News

Every week, the security community learns about new attacks, exploits, breaches, security patches, and more. However, keeping track of all this fresh information security (infosec) news can be challenging for most IT practitioners. If you need a little help separating the security wheat from the chaff, this weekly video podcast is for you.

Today’s episode warns you about next week’s upcoming Microsoft patch, covers how Adobe DRM snoops on your reading habits, and shares details about an ATM trojan that has helped its creators steal millions in cold hard cash. Watch the video for details, and check out the reference section for most interesting infosec stories.

Direct YouTube Link: https://www.youtube.com/watch?v=5xi3vtc5bAQ

Episode References:

• Microsoft October Patch Day – Advanced Notification – Microsoft
• ATM secret code hack is still netting attackers millions – The Register
  • Kaspersky’s research on Tyupkin ATM trojan – Securelist
• Adobe’s ebook reader DRM snoops on your reading habits – Ars Technica
  • EFF’s comments on the Adobe DRM scandal – EFF

Extras:

• Apple adds Xprotect definitions to block iWorm (Mac botnet that infected 17K) – BGR
• Meet China’s youngest “whitehat” child hacker – Kotaku
• A deep look into a Russian malware campaign [PDF] – ProofPoint
• Feds say it was legal to “hack” Silkroad servers without a warrant – Wired
• DEF CON home router hacking contest netted 15 0day, seven critical – EFF
• BadUSB “mitigation” released, but not a real fix – Slashgear
• JPMorgan hackers breached nine other banks and brokerages – Reuters
• Researcher says Shellshock used to hack Yahoo, but Yahoo denies – Ars Technica
• FBI Director talks about “drunken burgler” Chinese hackers on 60 Minutes – Ars Technica
• Dairy Queen the latest retailer to get hacked – NBC News
• Scandalous Emma Watson pictures used to lure victims in Facebook scam – SC Magazine
• Interview with a DDoS troll from DerpTrolling – CNET
• Android Selfmite SMS spamming worm is back – Computer World
• Shellshock vulnerability affects Siemens ICS gear – CBR Online

— Corey Nachreiner, CISSP (@SecAdept)