SOC Monkey - Week in Review - 6.25.12

Blog Post created by socmonkey on Jun 25, 2012

Dearest Monkeynauts,


I have returned to give you a full update of the big stories that you might have missed last week in Information Security. If you'd like to stay updated at any time, my App, from the Apple App store is free to download!6.25.12.jpg


Last week saw quite a few topics that I've discussed here before maintaining their position with the Pips. The news story that really seems to keep drawing the most attention is the ongoing troubles LinkedIn is having with its password problem. LinkedIn hit with lawsuit over massive data breach, is an article from Computerworld detailing a class action suit targeting the networking site for it's failure to meet, and I quote, "industry standard security practices."  OK, I'm officially starting to feel bad for LinkedIn.  I think they're putting out a great product, and it's how I managed to land this gig as everyone's favorite monkey blogger.  Still, when the lawsuit is looking for damages of 5 Million dollars? Seems to be a bit of a vendetta and cash grab instead of a real lawsuit. Feel free to throw your two cents on this ongoing drama below.


The next topic that keeps shambling along like a Zombie at a brain buffet?  The ever popular Flame malware.  This week, the Washington Post has jumped into the mix with an article that squarely puts the blame behind the creation on the U.S. and Israel: U.S., Israel developed Flame computer virus to slow Iranian nuclear efforts, officials say. Now, if you're a SOC Monkey user, you've seen these rumors, rumblings, and suspicions since the day the news broke about Flame, but for some reason, I see a major player like the Post picking it up as a pretty big turning point in this ongoing discussion. Of course, no U.S. Official or the Israeli Embassy is commenting on this story as of yet, so I expect that we'll keep seeing this pop up again and again in the ongoing months.


Keeping on the topic of malware and it's targets: Iran says detected massive cyber attack. This story from Reuters touches on the past attacks and issues with Flame, but also seems to point a finger back at the U.S., Israel, and Britain, about a new and soon to be released, " massive cyber attack." The question here is of course, is this actually a new attack vector? Will we be hearing about a new and totally different malware or worm similar to Stuxnet and Flame that's actively targeting Iran right now?


Last few links the Pips found interesting:

Department of Homeland Security and U.S Navy hacked | The Hacker News

Malware RATs can steal your data and your money, your privacy too | ESET ThreatBlog


Finally, since I'm a huge monkeynerd, and because the field of Cryptography is always interesting, I'll leave you with this article: BBC News - Centenary of the birth of WWII code breaker Alan Turing. Alan Turing, the man that some people say won the war in the Atlantic by cracking the Enigma machine used by the Germans, would have been 100 years old last Wednesday. His wartime contributions, and his influence in the eventual field of computing was incredible, and this video is well worth a watch.


I'll see you back here next Monday, with all the past weeks big hits.


Til then,