2016/08/29

Cool News Story Bro! Week of 08-26-2016

by Otakun
Categories: News
Tags: No Tags
Comments: Leave a Comment

Hey Guys,

Apologies for a slightly late news update. It’s been a bit of a slow news week but we still got a few things for you and an interesting podcast as well. Enjoy.

News Stories:

  1. RIPPER ATM Malware and the 12 Million Baht Jackpot

    1. First, a great post by FireEye on a new ATM Malware called “Ripper” that was just use in a 12 million Baht theft in Thailand. The malware itself has some new tricks, which makes it interesting, so please give it a read.
    2. Read More @ https://www.fireeye.com/blog/threat-research/2016/08/ripper_atm_malwarea.html
  2. Ashley Madison Failed on Authentication and Data Security

    1. A while back news of Ashley Madison (“dating” website) breach and massive leak of customer data was made public, and now more details have emerged as part of an official investigation into the security of the site itself. The results of the investigation highlighted a number of rather large failings on the part of ALM Media when it comes to their security. Not the least of which was a fake “security certification” listed on their website, basically there to mislead users into thinking the website is secure. If they are willing to do things like that, it’s hardly a surprise that their actual security was fairly awful for a website that possess so much personal informati0n.
    2. Read More @ http://www.infosecurity-magazine.com/news/ashley-madison-failed
  3. New York Times Targeted in Hack Attack

    1. The New York Times, Moscow branch was targeted by a cyber attack possibly from the same hackers that are responsible for the attack on the DNC. The FBI is currently investigating the source of the attack, even though the attack seems to have not succeeded.
    2. Read More @ www.infosecurity-magazine.com/news/new-york-times-targeted-in-hack
  4. United Airlines Sets Minimum Bar on Security

    1. Next, United Airlines has made some changes to its website aimed at helping improve account security of their users, though how successful they will be is yet to be seen. Krebs takes a closer look at the changes implemented, and also provides some insight into why these changes were implemented as well as a video showing off some of these changes.
    2. Read More @ http://krebsonsecurity.com/2016/08/united-airlines-sets-minimum-bar-on-security/
  5. The Secret Behind the NSA Breach: Network Infrastructure Is the Next Target

    1. Next, another look at the data leaked as part of the NSA Breach, this time highlighting the weaknesses in Network Infrastructure devices, and how these became the focus of some of these very advanced attacks, like the ones used by the “Equation Group” and the like. Essentially, asking the manufacturers to step up their game when it comes to securing their devices.
    2. Read More @ http://www.darkreading.com/endpoint/the-secret-behind-the-nsa-breach-network-infrastructure-is-the-next-target/a/d-id/1326729?_mc=sm_dr&hootPostID=6c36c7180b132d1c4132f4883648e676

Webcasts:

  1. Hunting for Threats: tips and tricks for SOC experts

    1. This weeks webcast is a good one. Courtesy of FireEye, this one focuses on providing some useful advice for SOC analysts on hunting (aka, looking for potential threats, etc.). They demonstrate a number of good places to look, tools to use, and ways to analyze said data. Check it out.
    2. Watch @ https://www.brighttalk.com/webcast/10703/218901
Otakun
– Otakun –

Leave a Reply

Your email address will not be published. Required fields are marked *



Today is Friday
2018/02/23