It’s that time of the week again, so let’s see what kind of interesting stories happened in the industry for the past week or so.
- First story of the week is regarding another bank breach. This time Russia’s Central Bank was the target and hackers managed to steal $31 million dollars.
- Read More @ http://www.darkreading.com/attacks-breaches/hackers-steal-$31-million-from-russias-central-bank-/d/d-id/1327635
- Next, another user account breach, this time at DailyMotion. Some 85 million user accounts were stolen from the video sharing platform, including usernames, and email addresses.
- Read More @ http://thehackernews.com/2016/12/dailymotion-video-hacked.html
- Next, a look at the new malvertising campaign used by the Stegano exploit kit. Essentially, the new campaign is hiding malicious code in the pixels of banner advertisements that are currently in rotation on several high profile news websites. The malicious ads are difficult to detect by ad networks, which makes them quite a pain to deal with. So, make sure your Flash, and Browser plugins are up to date.
- Read More @ http://thehackernews.com/2016/12/image-exploit-hacking.html
- Next, a good article that explains what a DGA(Domain Generation Algorithm) is, and how it’s used by malware to help make analysis more difficult for security researchers Anyone dealing with exploit kits on a regular basis is probably familiar with this already but for those who are not, this is a good overview.
- Read More @ https://blog.malwarebytes.com/security-world/2016/12/explained-domain-generating-algorithm/
- Next, a story about President Obama ordering a full review of the possible Russian hacking of this year’s US election. There were rumors and sporadic news speculating that Russia may have played a hand in ensuring that Donald Trump won this election, and now it seems like there is enough smoke here for the President Obama to want to investigate the matter.
- Read More @ http://thehackernews.com/2016/12/russian-hacker-us-election.html
- Next, we brought several articles recently that look at the cyber security skills shortage. This time though we take a look at what kind of people do we actually need doing this type of work. Interesting read.
- Read More @ https://www.ncsc.gov.uk/blog-post/what-kinds-people-do-we-need-doing-cyber-security
- Last story of the week is one regarding an interesting new DDoS platform that awards “prizes and points” to those who participate in the DDoS campaigns. A Turkish hacker group is behind this concept and is trying to incentivize people to participate by offering points that can be exchanged for hacking tools, etc. Interesting.
- Read More @ http://www.zdnet.com/article/hackers-turn-ddos-attacks-into-a-game-for-points-and-prizes/