My first link this week is about Malicious Code in Microsoft Office Documents, from Lenny Zeltser's infosec blog. This blog was only posted yesterday, and is already running up on my weekly list, so it's getting a great deal of traffic. It's informative, filled with good external links, including multiple CVEs, and is absolutely terrifying. I don't make it a habit of clicking strange office documents, but knowing that this exists, and seeing how it's accomplished are far different things.
Going back to a previous SOC Monkey blog, the Global Payments breach story still has legs as Krebs reports: Global Payments Breach Now Dates Back to Jan. 2011. So, to clarify, that means that the attackers were inside the network from January of 2011, all the way up to March of 2012, and they stole 24 million unique transactions before they were finally discovered. As Krebs first broke this story, it looks like the Monkeynauts are finding his blog to be excellent week after week, as he seems to be one of the most retweeted contacts on my list. He's a great read, on multiple fronts.
Next is an article from ZDNet, about Avira, and their latest Antivirus update. This update, earlier this week, was flagging certain Windows operating processes as malware, and blocking other programs from opening at all. As you can imagine, this had an immediate and potentially crippling effect on the businesses who pushed this update out to their entire Windows infrastructure. As of today, Avira has released some additional updates that should fix the problem, but I'm sure that was a long couple of days for those guys. It seems to be a popular link this week, but I'm not sure if it's more due to the interesting angle of the story, or of the fear of this happening or being caused by my readers. Feel free to drop me a line, or weigh in here with your opinions.
Multiple Human Rights, Foreign Policy Sites Hacked(Krebs, again! He's a machine!)
[SECURITY] [DSA 2473-1] openoffice.org security update(CVE-2012-1149 - getting a great deal of clicks this week)
HULK DDoS Tool Smash Web Server, Server Fall Down (After seeing the Avengers, anything with the Hulk on it seems to be trending.)
Popular Surveillance Cameras Open to Hackers, Researcher Says (quick shout out to Kim, as I keep linking her here. The Monkey loves you.)
Finally, as I generally do, I'd like to welcome you to the weekend with a fun link. Since a certain social network is in the news this week, (not Friendster?), I'd like to share my favorite story I've found that's somehow related: Two men rob Internet cafe, forget to log out of Facebook prior to robbery. That's it. No set up, no comments, this is truly an article that speaks for itself.
Til next time, my fabled Monkeynaughts.