A selection of this week’s more interesting vulnerability disclosures and cyber security news.
As usual the IoT botnet raises its head ready to strike multiple times, a few casualties this week but there appears to be a general feel of unease that these are just trial runs for something bigger. The ease in which Mirai is able to use a small number of machines for such big wins is disturbing. Keep your eye on your fridge or toaster, it might be out to get you! This particular article sums it up…
We have below the exciting news of the week including more IoT hell and some quite staggering breaches. Enjoy the weekend!
- Australian Red Cross Leak Exposes Contractor Risks (InfoRiskToday)
- Shadow Brokers Try To Give NSA Halloween Scare With Leak Of Hacked Servers (Forbes)
- Vuln hunter finds nasty shared server god mode database hack holes (The Register)
- ‘Do Gooder Worm’ Changes Default Passwords In Vulnerable IoT Devices A security researcher has proposed an unusual approach for protecting Internet of Things devices against Mirai-like threats. It’s not likely to see the light of day, either.
- Barracuda email security scanning services in worldwide TITSUP* (The Register)
- Hackers hustle to hassle un-patched Joomla! sites (The Register)
- How the Mirai botnet almost took down an entire country, and what your business can learn (TechRepublic)
- How to block the ultrasonic signals you didnt know were tracking you (ArsTechnica)
- Inside the Cerber Ransomware-as-a-Service Operation (InfoRiskToday)
- Microsoft flips Google the bird after Windows kernel bug blurt (The Register)
- Mirai Botnet Infects Devices in 164 Countries
- New York’s bitcoin hub dreams fade with licensing backlog (Yahoo Security)
- New, more-powerful IoT botnet infects 3,500 devices in 5 days (ArsTechnica)
- Obey Google, web-masters, or it will say you can’t be trusted (The Register)
- Researchers expose Mirai vuln that could be used to hack back against botnet (The Register)
- Shadow Brokers dump reveals NSA targets (The Register)
- Someone Just Used The Mirai Botnet To Knock An Entire Country Offline (Forbes)
- Sweden axes 700MHz spectrum sale over ‘national security’ fears (The Register)
- Teen UK hacker pleads guilty after earning $385k from DDoS tool (The Register)
- This evil office printer hijacks your cellphone connection (ArsTechnica)
- Tokens of terror spark ‘major security update’ at GitLab (The Register)
- Ubuntu Core Snaps door shut on Linux’s new Dirty COWs (The Register)
- UK: Teenage hacker behind 1.7 million cyber attacks faces jail
- Universal hijack hole turns DIY Wix blogs into botnets (The Register)
- Windows zero-day exploited by same group behind DNC hack (ArsTechnica)
- Leaks password, check. Leaks Wi-Fi password, check. Can be spoofed, check. Ding! We have an Internet of S**t winner (The Register)
- Mirai Malware Is Still Launching DDoS Attacks (InfoRiskToday)
- CT: Man Charged with Stealing Bitcoins in Dark Web Phishing Scheme
- Hacker Caught Attempting To Steal $1.5 Million From US Financial Institution Defendant faces charges of wire scam and hacking of government website attempting to steal $1.5 million.
- Delete unused Android apps now, or risk a security nightmare (TechRepublic)
- Your WeMo Smart Home Can Spy On Your Android Smartphone (Forbes)
- Appointments on hold as (computer) virus wreaks havoc with NHS trust systems (The Register)
- Many Joomla Sites Hacked via Recently Patched Flaws (SecurityWeek)
- Multiple RCE flaws found in Memcached web speed tool (The Register)
- Security Fail Exposed Details of Virgin Media’s UK Job Applicants
Weekly Cyber Security News 04/11/2016
