SOC Monkey - Week in Review - 6.18.2012

Blog Post created by socmonkey on Jun 18, 2012

Hello again Monkeynauts,


For those of you that are returning, welcome back!  For those of you that clicked here and don't know where I find my tidbits, why not try my free SOC Monkey App, from the Apple App store, and then roll on back here next week?SocMonkey6.18.png


After the press barrage of the last week, with LinkedIn and the remnants of Flame, it seems to be a pretty light week on my monkeyfeed, so i'm going to bring you a few of the most interesting links and updates.


First off, to follow up on the LinkedIn password story: LinkedIn sheds more light on security breach, the company has said that it's once again secure, and that it's notified all its affected users. On the good news front for them, it looks like the fallout is not hurting them as much as some thought and their stock did rise on Friday. I'm going to stay tuned as we're not sure just how deep this rabbit hole goes, and we might be hearing more information on what data, if any, was also compromised during this attack. I for one am pulling for them, as I find my LinkedIn account to be far more interesting reading than my other social networks currently, and far more valuable to my monkey career.


Second, to circle back on Flame this week, it looks like the immediate reaction is starting to calm down a bit, and people are now realizing what the experts have been saying might be more to the point, Flame is Lame, sounds like the rallying cry that the experts have been saying since the news first broke on this malware.  The F-secure blog I've linked above, systematically discounts every point that's been discussed regarding Flame, and ZDNet's article: Is the antivirus era really over? Not yet, pulls us back from the brinkmanship that was hyped up when Flame first arrived.  I know that hype sells papers (or webclicks) and saying that this malware is the biggest and baddest one on the block seemed like the right angle at the time, but upon further reflection, is this really a non issue?


Couple more quick hits for you all:

CVE-2012-2122: A Tragically Comedic Security Flaw in MySQL

Introducing Metasploitable 2!    


Lastly this week, this story from CNET has me scratching my head: Post-hack, companies fire back with their own attacks. Having been a baby monkey in the 80's, I'm all for the old school revenge movies I grew up with. Van Damme comes to mind, where his brother/father/uncle/neighbor has been killed, and he must right the wrong by doing splits and kicking things. Makes complete sense, but still, does this news story about hacking your hackers strike anyone else as maybe a bit over the top?  First of all, poking the hornets nest that has stung you always seems like a bad idea, especially since the attackers were probably just after your data at first. Attacking them back makes it personal, and we all know how quickly that can escalate. Second, it's still ILLEGAL. Take it from your favorite monkey, if you're planning on striking back, it's probably not worth the victory.  I'd love to hear from the braintrust out there that reads me, where do you stand on this issue? Do you think it makes sense to take the attack back to the attackers, or would you rather be defensive, and legal about the entire matter?


Thanks Monkeynauts, I'll see you next Monday!