheld-by-u-s-court-of-appeals
  3. CVE-2016-4171 – Adobe Flash Zero-day used in targeted attacks

    1. Next, some truly unprecedented news….A Flash 0-Day has been discovered. Ok, maybe not so surprising to anyone but true non the less. Folks over at Kaspersky labs have details on a targeted campaigns, Operation Daybreak and Operation Erebus, utilizing the Flash 0-Day CVE-2016-4171.
    2. Read More @ https://securelist.com/blog/research/75082/cve-2016-4171-adobe-flash-zero-day-used-in-targeted-attacks/
  4. Operation Daybreak

    1. Following up from the above article, a post on one of the major operations utilizing the above mentioned Flash vulnerability.
    2. Read More @ https://securelist.com/blog/research/75100/operation-daybreak/
  5. zCrypt ransomware: under the hood

    1. Next, an in depth look at a piece of ransomware known as “zCrypt”. Folks over at MalwareBytes have a really good write up on the inner workings of this piece of malware. Check it out.
    2. Read More @ https://blog.malwarebytes.com/threat-analysis/2016/06/zcrypt-ransomware/
  6. xDedic – the shady world of hacked servers for sale

    1. Next, some more great stuff from the Kaspersky researchers. This time a look at a somewhat unique underground marketplace specializing in sales of hacked servers. Really good read.
    2. Read More @ https://securelist.com/blog/research/75027/xdedic-the-shady-world-of-hacked-servers-for-sale/
  7.  How to Hack Someones Facebook Account Just by Knowing their Phone Numbers

    1. Next, a security researcher has demonstrated how to hack someone’s facebook account simply by knowing their phone number. Essentially the vulnerability is in the  signaling protocol, which is used by over 800 different telecoms worldwide.
    2. Read More @ http://thehackernews.com/2016/06/hack-facebook-account.html
  8. BadTunnel: a vulnerability all Windows users need to patch

    1. Next, a new Windows vulnerability named “BadTunnel” has been discovered and affects all versions of Windows from 95 and up. Details of the exploit are not public yet and will be presented by the researcher who discovered it at the upcoming BlackHat security conference, but it seems to rely on “NetBios” over TCP/IP. Looking forward to the details of this one.
    2. Read More @ https://nakedsecurity.sophos.com/2016/06/16/badtunnel-a-vulnerability-all-windows-users-need-to-patch/
  9. 32 million Twitter account credentials up for grabs – but site says it wasn’t hacked

    1. Next, another massive database of social media credentials has gone up for sale on an underground marketplace, this time the service in question is Twitter. However,Twitter is claiming that no actual breach has occurred and that these credentials were obtained through other means.
    2. Read More @ http://www.welivesecurity.com/2016/06/10/33-million-twitter-account-credentials-grabs-site-says-wasnt-hacked/
  10. Confronting the Talent Shortage: How to Invest in Your Existing Cybersecurity Staff

    1. Lastly, an interesting read on how to help deal with the Cybersecurity staff talent shortage, that has been well documented in recent years.
    2. Read More @ http://www.infosecurity-magazine.com/opinions/how-to-invest-in-your-existing
Otakun
– Otakun –

Leave a Reply

Your email address will not be published. Required fields are marked *



Today is Friday
2018/02/23