Surviving the Week – 03/30/2012

Will there be a blackout?

The Anonymous hacker group has announced that they will bring down 13 root DNS servers by DDoS. Is this possible? According to Hackers News, they say that it might not be completely possible to shutdown the internet because the ISP’s are pretty-well prepared for these types of attacks. At this stage, I think the chances of them being able to pull this off are basically nil because its too easy to recover from backups and make use of read-only backup DNS servers. We will find out on the 31st – (update: Looks like they failed, ‘cause the internet is still here)
http://thehackernews.com/2012/03/why-hackers-cant-take-down-dns-root.html

Authorization bypass in McAfee Email And Web Security Appliance

The current McAfee Email and Web Security appliance authorization bypass functionality allows any logged-in user to reset the administrator password which results in any user becoming the administrator. If a product like “McAfee Email And Web Security Appliance” can have an authorization bypass vulnerability, how certain are you that your custom applications are secure???
http://packetstormsecurity.org/files/111362/NGS00155.txt

Verizon’s insightful 2012 Data Breach Investigations Report

The most common malware infection vector continues to be installation or injection by a remote attacker. This paper covers the various scenarios in which an attacker breaches a system via remote access and then deploys malware or injects code via web application vulnerabilities.
http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf

An EU Cybercrime Centre to fight online criminals and protect e-consumers

The EU centre will warn EU Member States of major cybercrime threats and alert them of weaknesses in their online defences. It will identify organised cyber-criminal networks and prominent offenders in cyberspace. It will provide operational support in concrete investigations, be it with forensic assistance or by helping to set up cybercrime joint investigation teams.
http://europa.eu/rapid/pressReleasesAction.do?reference=IP/12/317&format=HTML&aged=0&la

 

Facebooktwittergoogle_plusredditpinterestlinkedin
About Dan Kuykendall 169 Articles
Connect with Dan on Google+

Be the first to comment

Leave a Reply

Your email address will not be published.


*