Welcome to Zero Day's Week In Security, our roundup of notable security news items for the week ending October 3, 2014. Covers enterprise, controversies, reports and more.
This week, JPMorgan treats us to the biggest known breach in history; the FBI has a very busy week; iOS and Android malware targets Hong Kong pro-democracy protesters; and Shellshock gets exploited nine ways until Sunday.
Video of my talk at BlackHat USA 2014 "Data-Only Pwning Microsoft Windows Kernel" https://t.co/M6RxsY0G8N— Nikita Tarakanov (@NTarakanov) October 1, 2014
Pro-democracy activists and protestors in Hong Kong have been targeted by mobile device malware -- remote access Trojans (RATs) -- which have been spread through targeted mobile message phishing, successfully infecting both Android and iOS devices. The Android spyware is being spread via WhatsApp, while it is still unclear how iOS devices get infected with Xsser, which is not disguised as an app.
Researchers at Dr Web say they've found a new Mac OS X botnet... http://t.co/agMUD3K3S5 pic.twitter.com/4wOoYkZyKd— Graham Cluley (@gcluley) October 2, 2014
Just Released to the Public! CP/M Operating System Source Code. Available for download here http://t.co/9BAgz22CxV pic.twitter.com/0c8YVzsPSX— Computer History (@ComputerHistory) October 1, 2014