It’s time for the oh so news-y goodness. Ok, that was pretty bad, I know…but I am running out of ways to intro this thing so I had to do it :) But, let’s get to the reason you are here….neeeeeeeews.
- First story of the week is regarding the hacker collective “Anonymous” and their ongoing campaign against ISIS. Apparently one of the ways they are doing this is by posting porn to hijacked ISIS and ISIS sympathizer accounts.
- Read More @ https://nakedsecurity.sophos.com/2016/06/14/anonymous-hackers-are-fighting-islamic-state-with-porn/
- Next, good news for Net Neutrality as a federal court has upheld the recently passed Net Neutrality rules, ensuring that no traffic throttling, or “tolls” will be implemented on the internet, much to the dismay of companies like AT&T. Big win for the likes of Google, Netflix, and the like.
- Read More @ http://www.bloomberg.com/news/articles/2016-06-14/fcc-s-net-neutrality-rules-upheld-by-u-s-court-of-appeals
- Next, some truly unprecedented news….A Flash 0-Day has been discovered. Ok, maybe not so surprising to anyone but true non the less. Folks over at Kaspersky labs have details on a targeted campaigns, Operation Daybreak and Operation Erebus, utilizing the Flash 0-Day CVE-2016-4171.
- Read More @ https://securelist.com/blog/research/75082/cve-2016-4171-adobe-flash-zero-day-used-in-targeted-attacks/
- Following up from the above article, a post on one of the major operations utilizing the above mentioned Flash vulnerability.
- Read More @ https://securelist.com/blog/research/75100/operation-daybreak/
- Next, an in depth look at a piece of ransomware known as “zCrypt”. Folks over at MalwareBytes have a really good write up on the inner workings of this piece of malware. Check it out.
- Read More @ https://blog.malwarebytes.com/threat-analysis/2016/06/zcrypt-ransomware/
- Next, some more great stuff from the Kaspersky researchers. This time a look at a somewhat unique underground marketplace specializing in sales of hacked servers. Really good read.
- Read More @ https://securelist.com/blog/research/75027/xdedic-the-shady-world-of-hacked-servers-for-sale/
- Next, a security researcher has demonstrated how to hack someone’s facebook account simply by knowing their phone number. Essentially the vulnerability is in the SS7 or Signalling System Number 7 signaling protocol, which is used by over 800 different telecoms worldwide.
- Read More @ http://thehackernews.com/2016/06/hack-facebook-account.html
- Next, a new Windows vulnerability named “BadTunnel” has been discovered and affects all versions of Windows from 95 and up. Details of the exploit are not public yet and will be presented by the researcher who discovered it at the upcoming BlackHat security conference, but it seems to rely on “NetBios” over TCP/IP. Looking forward to the details of this one.
- Read More @ https://nakedsecurity.sophos.com/2016/06/16/badtunnel-a-vulnerability-all-windows-users-need-to-patch/
- Next, another massive database of social media credentials has gone up for sale on an underground marketplace, this time the service in question is Twitter. However,Twitter is claiming that no actual breach has occurred and that these credentials were obtained through other means.
- Read More @ http://www.welivesecurity.com/2016/06/10/33-million-twitter-account-credentials-grabs-site-says-wasnt-hacked/
- Lastly, an interesting read on how to help deal with the Cybersecurity staff talent shortage, that has been well documented in recent years.
- Read More @ http://www.infosecurity-magazine.com/opinions/how-to-invest-in-your-existing