Happy New Year everyone!

…Is how I would have started this post had the blog been up when I made this video. You have found the first WatchGuard Security Week in Review video for 2015. This weekly information security (infosec) video summarizes the most important security news every Friday, in hopes of keeping busy network administrators up to date on important security issues and patches. If you don’t have time to follow infosec content on your own, let our quick video keep you in the loop.

This episode, from the first week of January, covers the latest updates on the Sony Pictures breach, some interesting changes to Microsoft’s Trust Worthy Computing group and Patch Day, and a new DDoS tool released by the Lizard Squad. Check out the video below, to see what you missed.

(Episode Runtime: 11:49)

Direct YouTube Link: https://www.youtube.com/watch?v=bGE_IQ77pyQ

EPISODE REFERENCES:

• Microsoft cuts Trustworthy Computing Group and changes Patch Day – V3.co.uk
• Lizard Squad Stressor and related articles
  • Lizard Squad explains why they attacked Xbox Live and PSN during Xmas – Kotaku
  • One Lizard Squad related arrest – Kotaku
  • Lizard Squad take credit for 8chan DDoS – Ars Technica
  • Lizard Kids: A Long Trail of Fail – Krebs on Security
  • Lizard Squad Stressor uses hijacked consumer routers – Krebs on Security
• Sony Pictures Breach Updates
  • Sony streams “The Interview” for Christmas – CNN
  • North Korea’s Internet temporarily goes down – NY Times
  • Sony CEO publicly speaks about attack at CES (video in article) – V3.co.uk
  • FBI Director continues to repeat North Korea was responsible for the attack – MSNBC
  • FBI says Sony hackers (DPRK) got sloppy – CNET
  • Some security experts still think FBI’s evidence is not enough – Computer World
  • FBI may have mad one mistake during their Sony investigation – Business Insider

EXTRAS:

• Deloitte’s security predictions for 2015 (video) – Bloomberg
• Finnish banks fighting DDoS since New Years – The Register
• A cyber attack caused physical damage in a German steel mill – Wired
• Bitstamp BTC exchange hacked, $5M bitcoin stolen – Naked Security
• Security hole found in North Korea’s “Red Star OS” – Ars Technica
• Snowden says focus more on defense than offense (I agree) – Computing
• Privacy leak in OS X Yosemite’s new Spotlight feature – Mac World
• Anonymous vows to avenge Paris Jihad attacks – Telegraph
• Consumer ASUS routers suffer from a serious, but local, vulnerability – Github
• Latest CryptoWall variant adds sandbox evasion – PC World
• Info on North Korean “Bureau 121” cyber team out of China – Business Insider
• XSS flaw found in Microsoft Dynamics DRM – ZDNet
• Pro-Russian DDoSer go after German sites – Tech Week Europe
• Former CBS reporter sueing the US Government for hacking her computer – The Hill
• Pastebin used as a command & control (C&C) – The Register
• Hacking ATMs (Jackpoting) with Android phones – KrebsonSecurity
• ISIS fan attacks UK news sites – Business Insider
• GoGo airline internet caught doing a HTTPS MitM attack – Ars Technica
• CERT warns of flaws in UEFI – ThreatPost
• Slides lack context, says Professor about Snowden leaks (I agree) – The Register
• WifiPhisher tool helps attackers steal wifi passwords – Github
• Hackers leak Xbox ONE SDK – The Independent
• Don’t install TornPlus TV – IT Pro Portal
• Android malware up 300% – SC Magazine
• Attackers “Sextort” Miss Teen USA (update on older story) – NBCNews
• Attackers deface MIT web site during anniversary of Aaron Swartz’s death – Neowin
• NSA can’t crack PGP – Gizmodo
• US seeking immunity over EU security breaches – The Guardian
• Neglected server may have opened the door to JP Morgan’s network – NY Times

— Corey Nachreiner, CISSP (@SecAdept)

You Can Learn More About the WatchGuards’ Product Line By Going to www.FirewallShop.com/WatchGuard.

The original article/video can be found at Lizard Stresser- WSWiR Episode 134