Show notes: Risky Business #272

We had to cut lots this week!
March 7, 2013 -- 

For time considerations I had to cut out our discussion of a lot of these articles... but I've included them in the show notes because they're worth a cursory look. Enjoy!

Episode 272 can be found here.

The Java Zero-Day Procession Continues | threatpost
http://threatpost.com/en_us/blogs/java-zero-day-procession-continues-030113

New Java 0-Day Attack Echoes Bit9 Breach — Krebs on Security
http://krebsonsecurity.com/2013/03/new-java-0-day-attack-echoes-bit9-bre...

Oracle issues emergency Java update to patch vulnerabilities | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57572496-83/oracle-issues-emergency-jav...

Prompted by Oracle Rejection, Researcher Finds Five New Java Sandbox Vulnerabilities | threatpost
http://threatpost.com/en_us/blogs/prompted-oracle-rejection-researcher-f...

More Java-based malware plagues the cross-platform runtime | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57572168-83/more-java-based-malware-pla...

Jailed hacker allowed into IT class, hacks prison computers | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57572282-83/jailed-hacker-allowed-into-...

Groundbreaking Cyber Fast Track Research Program Ending | threatpost
http://threatpost.com/en_us/blogs/groundbreaking-cyber-fast-track-resear...

Google Says the FBI Is Secretly Spying on Some of Its Customers | Threat Level | Wired.com
http://www.wired.com/threatlevel/2013/03/google-nsl-range/

Attorney General: Aaron Swartz Case Was a 'Good Use of Prosecutorial Discretion' | Threat Level | Wired.com
http://www.wired.com/threatlevel/2013/03/holder-swartz-case/

White House, FCC Chairman Support Legalizing Unlocking of Mobile Phones | Threat Level | Wired.com
http://www.wired.com/threatlevel/2013/03/mobile-phone-unlock/

Mobile Malcoders Pay to (Google) Play — Krebs on Security
http://krebsonsecurity.com/2013/03/mobile-malcoders-pay-to-google-play/

APT1-Themed Spear Phishing Campaign Linked to China | threatpost
http://threatpost.com/en_us/blogs/apt1-themed-spear-phishing-campaign-li...

Google Patches 10 Chrome Flaws Ahead of Pwn2Own, Pwnium | threatpost
http://threatpost.com/en_us/blogs/google-patches-10-chrome-flaws-ahead-p...

Time Stamp Bug in Sudo Could Have Allowed Code Entry | threatpost
http://threatpost.com/en_us/blogs/time-stamp-bug-sudo-could-have-allowed...

MiniDuke Espionage Campaign Began About a Year Earlier Than First Thought | threatpost
http://threatpost.com/en_us/blogs/miniduke-espionage-campaign-began-abou...

Apple Begins to Blacklist Old Versions of Flash for Safari | threatpost
http://threatpost.com/en_us/blogs/apple-begins-blacklist-old-versions-fl...

Evernote Compromised, But Says No User Data Affected | threatpost
http://threatpost.com/en_us/blogs/evernote-compromised-says-no-user-data...

Locked-down BlackBerry offers classified, personal use | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57572337-83/locked-down-blackberry-offe...

CloudFlare security service goes down after router failure | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57572259-83/cloudflare-security-service...

The most secure Android phone in the world (maybe) | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57571961-83/the-most-secure-android-pho...

Sudden death of U.S. engineer in Singapore linked to cyber espionage? | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57572070-83/sudden-death-of-u.s-enginee...

Dropbox users getting spammed, might be from earlier hack | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57571968-83/dropbox-users-getting-spamm...

Anonymous leaks alleged data on BofA execs, surveillance | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57571955-83/anonymous-leaks-alleged-dat...

Dell builds sinkhole data-sharing platform - Applications - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/335362,dell-builds-sinkhole-data-shari...

CommBank builds security fault tree after RSA breach - Networks - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/335102,commbank-builds-security-fault-...

Use decoy and deception to mess with hackers - Applications - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/335049,use-decoy-and-deception-to-mess...

Hackers focus energy on solar sector - Networks - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/335003,hackers-focus-energy-on-solar-s...

silent circle - Google Search
https://www.google.com/search?q=silent+circle&aq=f&oq=silent+circle&aqs=...

Here's this week's sponsor: Buy their stuff!!!

Penetration Testing & Web Application Security - HackLabs
http://www.hacklabs.com/

Comments

foxie.claire's picture

The zero day attack is really good. I guess they are aware of what they have. - Kris Krohn