Time for another news recap. Good stuff as usual. Enjoy !
- It looks like another group is also targeting the SWIFT network as well. A new group called “Odinaff” seems to be following in the footsteps of the group that hit the Bangladesh bank for $81 million a while back, as well as several other banks.
- Read More @ http://www.darkreading.com/attacks-breaches/symantec-warns-of-second-group-targeting-swift-network/d/d-id/1327152
- Next, a group of researchers have demonstrated the means that the NSA used in order to break encrypted communication. We found this was feasible due to the Snowden leaks, but the exact methods used by the agency were not clear until now. The crux of the issue lies in a weakened implementation of the Diffie-Hellman algorithm, and a 1024-bit key. Essentially, with enough computational power these keys can be compromised. Even though NIST has been suggesting 2048 bit key strength since 2010, many have not made the change, resulting in being vulnerable to snooping.
- Read More @ http://thehackernews.com/2016/10/nsa-crack-encryption.html
- News has surfaced that the CIA is preparing for a cyber attack against Russia. Given the accusations aimed at Russia in regards to the DNC hack, it’s not unreasonable to think that there would be retaliation.
- Read More @ http://www.nbcnews.com/news/us-news/cia-prepping-possible-cyber-strike-against-russia-n666636
- Well, this was bound to happen, given the hot water Yahoo was in lately. Last week we mentioned that Verizon was looking for upwards of a $1B discount given the breach and spying revelations, but now it’s looking like it could be off the table completely.
- Read More @ http://www.afterdawn.com/news/article.cfm/2016/10/15/yahoo-s-acquisition-by-verizon-is-in-trouble
- Final story of the week is about an interesting new Android trojan that tries to get users to take a photo of themselves while holding an ID card for “verification” purposes. In essence it’s trying to trick the user into basically making it much easier for the crooks to use your stolen account data because they can use the selfie as verification. Clever.
- Read More @ http://www.scmagazine.com/selfie-for-your-data-trojan-requests-a-selfie-after-stealing-info/article/559419/
- This week webcasts, by Dell Secureworks is an interesting one and takes a look at the Underground Hacker Marketplace. So, if you ever wanted to see what that looks like, what kind of tools and services are available for purchase for the bad guys, take a look!
- Watch @ https://www.brighttalk.com/webcast/10979/225371