BF-SIRT Newsletter 2014-51

Welcome to the newsletter! This week you can read about how SpamHaus and CloudFlare Attacker Pleads Guilty and how 100k+ WordPress websites were compromised by SoakSoak malware. You can also read on how you should Learn from 2014’s security woes or face disaster in 2015 as well as how DNS Attacks Ravage Three-Quarters of US/UK Firms. The newsletter will take a short break and return on the 9th after the holidays.

Top 5 Security links
Hackable intercom lets you spy on fellow apartment-dwellers
SpamHaus, CloudFlare Attacker Pleads Guilty
Iranian CLEAVER hackers may DRAIN energy and defence firms, warn Feds
100k+ WP websites compromised by SoakSoak malware
Manufacturer’s Backdoor Found on Popular Chinese Android Smartphone

Top 5 Business Intelligence links
Learn from 2014’s security woes or face disaster in 2015
Attackers Turn Focus To PoS Vendors
1 in 5 employees going rogue with corporate data
DNS Attacks Ravage Three-Quarters of US/UK Firms
Top 5 malware attacks: 35 reused components

BF-SIRT Newsletter 2014-50

Welcome to the newsletter! This week you can read about how Hackers leak top Sony executives’ emails and how North Korea denies involvement in ‘righteous’ Sony hack. You can also read about how Cost of cybersecurity and risk management will double as well as how Cyber-espionage is expected to surge in 2015. Other big news this week is how POODLE returns, as well as the regular Patch Tuesday for the month.

Top 5 Security links
Analysis of wiper malware, implicated in Sony breach, exposes Shamoon-style attacks
North Korea denies involvement in ‘righteous’ Sony hack
Hackers leak top Sony executives’ emails
An epic ride: A look back at the ever-changing information security industry
Chinese responsible for 85 per cent of website scams

Top 5 Business Intelligence links
Ransomware is the Future of Consumer Cybercrime
13 free tools to monitor your Digital Security during Christmas
EC3 Head Paints Bleak Cybercrime Picture
Cost of cybersecurity and risk management to double
Cyber-espionage expected to surge in 2015: McAfee Labs

Basefarm SIRT Posts
POODLE returns
Patch Tuesday December 2014

Patch Tuesday December 2014

Another month, another patch Tuesday!

Microsoft has released updates to address vulnerabilities in Exchange, Windows, Internet Explorer, and the Office suite.
Adobe has released security updates to address multiple vulnerabilities in Flash, Reader, Acrobat, and ColdFusion.

It is advised to update as soon as possible as some of these vulnerabilities could allow elevation of privilege, remote code execution, or disclosure of information – basically taking over your system.

More information:
https://technet.microsoft.com/library/security/ms14-dec
http://helpx.adobe.com/security/products/flash-player/apsb14-27.html
http://helpx.adobe.com/security/products/reader/apsb14-28.html
http://helpx.adobe.com/security/products/coldfusion/apsb14-29.html

POODLE returns

The POODLE has returned, with a vengeance! This time it’s affecting vendors such as F5, even though SSLv3 is disabled. This means that TLSv1.0, TLSv1.1 and TLSv1.2 can be affected if the SSL termination is being done on a vulnerable server. Those with F5 are advised to update to the latest version as soon as possible, and you can check on SSLLabs if your site is affected by this (in which case it will automatically be graded F-).

More information:
https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.html
http://blog.ivanristic.com/2014/12/poodle-bites-tls.html
https://www.imperialviolet.org/2014/12/08/poodleagain.html

BF-SIRT Newsletter 2014-49

Welcome to the newsletter! The biggest news last week was without a doubt the breach of Sony Pictures. You can read about how Sony Breach May Have Exposed Employee Healthcare, Salary Data and that North Korea is under the Spotlight for Sony Hack. The TV program 60 minutes have, in light of the many credit card breaches this year, created an interesting segment which you can find on their site, it’s called“What happens when you swipe your card?”

Top 5 Security links
What happens when you swipe your card?
Sony Breach May Have Exposed Employee Healthcare, Salary Data
North Korea Under the Spotlight for Sony Hack
FBI Warns US Businesses of Possible Wiper Malware Attacks
Syrian Electronic Army Hits Numerous Media Sites with DNS Redirection Attack

Top 5 Business Intelligence links
10 Deadliest Differences of State-Sponsored Attacks
Data loss and downtime costs enterprises $1.7 trillion
2015 predictions: Cyber attacks aimed at critical infrastructure, Attacks as a Service
Iranian hackers compromised airlines, airports, critical infrastructure companies
Increased nation-state threat included in predictions report

BF-SIRT Newsletter 2014-48

Welcome to the newsletter! This week you can read about how Chinese e-cigarettes may damage your PC’s health and how Sony Pictures Dealing With Apparent Network Compromise. You can also find stories about such things as how Home Depot spent $43 million on data breach in just one quarter and Why it took antivirus giants YEARS to drill into the malware Regin.

Top 5 Security links
Chinese e-cigarettes may damage your PC’s health
Sony Pictures Dealing With Apparent Network Compromise
Driverless cars are liable to being stolen and used in terrorist attacks, report warns
Hacking Collective ‘Sits Down’ for Interview
Skimmer Innovation: ‘Wiretapping’ ATMs

Top 5 Business Intelligence links
Why did it take antivirus giants YEARS to drill into super-scary Regin? Symantec responds
Asian mobiles the DDOS threat of 2015, security mob says
EFF, Mozilla back new certificate authority that will offer free SSL certificates
NSA director states China can shut down U.S. electric grids, report indicates
Home Depot spent $43 million on data breach in just one quarter

Basefarm SIRT Posts
WordPress 4.0.1 – Critical security release

WordPress 4.0.1 – Critical security release

The WordPress 4.0.1 security update has been released today, which addresses 8 security flaws including cross-site scripting (XSS) and denial of service exploits. In addition, 23 bugs in the 4.0 release have been fixed.

It is highly recommended that anyone running WordPress have their installations updated as soon as possible.

Further information can be found at:

https://core.trac.wordpress.org/query?milestone=4.0.1

BF-SIRT Newsletter 2014-46

Welcome to the newsletter! This week you can read about how Darkhotel espionage campaign targets corporate executives traveling abroad and thatHackers Stole 53M Email Addresses from Home Depot. You can also find a story on how China is building a quantum encryption network between Beijing and Shanghai and how Tor Project Mulls How Feds Took Down Hidden Websites

Top 5 Security links
Crooks are using proxy servers to build more convincing phishing sites – new claim
Tor Project Mulls How Feds Took Down Hidden Websites
Iranian contractor named as Stuxnet ‘patient zero’
China is building a quantum encryption network between Beijing and Shanghai
John Gordon Baden arrested in Tijuana

Top 5 Business Intelligence links
Darkhotel espionage campaign targets corporate executives traveling abroad
Home Depot: Hackers Stole 53M Email Addresses
Chertoff Reminds Enterprises There is Hope in Security
Study: Organizations assailed by cyber attacks, 15 percent are targeted
Cybersecurity ‘Inevitable’ Data Breaches Require Changes To Cybersecurity Measures, Survey Finds

Basefarm SIRT Posts
Patch Tuesday November 2014

Patch Tuesday November 2014

Another month, another patch Tuesday!

Microsoft issued sixteen security bulletins for various products that’s then translated into fourteen patches, including a fix to a critical Schannel vulnerability (MS14-066) which could allow remote execution if an attacker sends specially crafted packets to a Windows Server (there is however currently no public exploit for this).
Adobe has released multiple security hotfixes for Adobe Flash Player and Adobe Air.

More information:
https://technet.microsoft.com/library/security/ms14-nov
http://helpx.adobe.com/security/products/flash-player/apsb14-24.html

BF-SIRT Newsletter 2014-45

Welcome to the newsletter! This week you can read about how Feds Arrest Alleged ‘Silk Road 2′ Admin, Seize Servers or how Google open sources nogotofail, a network traffic security testing tool. You can also read This month’s “OUCH!”: Social Engineering as well as how you should be prepared as The Next Internet Bug Won’t Be The Last.

Top 5 Security links
Feds Arrest Alleged ‘Silk Road 2′ Admin, Seize Servers
Still Spamming After All These Years
FM Radio Hack Allows Data To Be Routed Out of Isolated Networks
Forging administrator cookies and crocking crypto
Google open sources nogotofail, a network traffic security testing tool

Top 5 Business Intelligence links
Be Ready: Next Internet Bug Won’t Be The Last
‘Widespread Harm’ Likely from Cyberattack in Next Decade
This month’s “OUCH!”: Social Engineering
BlackEnergy Malware Plug-Ins Leave Trail of Destruction
Rovnix Trojan infection outbreak infects 130,000 machines in Blighty