BF-SIRT Newsletter 2015-09

Welcome to another edition of the newsletter! This week we cover things such as the Gemalto compromise and the Superfish incident. We also cover stories about how Webnic is blamed for the hijack of Lenovo and Google Domains, as well as how nearly 70 percent of breached firms are alerted by outside sources.

Top 5 Security links
NSA, UK’s GCHQ reportedly hacked encryption of SIM card maker
After Superfish-Lenovo incident, Facebook probes larger issue of SSL-sniffing adware
3 million strong RAMNIT botnet taken down
Shodan boss finds 250,000 routers have common keys
Air gaps: Happy gas for infosec or a noble but inert idea?

Top 5 Business Intelligence links
Older vulnerabilities a top enabler of breaches, according to report
M-Trends report: Nearly 70 percent of breached firms alerted by outside source
Webnic Registrar Blamed for Hijack of Lenovo, Google Domains
Sony hack forced firms to consider cyber attack disruption plans
Anthem’s latest breach estimate says 78.8 million were affected

BF-SIRT Newsletter 2015-08

Welcome to another edition of the newsletter! This week we cover things such as how “omnipotent” hackers tied to NSA hid for 14 years—and were found at last, and “The Great Bank Heist” which has been reported in mainstream media during the week. We also cover things such as how there is more evidence tying North Korea to the Sony hack and that there are Microsoft phishing emails being sent out that target corporate users and deliver malware which evades sandboxes.

Top 5 Security links
How “omnipotent” hackers tied to NSA hid for 14 years—and were found at last
Indexing the Dark Web One Hacking Forum At A Time
First Arabic Cyberespionage Operation Uncovered
The Great Bank Heist, or Death by 1,000 Cuts?
Biter bitten as hacker leaks source code for popular exploit kit

Top 5 Business Intelligence links
What’s in a typo? More evidence tying North Korea to the Sony hack
VirusTotal sets up huge AV whitelist to minimize false positives
16 million mobile devices infected by malware
Microsoft phishing emails target corporate users, deliver malware that evades sandboxes
Dutch government websites KO’d by 10-hour DDoS

BF-SIRT Newsletter 2015-07

Welcome to another edition of the newsletter! This week we cover things such as how “Netflix airs its developers’ Dirty Laundry” and how “Tens of thousands MongoDB databases are easily accessible from the Internet”. We also cover some updates on how the “Anthem Breach May Have Started in April 2014” and how “Fraudsters make bank as exec wires $17 million to China”.

Top 5 Security links
Netflix airs its developers’ Dirty Laundry
Analyzing Angler: The World’s Most Sophisticated Exploit Kit
Today I Am Releasing Ten Million Passwords
Four technologies that betrayed Silk Road’s anonymity
Tens of thousands MongoDB databases are easily accessible from the Internet

Top 5 Business Intelligence links
Fraudsters make bank as exec wires $17 million to China
Defense Contract Management Agency Probes Hack
Anthem Breach May Have Started in April 2014
Phishers Pounce on Anthem Breach
US Government builds “Memex Deep Web Search Engine” to Track Criminals

Basefarm Posts
Patch Tuesday February 2015

Patch Tuesday February 2015

Another month, another patch Tuesday!

Microsoft has released eight updates to address vulnerabilities in Windows, Internet Explorer and the Office package.
Adobe has released security updates to address multiple vulnerabilities in Flash Player. Check the link below and make sure you are running the latest version available.

Some of these vulnerabilities could allow elevation of privilege, denial of service, remote code execution, or security feature bypass that allows an attacker to take control of the affected system. It is advised to upgrade as soon as possible.

More information:
Microsoft
Adobe

BF-SIRT Newsletter 2015-06

Welcome to another edition of the newsletter! This week we cover things such as how a “Female Skype Avatar Sinks Syria Opposition Fighters” and Flash Zero Days Dominate Exploit Landscape
“An In-depth analysis of the Fiesta Exploit Kit: An infection in 2015”. We have some stories about how a “Dangerous IE vulnerability opens door to powerful phishing attacks” and “The Internet of Dangerous Things”

Top 5 Security links
Army Research Lab Releases Dshell Forensics Framework
Silk Road operators developed a taste for murder
Female Skype Avatar Sinks Syria Opposition Fighters
Flash Zero Days Dominate Exploit Landscape
An In-depth analysis of the Fiesta Exploit Kit: An infection in 2015

Top 5 Business Intelligence links
Putting Information Sharing into Context
U.S. Officials Say Chinese Cyberespionage ‘Needs to Stop’
BMW issues security patch for bug allowing attackers physical access into vehicles
Dangerous IE vulnerability opens door to powerful phishing attacks
The Internet of Dangerous Things