In this episode of Security Decoded Dennis, John and Mike talk about the weeks security news including items like the NY Times, Wall Street Journal and Washington Post infiltrations, the Twitter hack and what does that really mean, creepy new Android malware that jumps from your phone to your PC, Massive new method for credit card fraud, sleepy malware and quite a few more topics.
Then we jump into Java and talk about all of the recent vulnerabilities and can you really live without it on your machine.
This is a great episode and we cover a ton of subjects.
Downloads
Show Notes
New York Times, Wall Street Journal, Washington Post and more were hacked
- http://news.cnet.com/8301-1009_3-57566805-83/chinese-hackers-said-to-wage-cyberwar-on-the-new-york-times/
- http://news.cnet.com/8301-1009_3-57567831-83/chinese-still-hacking-us-says-wall-street-journal-owner/
Twitter confirms data compromise of 250,000 user accounts
- Offical Twitter: http://blog.twitter.com/2013/02/keeping-our-users-secure.html
- http://isc.sans.edu/diary/Twitter+Confirms+Compromise+of+Approximately+250%2C000+Users/15064
Creepy new Android jumps from your phone to your PC
More Android Malware “Bill Shocker” has infected 600,000 mobile users
Oracle released a Java update earlier to address in-the-wild exploitations of a new bug:
‘Massive’ Credit Card Fraud Steals $200M
One of the members of Rove Digital pleaded guilty to charges of wire and computer intrusion:
Crooks netted millions in coordinated ATM heists that were timed to begin on Christmas Eve 2012
New malware discovered by FireEye sleeps its way into financial institutions:
FireEye discovers a longstanding advanced persistent threat campaign targeting U.S. aerospace & defense industry:
OpenSSL Security Advisory including Lucky Thirteen: Breaking the TLS and DTLS Record Protocols,…
Protecting your data and device is not as simple as just locking your phone:
Following criticism from cryptographers, @kimdotcom promises $13,600 to anyone who breaks Mega encryption:
Point-of-sale skimmer in as-yet undisclosed merchant breach used bluetooth, encrypted data at rest and on the move
uPNP vulnerability
Podcast: Play in new window | Download