{"id":6899,"date":"2014-12-01T10:00:39","date_gmt":"2014-12-01T15:00:39","guid":{"rendered":"https:\/\/www.kaspersky.com.au\/blog\/?p=6899"},"modified":"2020-08-28T18:59:02","modified_gmt":"2020-08-28T07:59:02","slug":"talk_security_regin_apt_crypto","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.au\/blog\/talk_security_regin_apt_crypto\/6899\/","title":{"rendered":"Talk Security Podcast: Crypto and Regin"},"content":{"rendered":"<p>Talk Security podcast hosts Brian Donohue and Chris Brook, are back with the news edition of the Talk Security podcast. Here, they discuss the Regin APT attack platform, the movement towards encrypting everything on the Internet and this month\u2019s bugs, malware and data breaches.<\/p>\n<p style=\"text-align: center\"><iframe loading=\"lazy\" src=\"\/\/html5-player.libsyn.com\/embed\/episode\/id\/3205345\/height\/270\/width\/270\/theme\/standard\/direction\/no\/autoplay\/no\/autonext\/no\/thumbnail\/yes\/preload\/no\/no_addthis\/no\/\" frameborder=\"0\" scrolling=\"no\" marginwidth=\"0\" marginheight=\"0\" width=\"270px\" height=\"270px\"><\/iframe><\/p>\n<div class=\"podcast-subscribe\"><a data-omniture-download-button-type=\"TrialBuilds\" data-omniture-product-name=\"podcast-itunes\" class=\"itunes\" href=\"https:\/\/itunes.apple.com\/us\/podcast\/talk-security\/id909407206\" target=\"_blank\" rel=\"noopener nofollow\"><img decoding=\"async\" src=\"https:\/\/www.kaspersky.com.au\/blog\/wp-content\/plugins\/kaspersky-embeds\/img\/button-subscribe-apple.png\"><\/a><a data-omniture-download-button-type=\"TrialBuilds\" data-omniture-product-name=\"podcast-spotify\" class=\"spotify\" href=\"https:\/\/open.spotify.com\/show\/1VGCKlOoQ9C24dJiCHGTK5\" target=\"_blank\" rel=\"noopener nofollow\"><img decoding=\"async\" src=\"https:\/\/www.kaspersky.com.au\/blog\/wp-content\/plugins\/kaspersky-embeds\/img\/button-subscribe-spotify.png\"><\/a><a data-omniture-download-button-type=\"TrialBuilds\" data-omniture-product-name=\"podcast-rss\" class=\"rss\" href=\"http:\/\/talksecurity.kaspersky-podcasts.libsynpro.com\/rss\" target=\"_blank\" rel=\"noopener nofollow\"><img decoding=\"async\" src=\"https:\/\/www.kaspersky.com.au\/blog\/wp-content\/plugins\/kaspersky-embeds\/img\/button-subscribe-rss.png\"><\/a><\/div>\n\n<p style=\"text-align: center\"><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/102\/2014\/12\/06015635\/badge_itunes-lrg.png\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/102\/2014\/12\/06015635\/badge_itunes-lrg.png\" alt=\"rss-podcasts\" width=\"110\" height=\"40\"><\/a> <a href=\"http:\/\/talksecurity.kaspersky-podcasts.libsynpro.com\/rss\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full\" src=\"\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/102\/2014\/11\/06042137\/rss-podcasts1.png\" alt=\"rss-podcasts\" width=\"116\" height=\"40\"><\/a><\/p>\n<p style=\"text-align: center\"><em>Music for the podcast by Bird Name courtesy of <\/em><em><a href=\"http:\/\/freemusicarchive.org\/music\/Bird_Names\/For_the_Love_of_Rod\/\" target=\"_blank\" rel=\"noopener nofollow\">the Free Music Archives under creative commons<\/a><\/em><\/p>\n<p><em>SUPPLEMENTARY READING<\/em><em>\u00a0<\/em><\/p>\n<p><strong>Bugs and Fixes<\/strong><\/p>\n<p><a href=\"https:\/\/threatpost.com\/serious-root-access-bug-in-belkin-n750-router\/109247\" target=\"_blank\" rel=\"noopener nofollow\">Belkin fixed an arbitrary code execution vulnerability<\/a> in its n750 router. The secure chat service, <a href=\"https:\/\/threatpost.com\/ssl-mitm-vulnerability-among-vulns-patched-in-pidgin\/109263\" target=\"_blank\" rel=\"noopener nofollow\">Pidgin, issued some fixes too<\/a>. <a href=\"https:\/\/threatpost.com\/microsoft-patches-ole-zero-day-recommends-emet-5-1-before-applying-ie-patches\/109302\" target=\"_blank\" rel=\"noopener nofollow\">Microsoft<\/a> and Adobe fixed a slew of bugs in its patch Tuesday, released earlier this month. The company also dealt with <a href=\"https:\/\/threatpost.com\/microsoft-schannel-bug-latest-in-long-line-of-serious-crypto-flaws\/109321\" target=\"_blank\" rel=\"noopener nofollow\">a crypto implementation flaw<\/a> and <a href=\"https:\/\/threatpost.com\/microsoft-to-release-critical-out-of-band-windows-patch\/109433\" target=\"_blank\" rel=\"noopener nofollow\">issued an out-of-band patch<\/a> later in the month. <a href=\"https:\/\/threatpost.com\/apple-ios-8-1-1-fixes-several-code-execution-flaws\/109423\" target=\"_blank\" rel=\"noopener nofollow\">Apple fixed some bugs in its iOS mobile operating system<\/a>, while Google patched some <a href=\"https:\/\/threatpost.com\/nasty-security-bug-fixed-in-android-lollipop-5-0\/109476%20\" target=\"_blank\" rel=\"noopener nofollow\">nasty bugs in Android Lollipop<\/a>. Lastly, <a href=\"https:\/\/threatpost.com\/wordpress-4-0-1-update-patches-critical-xss-vulnerability\/109519\" target=\"_blank\" rel=\"noopener nofollow\">WordPress fixed a serious XSS flaw<\/a>.<\/p>\n<p><strong>Malware<\/strong><\/p>\n<p>You can do some additional reading on the CoinVault ransomware malware on Threatpost and <a href=\"https:\/\/securelist.com\/blog\/virus-watch\/67699\/a-nightmare-on-malware-street\/\" target=\"_blank\" rel=\"noopener\">Securelist<\/a>. Additionally, a new variant of <a href=\"https:\/\/threatpost.com\/citadel-variant-targets-password-managers\/109493%20\" target=\"_blank\" rel=\"noopener nofollow\">the Citadel trojan is targeting password management programs<\/a>.<\/p>\n<p><strong>Data Breaches<\/strong><\/p>\n<p>It was a relatively light month in terms of data breaches, with just the National Oceanic and Atmospheric Administration and <a href=\"https:\/\/threatpost.com\/u-s-postal-service-breach-affects-employees-customers\/109289\" target=\"_blank\" rel=\"noopener nofollow\">the United States Postal Service<\/a> victimized.<\/p>\n<blockquote class=\"twitter-pullquote\"><p>#TalkSecurity: @Brokenfuses and @TheBrianDonohue discuss Web #crypto, Regin #APT, data breaches, #malware and more<\/p><a href=\"https:\/\/twitter.com\/share?url=https%3A%2F%2Fkas.pr%2FgN7C&amp;text=%23TalkSecurity%3A+%40Brokenfuses+and+%40TheBrianDonohue+discuss+Web+%23crypto%2C+Regin+%23APT%2C+data+breaches%2C+%23malware+and+more\" class=\"btn btn-twhite\" data-lang=\"en\" data-count=\"0\" target=\"_blank\" rel=\"noopener nofollow\">Tweet<\/a><\/blockquote>\n<p><strong>Encrypt All Things<\/strong><\/p>\n<p><a href=\"https:\/\/threatpost.com\/eff-privacy-groups-say-nist-crypto-standards-must-be-free-from-backdoors\/109537\" target=\"_blank\" rel=\"noopener nofollow\">The Electronic Frontier Foundation is calling on the NIST<\/a> to be more open and transparent in its process of setting encryption standards. Meanwhile the U.S. Senate voted on, but failed to pass, the <a href=\"https:\/\/threatpost.com\/freedom-act-rejection-should-keep-encrypt-everything-bandwagon-rolling\/109482\" target=\"_blank\" rel=\"noopener nofollow\">NSA surveillance-curtailing, USA FREEDOM Act<\/a>. The Internet Architecture Board is recommending that <a href=\"https:\/\/threatpost.com\/iab-urges-designers-to-make-encryption-the-default\/109404\" target=\"_blank\" rel=\"noopener nofollow\">encryption become the default<\/a> online and <a href=\"https:\/\/threatpost.com\/eff-others-plan-to-make-encrypting-the-web-easier-in-2015\/109451\" target=\"_blank\" rel=\"noopener nofollow\">the EFF is trying to make Web encryption easier<\/a>. WhatsApp is moving to encrypt all of its users\u2019 traffic and the EFF issued scorecards to illustrate which chat services are <a href=\"https:\/\/www.kaspersky.com.au\/blog\/nine-secure-messengers\/\" target=\"_blank\" rel=\"noopener\">strongly encrypting communications <\/a> and <a href=\"https:\/\/www.kaspersky.com.au\/blog\/11_unsecure_messengers\/\" target=\"_blank\" rel=\"noopener\">which aren\u2019t<\/a>.<\/p>\n<p><strong>Regin<\/strong><strong>\u00a0<\/strong><\/p>\n<p>Last but not least, there is a new APT actor out there and researchers are saying that <a href=\"https:\/\/www.kaspersky.com.au\/blog\/regin-apt-most-sophisticated\/\" target=\"_blank\" rel=\"noopener\">Regin might be the most sophisticated attack platform ever<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In this Talk Security podcast, Threatpost&#8217;s Chris Brook and Brian Donohue discuss the move to encrypt the Web, the Regin APT campaign and more.<\/p>\n","protected":false},"author":42,"featured_media":6900,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[5,2647],"tags":[499,882,592,314,261,36,485,881,1054,268],"class_list":{"0":"post-6899","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"category-special-projects","9":"tag-apt","10":"tag-bugs","11":"tag-crypto","12":"tag-data-breach","13":"tag-encryption","14":"tag-malware-2","15":"tag-podcast","16":"tag-regin","17":"tag-talk-security","18":"tag-vulnerabilities"},"hreflang":[{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/talk_security_regin_apt_crypto\/6899\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/talk_security_regin_apt_crypto\/4410\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/talk_security_regin_apt_crypto\/4336\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/talk_security_regin_apt_crypto\/4877\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/talk_security_regin_apt_crypto\/5146\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/talk_security_regin_apt_crypto\/6899\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/talk_security_regin_apt_crypto\/6899\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.au\/blog\/tag\/apt\/","name":"APT"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/posts\/6899","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/users\/42"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/comments?post=6899"}],"version-history":[{"count":4,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/posts\/6899\/revisions"}],"predecessor-version":[{"id":28028,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/posts\/6899\/revisions\/28028"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/media\/6900"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/media?parent=6899"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/categories?post=6899"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/tags?post=6899"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}