BF-SIRT Newsletter 2018-08

Apple fixes that “1 character to crash your Mac and iPhone” bug Apple has pushed out an emergency update for all its operating systems and devices, including TVs, watches, tablets, phones and Macs. The fix patches a widely-publicised vulnerability known … Continue reading

Posted in Uncategorized | Tagged , | Leave a comment

BF-SIRT Newsletter 2018-07

NCCGroup rebuilt NotPetya, replacing its destructive payload with telemetry and safeguards to see what the impact could have been. They found the following: The customer ran it on one machine in their engineering network with no privileges. It found three … Continue reading

Posted in Basefarm SIRT, IT security | Tagged , | Comments Off on BF-SIRT Newsletter 2018-07

BF-SIRT Newsletter 2018-06

Beginning in July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as “not secure”. For the past several years, we’ve moved toward a more secure web by strongly advocating that sites adopt HTTPS encryption. And … Continue reading

Posted in Basefarm SIRT, IT security | Tagged , | Comments Off on BF-SIRT Newsletter 2018-06

BF-SIRT Newsletter 2018-05

We need to prepare ourselves for that Meltdown/Specter-based Malware might be coming soon to devices near us, but are we ready? Lately researchers have discovered more than 130 malware samples trying to exploit these chip flaws.   Top 5 Security links … Continue reading

Posted in Basefarm SIRT, IT security | Tagged , | Comments Off on BF-SIRT Newsletter 2018-05

BF-SIRT Newsletter 2018-04

It has been announced that hackers from the Dutch intelligence service AIVD have provided the FBI with crucial information about Russian interference with the American elections. This seem to be a good showcase of cyber warfare and capabilities. Maersk chair detailed … Continue reading

Posted in Basefarm SIRT, IT security | Tagged , | Comments Off on BF-SIRT Newsletter 2018-04

BF-SIRT Newsletter 2018-03

Researchers have uncovered a government-sponsored mobile hacking group operating since 2012. OnePlus had its store compromised, leaving 40 000 credit cards compromised. Hackers have started exploiting three Microsoft Office flaws to spread Zyklon malware. Top 5 Security Links OnePlus minus … Continue reading

Posted in Basefarm SIRT, IT security | Tagged , | Comments Off on BF-SIRT Newsletter 2018-03

BF-SIRT Newsletter 2018-02

Microsoft released patches for Meltdown and Spectre, but it’s important to update ones antivirus before applying the patches. Latest WebLogic exploit caused an increase in compromised hosts being used for mining Cryptocurrencies. F-Secure finds a new Intel AMT Security Issue … Continue reading

Posted in Basefarm SIRT, IT security | Tagged , | Comments Off on BF-SIRT Newsletter 2018-02

BF-SIRT Newsletter 2018-01

Meltdown and Spectre, two security flaws said to be affecting almost all CPUs released since 1995, was announced this week, and will probably haunt us for years to come. Exploit code used in the Mirai malware variant called Satori, which … Continue reading

Posted in IT security, SIRT | Tagged , | Comments Off on BF-SIRT Newsletter 2018-01

BF-SIRT Newsletter 2017-51

Google’s Project Zero released details of a local proof-of-concept attack against a fully patched Windows 10 PC that allows an adversary to execute untrusted JavaScript outside a sandboxed environment on targeted systems. These vulnerabilities was patched this month, and they … Continue reading

Posted in Basefarm SIRT, IT security | Tagged , | Comments Off on BF-SIRT Newsletter 2017-51

BF-SIRT Newsletter 2017-50

This weeks top stories begins with the ROBOT attack, a bug in the implementation of RSA key exchange for products using PKCS #1 v1.5. This includes SSL\TLS if RSA is used for for exchanging keys. The bug can let an … Continue reading

Posted in IT security, SIRT | Tagged , | Comments Off on BF-SIRT Newsletter 2017-50