2016/08/15

Cool News Story Bro! Week of 08-12-2016

by Otakun
Categories: News
Tags: No Tags
Comments: Leave a Comment

Hey Guys!

Another news week, another recap. Some pretty interesting stuff as usual so let’s get to it.

News Stories:

  1. Data Breach At Oracle’s MICROS Point-of-Sale Division

    1. First, another data breach and this time it’s the Point-of-Sale division “MICROS” that is the unlucky victim. Apparently the MICROS customer support portal was compromised by the “Catbanak Gang”, known for stealing over a billion dollars. The size and scope of the breach is still unknown as of this point.
    2. Read More @ http://krebsonsecurity.com/2016/08/data-breach-at-oracles-micros-point-of-sale-division/
  2. Visa Alert and Update on the Oracle Breach

    1. Adding to the above story, VISA has now also issued an alert and an update informing any customers using the MICROS PoS systems to check the systems for malware. They have also included a number of network Indicators of Compromise to help identify malicious activity.
    2. Read More @ http://krebsonsecurity.com/2016/08/visa-alert-and-update-on-the-oracle-breach/
  3. ProjectSauron: top level cyber-espionage platform covertly extracts encrypted government comms

    1. Next, an excellent write-up on a new truly advanced “APT” attack, dubbed “Project Sauron” recently discovered by Kaspersky labs.  They are classifying this campaign in the same group as the likes of “Duqu”, “Regin”, “Equation”, etc. Meaning that it’s far more advanced than your average “APT”. Great read.
    2. Read More @ https://securelist.com/analysis/publications/75533/faq-the-projectsauron-apt/
  4. Oops! Microsoft Accidentally Leaks Backdoor Keys to Bypass UEFI Secure Boot

    1. Next, a rather big “oops” on part of Microsoft, who have “leaked” the backdoor keys that allow people to bypass the UEFI Secure Boot feature. This feature is meant to ensure only specific cryptographically signed software is able to run, helping prevent certain malware from running, as well as preventing people from installing a non Windows OS. However, they included a bypass in the “Redstone” build of Windows 10 that included a “policy” that basically disabled Secure Boot. This policy was in place for debugging purposes, but now that the cat is out of the bag, it’s not going back in.
    2. Read More @ http://thehackernews.com/2016/08/uefi-secure-boot-hack.html
  5. Serious TCP Bug in Linux Systems Allows Traffic Hijacking

    1. Next, a serious bug has been discovered in the TCP implementation in Linux systems deployed since 2012 (version 3.6 of the Linux kernel) can be used by attackers to identify hosts communicating over the protocol and ultimately attack that traffic. Vulnerability (
      (CVE-2016-5696) is considered an “off the path” vulnerability and is fairly easy to take advantage of , with the success rate in testing between 88% and 97%. The patch has been developed that addresses the issue.
    2. Read More @ https://threatpost.com/serious-tcp-bug-in-linux-systems-allows-traffic-hijacking/119804/
  6. Facebook rolls out code to kick the shins off Adblock Plus reblocking

    1. Next, some privacy focused news. Recently “Facebook” rolled out a new ad code that allowed it to bypass Adblock Plus filtering. Makers of AdBlock Plus responded by finding a way to re-block, and the cat and mouse game began. Now facebook is saying they are going to roll out new code that bypasses the workaround. Cycle continues.
    2. Read More @ https://nakedsecurity.sophos.com/2016/08/12/facebook-rolls-out-code-to-kick-the-shins-off-adblock-plus-reblocking/
  7. Irish court orders alleged Silk Road admin to be extradited to US

    1. Next, an Irish Court has approved the extradition of an alleged admin for the “Silk Road” marketplace, that was shut down by the FBI, and the founder arrested and sentenced to life in prison. Now the admin Gary Davis,27 looks like he will be extradited to face similar charges in the U.S.
    2. Read More @ http://arstechnica.com/tech-policy/2016/08/irish-court-orders-alleged-silk-road-admin-to-be-extradited-to-us/
Otakun
– Otakun –

Leave a Reply

Your email address will not be published. Required fields are marked *



Today is Friday
2018/02/23