BF-SIRT Newsletter 2017-08

The top stories from this week consist of stories about Google announcing the first SHA1 collision and that the hacker who knocked million routers offline using MIRAI was arrested at London airport.

You can also read about how a sysadmin says to court that he was authorized to trash his employer’s network or how an 11-year old Linux kernel local privilege escalation flaw was discovered

Top 5 Security Links
Google announcing the first SHA1 collision
Hacker Who Knocked Million Routers Offline Using MIRAI Arrested at London Airport
I was authorized to trash my employer’s network, sysadmin tells court
11-Year Old Linux Kernel Local Privilege Escalation Flaw Discovered
Incident report on memory leak caused by Cloudflare parser bug

BF-SIRT Newsletter 2017-07

The top stories from this week consist of stories such as how Microsoft decides to skip patch Tuesday for February and both Adobe and Firefox announce critical security flaws.

You can also read about cyber-terrorism and that Daesh is still at script kiddie level according to ex-top NSA lawyer or about a Campaign of Cyber Attacks against Civil Society in Qatar and Nepal aka Operations Kingphish.

Top 5 Security Links

Microsoft Technet Blog – February 2017 security update release
Adobe Security Bulletin – APSB17-04
Mozilla Foundation Security Advisory 2017-04
Don’t panic over cyber-terrorism: Daesh still at script kiddie level
Operation Kingphish: Uncovering a Campaign of Cyber Attacks against Civil Society in Qatar and Nepal

Fake Telenor Ransomware Campaign

Today, a malicious email campaign was launched, targeting Norwegian entities. We have seen a large amount of these malicious mails addressed to our employees, customers and partners, and we would like to discourage you from interacting with this email.


The email itself visually appears to be from Telenor, with the subject line “Faktura Fra Telenor Norge AS, Mobil “. It has a payment date close to the future (10th of February), which is there to cause stress so you don’t think twice before clicking the links. The links will however send you to a malicious site, which aims to infect your computer with a ransomware. The ransomware will encrypt any file it has write access to (even open shared file systems), and then demands payment in order to make the files readable again.

In order to better secure your organisation against these types of threats we advise you to look at our article about this, which can be found here: Basefarm Ransomware Information

Further information about this specific attack:
Telenor Twitter
Dinside

BF-SIRT Newsletter 2017-05

The top stories from this week consist of stories such as how Police Arrested Suspected Hacker Who Hacked the ‘Hacking Team’ and that Over 70% of Washington DC’s CCTV Were Hacked Before Trump Inauguration.

You can also read that Police Arrest 5 Cyber Thieves Who Stole 3.2 Million From ATMs Using Malware and Ransomware Hijacks Hotel Smart Keys to Lock Guests Out of their Rooms.

Top 5 Security Links
Police Arrested Suspected Hacker Who Hacked the ‘Hacking Team’
Over 70% of Washington DC’s CCTV Were Hacked Before Trump Inauguration
Police Arrest 5 Cyber Thieves Who Stole 3.2 Million From ATMs Using Malware
Ransomware Hijacks Hotel Smart Keys to Lock Guests Out of their Rooms
Radio Stations Hacked to Play “F**k Donald Trump” on Repeat Across the Country