Zero Day Weekly: D-Link router hijack, China demands backdoors, critical Linux Ghost

A collection of notable security news items for the week ending January 30, 2015. Covers enterprise, controversies, application and mobile security, malware, reports and more.

world.jpg

Welcome to Zero Day's Week In Security, our roundup of notable security news items for the week ending January 30, 2015. Covers enterprise, controversies, reports and more.

This week China demanded our source code, a critical Linux Ghost vulnerability emerged, the ZeroAccess botnet returned, D-Link routers are vulnerable to DNS hijacking, infosec it hit back at Obama's cybersecurity proposals, and more.

  • The ZeroAccess botnet, disrupted by Microsoft in 2013, has risen up once more to commit click-fraud and data theft. According to Dell SecureWorks researchers, the peer-to-peer botnet began to resurface from March 21, 2014 until July 2, 2014, and on January 15 2015, click-fraud templates are now once again being distributed to compromised systems.
  • Earlier this week, Google finally explained why it's not going to develop its own patches for WebView for Android versions 4.3 and earlier, even though it could leave over 930 million Android devices exposed to attacks. Ardian Ludwig, Google's lead engineer for Android security, on Friday revealed the decision was due to the complexity of applying patches to older branches of WebKit - the browser engine that was used in WebView and Chrome until Google forked WebKit into Blink for Chrome.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All