BF-SIRT Newsletter 2017-17

The top stories from this week is how 15 000 machines world wide got infected by NSA exploit released by Shadow Brokers and that BGP is still broken as VISA netblock is re-routed to Russian ISP.

You can also read about Symantecs response to Google with remediation plans or how nomx mail security device is found to be not secure.

Top 5 security links
15 000 machines world vide infected with NSA exploit released by Shadow Brokers
BGP is still broken, VISA netblock re-routed to Russia
Symantec CA responds to Google with remediation plans
nomx mail security device, found not secure
Bitcoin mining hardware found to call home and check for permission to run

BF-SIRT Newsletter 2017-16

The top stories from this week is an old vulnerability which has resurfaced which allows a phishing attack to be almost impossible to detect on Chrome, Firefox and Opera and how script kiddies pwn 1000s of Windows boxes using leaked NSA hack tools.

You can also read about how how cybercrooks put the beatdown on Krebs’ Beats and that MasterCard launches credit card with built-in fingerprint scanner.

Top 5 Security Links
This Phishing Attack is Almost Impossible to Detect On Chrome, Firefox and Opera
Script kiddies pwn 1000s of Windows boxes using leaked NSA hack tools
How Cybercrooks Put the Beatdown on My Beats
MasterCard launches Credit Card with Built-In Fingerprint Scanner
Russian Hacker Selling Cheap Ransomware-as-a-Service On Dark Web

DevOps hotel for a faster time to market

Basefarm works together with their partner Red Hat to provide DevOps hotel:OpenShift as a service.

In the new era of digital transformation companies need the best tools and techniques. With OpenShift they can focus on the experience of their end-users instead of having to build the underlying technologies and processes on their own.

OpenShift includes automated and integrated DevOps tools which allow rapid application development, deployment and scaling. This can drastically decrease your time to market, saving your organization time and money.

The application development model follows the principle of continuous integration and continuous delivery (CI/CD). OpenShift as a Service: Devops Hotel from Basefarm is a method for developers to rapidly create and deploy applications in a containerized environment.

How you benefit

  • Improve your development process with DevOps;
  • Have a more efficient application architecture with microservices;
  • Increase productivity in deployment and packaging with containers;
  • Boost flexibility in the cloud.

The service is based on top of Docker containers and the Kubernetes container cluster manager to provide a complete container platform. This allows you to ship new features faster and more securely than before in an efficient self-contained system.

OpenShift as a Service is built for traditional applications as well as next generation cloud-native microservices. The microservice architecture improves the creation and maintenance of applications by breaking them down into smaller components. You can simultaneously improve the user experience, increase efficiency and boost profitability.

The 100% open source OpenShift includes industry standard containers and orchestration, a platform with operational management, enterprise grade security, and full stack support across infrastructures and clouds. The service perfectly complements our hybrid cloud solutions.

OpenShift as a Service: DevOps Hotel from Basefarm is a perfect option for an organization looking to explore the benefits of DevOps, containers and microservices with a new project. Contact us today to see how we can help you succeed in the new digital transformation era.

Kubernetes eases the burden of running applications

The Kubernetes platform automates the deployment, scaling and operation of application containers. See how it works in OpenShift as a Service by Basefarm.

Kubernetes is an open-source platform which allows you to automate the deployment, scaling and operations of application containers. This eases the burden of running applications in private and public clouds and helps you to quickly and efficiently respond to customer demand.

OpenShift as a Service: DevOps Hotel from Basefarm is based on top of Docker containers and the Kubernetes container cluster manager. This helps you to develop, create, test and manage container-based services easily and quickly. Once set up you can expect your applications to run with low downtime, impressive performance and low support.

Kubernetes can schedule and run application containers on clusters of machines, but it can also allow the move to a container-centric infrastructure. The cutting-edge method of deployment and packaging is not physical or virtual, but with containers.

Your benefits

  • Deploy applications predictably and quickly;
  • Scale as needed;
  • Introduce new features easily;
  • Support a large number of applications;
  • Boost productivity.

Docker containers can benefit both developers and system administrators

Docker automates the deployment of applications inside containers. See how this helps flexibility and portability with Basefarm’s OpenShift as a Service.

Docker is the world’s leading software container platform, automating the deployment of applications inside software containers. Companies use Docker to build software delivery pipelines to quickly and securely ship new features.

Basefarm’s OpenShift as a Service: DevOps Hotel uses the Kubernetes container management cluster and Docker containers. Containers don’t bundle a full operating system, but only those libraries and settings necessary. This makes systems which are efficient, lightweight and self-contained so that software runs the same no matter where it is deployed.

Developers love Docker because it automates the repetitive tasks of setting up and configuring different development environments. Operations love Docker because it makes for a streamlined delivery of software. Best of all it includes tools to enable DevOps, breaking down the old barrier between Development and Operations teams.

Your benefits

  • Agile creation and deployment of applications.
  • Continuous development and deployment.
  • Portability across operating systems.
  • Application-centric management.
  • Simplified maintenance.
  • Improve efficiency and make more money.

Microservices are a modern way to build applications

Microservices can increase productivity and improve profits in app development. Learn more about this architecture in Basefarm’s OpenShift as a Service.

The microservice architecture is not just a new tool to build applications. It allows a new workflow to help your company create scalable and adaptive systems so you can thrive in today’s competitive markets.

Many types of applications are easier to build and maintain when they are broken down into smaller units. Each component is created separately, unlike the traditional monolithic approach where the entire application is developed in one piece. This allows for faster and more efficient development as well as reducing strict dependencies between individual components.

Microservices are an up-to-date interpretation of service-oriented architecture (SOA). A microservices architecture used with OpenShift as a Service: DevOps Hotel from Basefarm allows you to move away from the old, inefficient application development.

Your benefits

  • Features can be added without rewriting the whole application;
  • Maintenance is faster and simpler;
  • Parts of the application can be scaled separately;
  • Change and add functions more easily;
  • Reduce the likelihood of large failures;
  • Improve user experience;
  • Lower costs and improve profitability.

BF-SIRT Newsletter 2017-15

The top stories from this week is that TheShadowBrokers released the password to their eqgrp-auction-file with stolen NSA exploits and from that it was found a Solaris 0-day remote root exploit.

You can also read about the new release candidate for OWASP Top 10 and a writeup of the Dallas Siren Hack.

Top 5 Security Links
TheShadowBrokers files
Remote root exploit leaked in Shadow Brokers dump
OWASP Top 10 for 2017 Release Candidate
More Details About Dallas Siren Hack
Critical Office Zero-Day Attacks Detected in the Wild

BF-SIRT Newsletter 2017-14

The top stories from this week in the Nordics has been about APT10 and Cloud Hopper, and from Russia comes information on how hackers stole $800,000 from ATMs using fileless malware.

You can also read about how millions of smartphones using Broadcom Wi-Fi chip can be hacked over-the-air, and read about why it’s a good idea to inspect the ATM you’re about to enter your card into.

Top 5 Security Links
APT10 and Cloud Hopper
Hackers stole $800,000 from ATMs using Fileless Malware
Millions Of Smartphones Using Broadcom Wi-Fi Chip Can Be Hacked Over-the-Air
Why I Always Tug on the ATM
Smart TV hack embeds attack code into broadcast signal—no access required