BF-SIRT Newsletter 2017-26

The top stories from this week is of course that the ransomware Petya adds worm capabilities and that Google researcher uncovers another RCE in Microsoft Malware Protection Engine.

You can also read about how British parliamentary email accounts were compromised this weekend, or that the Windows 10 source code has leaked online.

Top 5 Security links
Petya adds worm capabilities
Google researcher uncovers another RCE in Microsoft Malware Protection Engine
British parliamentary email accounts were compromised
Windows 10 Source Code Leaked Online
Microsoft’s Windows 10 S still vulnerable to macros

The Chief Data Officer (CDO) has arrived – who is it, exactly?

Digital development and the targeted use of data are the critical factors in the success of companies these days. They must to be prioritized. Some advanced companies have already recognized this, have made it an issue for senior management and have created a new position called the Chief Data Officer (CDO). But what does the role involve? Let’s take a closer look.

Bitkom publishes AI position paper in partnership with *um

To mark the German government’s Digital Summit, digital industry association Bitkom has published a position paper on the topic of “artificial intelligence as a decision-making tool”. The paper looks at key aspects of AI and explains the opportunities it presents. It also covers the development of the technology and provides specific recommendations for political action. *um Data Scientist Helena Mihaljevic-Brandt was involved in the compilation of the paper.

BF-SIRT Newsletter 2017-25

The top stories from this week is that TrickBot Goes Nordic, Once in a While and South Korean web hosting company ransomed for 550 BTC.

You can also read the Cisco 2017 Annual Cybersecurity Report and McAfee Labs Threat Report for June 2017.

Top 5 Security links
TrickBot Goes Nordic, Once in a While
South Korean web hosting company ransomed for 550 BTC
Cisco 2017 Annual Cybersecurity Report
McAfee Labs Threat Report
New Phishing Tactic Targeting Facebook Users Relies on Padding URLs with Hyphens

BF-SIRT Newsletter 2017-24

The top stories from this week is how you now can subscribe to SS7 interception and tracking of mobile phones for $500 and Al-Jazeera reportedly hit by systematic hacking attempts.

You can also read about ‘Crash Override’: The Malware That Took Down a Power Grid, or how Samsung left millions vulnerable to hackers because it forgot to renew a domain.

Top 5 Security links:
For $500, This Site Promises the Power to Track a Phone and Intercept Its Texts
Al-Jazeera Reportedly Hit by Systematic Hacking Attempts
‘Crash Override’: The Malware That Took Down a Power Grid
Samsung Left Millions Vulnerable to Hackers Because It Forgot to Renew a Domain
Click-farm that used 500k SIM cards raided in Thailand

Future investment in artificial intelligence

Artificial intelligence and machine learning are key in securing the future success of a company. In a study conducted in partnership with Crisp Research and Hewlett Packard Enterprise (HPE), we show how widespread the use of these technologies currently is, and how they are set to grow in importance in the future. We also explain their various applications and discuss what developments are on the horizon. This is our investment forecast up to the year 2020.

BF-SIRT Newsletter 2017-23

The top stories from this week is how The Intercept outed the NSA contractor Reality Winner and a new PowerPoint Mouseover based downloader.

You can also read about the journey to hijacking a country’s TLD and about Dvmap, the first Android malware with code injection.

Top 5 Security links:
How The Intercept Outed Reality Winner
New PowerPoint Mouseover Based Downloader – Analysis Results
The Journey to Hijacking a Country’s TLD – The Hidden Risks of Domain Extensions
Dvmap: the first Android malware with code injection
Car Thieves Everywhere Rejoice as Unsecured Database Exposes 10 Million Car VINs

BF-SIRT Newsletter 2017-22

The top stories from this week is about the OneLogin breach which exposed the ability to decrypt data and a fileserver implant which replace documents on the fly with Trojanized versions without touching the files at rest.

You can also read about how backend servers for 1 000 apps expose terabytes of user data and also how badly configured Hadoop servers expose over 5 Petabytes of data.

Top 5 Security Links
OneLogin: Breach Exposed Ability to Decrypt Data
WikiLeaks Dumps CIA Patient Zero Windows Implant
Backend Servers for 1,000 Apps Expose Terabytes of User Data
Hadoop Servers Expose Over 5 Petabytes of Data
Chrome Bug Allows Sites to Record Audio and Video Without a Visual Indicator