BF-SIRT Newsletter 2016-51

The top stories from this week consist of stories about hackers suspected of causing power outage in Ukraine and a summary of what you can learn from the security year 2016.

You can also read a story about how 44% of organizations fail to meet breach reporting deadlines and how to make a rootkit yourself.

Top 5 Security links

The Shadow Brokers are offering the NSA arsenal for direct sale
Remote Code Execution Bug Found in Ubuntu Quantal
Panasonic, IOActive Clash on Vulnerability Report
Leaked files reveal scope of Israeli firm’s phone cracking tech
Brute-Force Botnet Attacks Now Elude Volumetric Detection

BF-SIRT Newsletter 2016-50

The top stories from this week consist of stories such as how Yahoo! had one Billion more accounts hacked, and that FBI Most Wanted Fugitive JPMorgan Hacker Was Arrested in New York. You can also read a story about how 91% Of Cyberattacks Start With A Phishing Email, and that Evernote’s new not-so-privacy policy will let employees read your notes.

Top 5 Security links
Yahoo: One Billion More Accounts Hacked
FBI Most Wanted Fugitive JPMorgan Hacker Arrested in New York
Simple Bug allows Hackers to Read all your Private Facebook Messenger Chats
Security conferences – Survival guide 2017 Q1
How to Hack Apple Mac Encryption Password in Just 30 Seconds

Top 5 Business Intelligence links
91% Of Cyberattacks Start With A Phishing Email
Evernote’s new not-so-privacy policy will let employees read your notes
President Obama Orders ‘Full Review’ of Possible Russian hacking in US Election
5-year-old Skype Backdoor Discovered — Mac OS X Users Urged to Update
After Failed Auction, Shadow Brokers Opens NSA Hacking Tools for Direct Sales

BF-SIRT Newsletter 2016-49

The top stories from this week consist of stories such as The 7 Most Sensational Breaches Of 2016, and Announcing OSS-Fuzz: Continuous Fuzzing for Open Source Software. You can also read a story about The Orphaned Internet – Taking Over 120K Domains via a DNS Vulnerability in AWS, Google Cloud, Rackspace and Digital Ocean, and What’s Ahead for 2017: The RSAC Advisory Board Industry Predictions.

Top 5 Security links
Google Fixes 12 High-Severity Flaws In Chrome Browser
Google patches Dirty Cow vulnerability in latest Android security update
Here are some best practices for preventing DDoS attacks
Old Linux Kernel Code Execution Bug Patched

Four cyber security challenges for cloud deployment

Top 5 Business Intelligence links
43,203 Indian patient pathology reports were left publicly exposed by Health Solutions
EFF Blasts DEA in Ongoing Secret ‘Super Search Engine’ Lawsuit
Guessing Credit Card Security Details
Where Cybercriminals Go To Buy Your Stolen Data
Clients say they’ll take their money and run if service hacked – poll

BF-SIRT Newsletter 2016-48

The top stories from this week consist of stories such as Ransomware Crooks caught San Francisco Transport System and ImageGate: Check Point uncovers a new method for distributing malware through images. You can also read a story about Paypals OAuth hijacking and Tesla smartphone app was found to lack security.

Top 5 Security links:
Microsoft Silently Fixes Kernel Bug That Led to Chrome Sandbox Bypass
Firefox 0-day in the wild is being used to attack Tor users
Bypassing SAML 2.0 SSO with XML Signature Attacks
SHIFT + F10, Linux gets you Windows 10’s cleartext BitLocker key
Avalanche – Law Enforcement Take Down