0day

Talk Security: Flash, Ghost, Anthem and Previewing SAS

In this talk security podcast, Chris Brook and Brian Donohue discuss the upcoming Security Analyst Summit, Flash zero days, the Ghost vulnerability and the Anthem breach

Brian Donohue
February 12, 2015

It’s the beginning of February and we’ve already seen three Adobe Flash zero days, an Internet wide-vulnerability in Linux and our first massive data breach of Anthem Inc., an enormous healthcare provider. Threatpost’s Brian Donohue and Chris Brook discuss these headlines and preview Kaspersky Lab’s Security Analyst Summit, set to kick off next week in Cancun, Mexico.

FROM BRIAN AND CHRIS’S READING LIST
It started out as a tale of two Flash zero days, one emerged in the Angler exploit kit, while Adobe rushed to fix a second that was already being exploited in the wild. Then, within ten days of the first two zero days, a third serious Flash vulnerability emerged, which was also incorporated quickly into the Angler exploit kit, leading some to suggest that the crew behind Angler may have also been the first to discover the Flash bugs.

Another Internet-wide bug emerged as well. Similar to Heartbleed and the Bashbug, albeit not as serious, the Glibc vulnerability in Linux systems, known as Ghost, posed a serious threat not only to the various Linux distributions like Ubuntu and Red Hat but also to software packages, applications and websites operating through Linux based systems. Affected systems are at risk of being exploited in distributed denial of service attacks and the Ghost bug could also give attackers the ability to run arbitrary code, installing malware on unpatched systems and ultimately stealing data.

Talk Security: @Threatpost’s @Brokenfuses and @TheBrianDonohue discuss Flash #0days, #Ghost, the Anthem breach and #TheSAS2015
Tweet

Then there was the Anthem Inc. mega data breach. Anthem is the largest of BlueCross BlueShield’s affiliates, with some 69 million customers and $62 billion in revenue in 2012. Breached data is said to include Social Security numbers, birth dates, names, employment and income data and other personal information, though there no evidence that credit card or medical information was compromised.

Stay tuned for a bevy of content, including news stories and podcasts from the Security Analyst Summit next week.

How safe is it to fly on an old aircraft?

Many would see an aircraft just the way they see a car: should it be 15 or 20 years old, it is automatically perceived as obsolete. This reasoning is misleading.

Free Tools

TARGETED SECURITY SOLUTIONS

Talk Security: Flash, Ghost, Anthem and Previewing SAS

Transatlantic Cable podcast, episode 342

Watch the (verified) birdie, or new ways to recognize fakes

How safe is it to fly on an old aircraft?

Tips

Watch the (verified) birdie, or new ways to recognize fakes

Switching to Kaspersky: a step-by-step migration guide

Is it the boss – or is it a fraudster? Scams disguised as urgent orders from top brass

Kick off the year with a digital cleanup

Sign up to receive our headlines in your inbox

Home Products

Small Business Products

Medium Business Products

Enterprise Solutions

Securelist

Eugene Personal Blog

Encyclopedia