It was difficult to go anywhere this week without hearing about the flurry of activity surrounding the Wikileaks data dump. A slew of denial-of-service attacks followed soon after, while new ransomware and attacks on open-source software filled out the rest of the week’s news. Read on for the week in review.
Wikileaks, once hosted on Amazon’s servers, was targeted by denial-of-service attacks early Sunday night. The attacks followed the posting of 250,000+ government documents dubbed “cablegate.” It was reported that hacker-activist ‘The Jester’ caused the first attack, knocking the site offline for hours, as a form of retribution against Wikileaks for “attempting to endanger the lives of our troops, other assets, and foreign relations.” Wikileaks suffered another attack on Tuesday as a second wave of DDoS attacks ravaged the site.
While the attacks caused sporadic outages, none of them knocked the
site offline like Sunday’s when 2-4 Gigabits of traffic hit the site
News came quickly from “cablegate,” including details that helped explicitly tie China to this year’s Aurora attacks. The attacks, which targeted Google and to a lesser extent Adobe, were aimed at securing access to Chinese dissidents’ e-mails and allegedly trying to steal intellectual property.
Ransomware dominated the news this week, including a new version of the old GpCode found its way onto computers. The malware demanded $120 to decrypt infected files. Unlike previous variants, the most recent resurrection provides users with a very slim chance of getting their data back. On Tuesday a second breed of ransomware, Seftad, was detected. Unlike GpCode however, Seftad overwrites the infected computer’s boot record and demands $100 to fix the problem.
As usual the rest of the week was checkered with the usual holes and patches.
Open-source software bared the brunt of attacks with both Savannah GNU and ProFTPD finding their websites compromised. Savannah’s site was hit with a SQL injection which allowed attackers to leak passwords and access old projects. ProFTPD’s server was backdoored by a bug in the software itself, leading to the distribution of dirty software.
It wouldn’t be a week in security without a few fixes. Adobe teamed up with Google on Wednesday to release a new version of Chrome that allows a sandboxed version of Flash to run in the browser. Adobe, who recently released their Reader X with an accompanying sandbox, sees the new venture as the latest line of additional defense to help protect their end-users.
WordPress had an update on Wednesday as well and released version 3.0.2 of their blogging platform. The patch fixed a “moderate” hole that could’ve allowed users to overtake blogs on a larger scale.
What caught your interest this week? On Thursday George Hulme took a look at the data and privacy problems that stem from employees trying to incorporate their personal technology into a work environment. On Monday, Alex Hutton wrote a primer on InfoSec, breaking down the term to examine it as a hypothetical construct.