TekDefense

I’m not sure how “crazy” these IT “tricks” are but this is a good collection of tips especially for those that are new to the field. For those of you in the DoD, you’ll recognize many of these tips from STIGs. There are a couple gems in this though.

Latest Yahoo Data Breach Restates Need for Basic Security

There were so many articles this week on the Yahoo Voice (Associated Content) data breach, it was really hard to choose one (You’ll find another in the honorable mentions). Yahoo was subject to a basic SQL injection attack that lead to a dump of over 450,000 email addresses and passwords. In an effort to make this as easy as possible for the attackers, Yahoo graciously left passwords in clear text. Email and password combinations were posted publically. Good news is someone should be able to make a decent dictionary out of this.

Warp Trojan from China said to fool routers into spreading Windows malware

Warp Trojan infects machines via the normal java/adobe exploits, but once a machine is compromised Warp shows why it is unique. Warp will send ARP requests to the local networking devices in an attempt to falsely display itself as a router. Once a networking device is fooled, subnet traffic is routed through the infected machine for man in the middle fun.

Oracle to release 88 critical fixes next week

Not much to say on this one except be prepared. These 88 patches will most likely not address the zero day for 11g that we spoke to previously.

Nvidia developer forum passwords hacked

As if the Yahoo breach wasn’t enough, last week we also received news of passwords being dumped from NVIDIAs forums. At least they didn’t store the passwords in clear text.

Botnet infections in the enterprise have experts advocating less automation

This article brings up a subject that is near and dear to my heart. Many organizations believe they can throw money at the Cyber problem to make it go away. While funding is helpful, organizations need to learn that spending all their money on expensive silver bullet appliances is not nearly as valuable as hiring experienced security personnel.

Honorable Mentions

Multi-platform Backdoor with Intel OS X Binary

Phishers use less strident subject lines to deliver new cunning attacks

Google Releases Google Chrome 20.0.1132.57

Yahoo security breach shocks experts

The worst security snafus of 2012 - so far

Cyber Armament

Admin |

Post a Comment |

tagged

Threat Down in

News

Sunday

Jul082012

Threat Down - 7/8/2012

Sunday, July 8, 2012 at 8:58PM

Welcome to the Threat down for the week ending on July 8, 2012. Here is a recap of noteworthy news items from throughout the week.

Top Security News

Phone-raiding Trojan slips past Apple’s App Store censors

While Apple wasn’t the only company that let this slide through their filters (Google as well), this is the first reported case of malware making it past Apple’s screening methods. This trojan collects contact information, GPS information, and sends SMS to the contact list in an attempt to compromise more users.

eHarmony data breach lessons: Cracking hashed passwords can be too easy

We have learned a lot about why hashing isn’t enough (thanks Linkedin), but it is nice t see some real metrics that can be leveraged to get management on board with slated hashes. “it only took 72 hours to crack about 80% of 1.5 million eHarmony hashed passwords that were dumped”.

Internet will vanish Monday for 300,000 infected computers

Okay, I promise this will be the last article about DNSChanger that makes this list, unless there is another extension. Hard to believe that there are still 300,000 machines infected with DNSChanger after all of this publicity. Also, I wish these news sites would stop saying that the internet is going to disappear, it is just DNS resolution that goes bye-bye.

Patch Tuesday: Time to use the Flame-retardant Windows Update client

There will be nine patches released this Tuesday, three of which will be critical. While it is always important to keep your machines updated, this is a particularly significant patch Tuesday as the vulnerability that allowed Flame to leverage windows update is being addressed.

Ransomware threatens victims with police reports for child pornography

Ransomeware has been getting a lot of hype lately (thanks Reamde), but this particular strand goes above and beyond. While normal ransomeware will encrypt your drive and then ask for money in return for the password to decrypt, this strand adds the threat of placing child pornography on the victim computer and calling the police.

Botnet infections in the enterprise have experts advocating less automation