Security Brief: LulzSec, openSUSE Forum Hack, Yahoo Malvertising


Security brief for January 6 – 12, 2014

The year has just started and we’ve already had several interesting information security stories. Here’s your chance to catch up on some reading in case you haven’t been online much over the past week.

The malvertising attack against Yahoo has made a lot of headlines. Around 2.5 million users from Europe might have had their computers infected with one of five types of malware after cybercriminals compromised the company’s ad service.

As far as hacktivist attacks are concerned, Anonymous hackers have breached and defaced MIT’s website once again. The attack has been launched exactly one year after the activist Aaron Swartz committed suicide.

Pakistani hacker H4x0r HuSsY breached and defaced the official forum of openSUSE. The attack is interesting because the attacker claims to have leveraged a vBulletin zero-day to hack the website. However, vBulletin has not made any comments on the topic.

RedHack has started the year with a bang. The group has targeted Turkey’s Parliament, the Turkish State Railways (TCDD), the Turkish State Railways (TCDD) and the Justice and Development Party (AKP).

Another interesting hacktivism-related story is the one regarding LulzSec. It appears Sabu wasn’t the only member of the group who secretly collaborated with the FBI.

Izz ad-Din al-Qassam Cyber Fighters have been quiet over the past months. However, there’s a new group that reminds us of them. This week, the Islamic Cyber Resistance Group claimed to have breached the systems of the Israel Airports Authority (IAA).

Experts say they’re claims are false and that the group is only a front for Iran’s psychological warfare. It’s worth noting that many believe the al-Qassam Cyber Fighters are also representing Iran.

The Google, Yahoo, Amazon and Twitter domains for Tajikistan have been defaced. Well, not really. An Iranian hacker has breached the systems of the country’s registrar and altered the DNS records for the domains to redirect their visitors to a defacement page.

The hacker Guccifer is back with a long list of high-profile victims, including officials and celebrities. He’s confident that he will not get caught, despite having nightmares about it. However, Romanian spies are confident that he will get caught, some day.

In the DDOS attacks section, we have the attacks launched against a number of BitTorrent websites, including EZTV, What.cd, Passthepopcorn.me and Broadcastthe.net.

It’s also worth noting that DNS amplification attacks are no longer “cool.” Cybercriminals have turned to operations that abuse the Network Time Protocol (NTP).

Target continues to investigate the data breach it suffered last year. According to the latest statement from the company, the hackers stole the personal details of up to 70 million people.

The RSA Conference is becoming more and more controversial. A total of eight experts have cancelled their engagements and, on Friday, we learned that even OWASP canceled a training class and a co-marketing agreement.

New information has become available in the Silk Road case. Two of the three individuals arrested for their connection to Silk Road and Silk Road 2 have been released on bail. They are Andrew Michael Jones, arrested in the US, and Gary Davis, detained in Ireland.

In industry news, Intel has decided to ditch the McAfee brand name and turn it into Intel Security. John McAfee, the company’s founder, says he couldn’t be happier.

In related news, Commtouch has changed its name to CYREN, but the company says the move is more than just a name change.

Here are some other stories worth reading, in case you’ve missed them:

Syrian Electronic Army claims to have hijacked the Xbox Twitter account

Dropbox has not been hacked

At least 22,000 machines still infected with Flashback Mac malware

US senator wants more prison time for hacking attempts and conspiracy to hack

Mandiant and FireEye a match made in heaven? Not everyone thinks so

40 iOS banking apps from the world’s top 60 banks put to the test

LinkedIn is suing cybercriminals responsible for creating fake accounts

Bruce Schneier joins Co3 Systems

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s