According to the news cyber criminals, nation states, and even our own employees are attacking our digital networks. In fact there’s so much information security news each day, it’s hard to keep up. If you find yourself falling behind, perhaps my weekly summary video can help.
Today’s episode covers, nation-state malware, booby-trapped popular web sites, dangerous pre-loaded software, and more. Press play below to get the scoop, and feel free to browse the references for other stories.
(Episode Runtime: 10:30)
Direct YouTube Link: https://www.youtube.com/watch?v=HOWUsT2cWgo
EPISODE REFERENCES:
- Daily Security Bytes:
- Monday: No Video due to Presidents Day
- Tuesday: NSA Hacks Hard Drives – Daily Security Byte EP.25
- Wednesday: Web Security PSA – Daily Security Byte EP.26
- Thursday: Lenovo Superfish Breaks HTTPS – Daily Security Byte EP.27
- Friday: NSA SIM Heist – Daily Security Byte EP.28
- NSA infects hard drives of millions of victims
- Kaspersky’s blog post on the Equation Group (EG) – Kaspersky
- More detailed Kaspersky analysis – Securelist
- Full Kaspersky research whitepaper [PDF] – Kaspersky
- Ars Technica’s write-up on how this group stayed hidden – Ars Technica
- Crackers decrypt mystery hash from EG (it was Arabic) – Ars Technica
- Ex-employee alleges NSA targets HDs – Reuters
- Someone asking about this malware (Fanny) on a forum? – Lowyat
- Two popular web sites serve malware
- Jamie Oliver’s web site serves malware – Forbes
- RedTube “adult” site spreads malware via iframe – Malwarebytes
- Lenovo Superfish
- Ars describes Superfish’s HTTPS MitM – Ars Technica
- Great post on decrypting the Superfish key – ErrataSec
- Lenovo doesn’t fess up to the problem – Techdirt
- Removing the Superfish certificate – Trend Micro
- Lenovo’s official support statement on Superfish – Lenovo
- Full Superfish (including cert) removal instructions – Lenovo
- Superfish github – github
- A trip to BestBuy to test out SuperFish – Mozilla
- Other software (Komodia) as bad as Superfish – IBT
- Superfish vulnerability test websites:
- NSA’s Great SIM Heist
- NSA and GCHQ hacked SIM card vendors to pwn mobile devices – The Intercept
- Gemalto to investigate this massive alleged breach – Help Net Security
EXTRAS:
- Obama’s thoughts on encryption – Re/code
- Watch out for fake Windows 10 activators – Help Net Security
- Lizard Squad still DDoSing game networks – Naked Security
- Yet another serious flaw in a consumer router/WAP (Netgear) – Seclists.org
- Another Bitcoin exchanged hacked; reward offered – Business Insider
- Is it illegals to carry security exploits across borders? – The Register
- Bank hacking ring has stolen over $1B – CNN
- Kaspersky’s report on carbanak gang bank heist – Securelist
- NY Times article on bank heist – NY Times
- Krebs on the great bank heist – Krebs on Security
- Phishing used to infect bank employees – Gizmodo
- FreeBSD’s random number generator is not random – FreeBSD
- More discussion around Google Project Zero disclosure deadlines – iDigitalTimes
- A new ICS twist to BadUSB – ThreatPost
- A demo of wiper malware, like from the Sony Pictures breach (requires registration) – CrowdStrike
- Our partner, Trend Micro, unveils Operation Arid Viper attack campaign – Trend Micro
- Kaspersky calls this the Desert Eagle campaign – Securelist
- DNS is increasing used for C2C channel – ThreatPost
- Researcher uncover alleged French nation-state malware (Babar) – Motherboard
- How long before smart-Barbie gets hacked (IoT) – Network World
- Big Fish breach, customer data stolen (including CCs) – CA.gov
- Swedish citizen pleads guilt to BlackShades malware – Bloomberg
- FBI threatened hacker with 44 felonies for not working with them – Wired
- Morgan Stanley may have had a customer data breach – NASDAQ
- AV tools miss 70% of malware (you need APT blocker) – Betanews
- Billy Rios hacks a car wash – Dark Reading
- iOS Masque attack update. iPhone users beware – FireEye
- AVG discovers android trojan that spies while you phone seem off – Help Net Security
- Apparently hackers are still in the State Department’s unclassified network – WSJ
— Corey Nachreiner, CISSP (@SecAdept)