BF-SIRT Newsletter 2017-47

This weeks top stories is that Intel fixes critical bugs in Management Engine, its secret CPU-On-Chip, and that F5 announces a critical BIG-IP SSL vulnerability.

You should also read about the new OWASP Top 10 that has been released, and a forecast from ISF about security threats in 2018.

Top 5 Security links
Intel Fixes Critical Bugs in Management Engine, Its Secret CPU-On-Chip
F5 DROWNing, not waving, in crypto fail
Four Years Later, We Have a New OWASP Top 10
5 information security threats that will dominate 2018
Uber concealed massive hack that exposed data of 57m users and drivers

BF-SIRT Newsletter 2017-46

This weeks top stories is that research by Google and the University of California found that phishing attacks are more efficient than data breaches at getting criminals into victim’s account and that the average person still has can’t pick a good password, and security researchers described a proof-of-concept exploit dubbed AVgater that affects multiple antivirus products and can lead to a full system takeover.

Github has announced a new feature to their dependency graph that will warn developers about vulnerable dependencies in their projects.

You can also read about Malwarebytes researchers warning IT workers seeking love online to beware “CatPhishing” scams, and in an interview Premera Blue Cross CISO and vice president sizes up healthcare security threats for 2018.

Top 5 Security links
Google study finds phishing attacks more efficient than data breaches
AVGater abuses antivirus software for local system takeover
Github Will Warn Developers About Vulnerable Dependencies in Their Projects
Beware Catphishing attacks targeting the hearts of security pros
A CISO Sizes Up Healthcare Security Threats for 2018

BF-SIRT Newsletter 2017-45

This weeks top stories is that the recent Intel Chips running Minix for their Management Engine have debugging ports that can be reached over USB, USB is also a theme in Linux Kernel patching these days with more than 40 security issues discovered.

Amazon has updated their AWS Dashboard to warn admins when they are exposing S3 buckets.

Researchers at Volexity has been tracking the Vietnamese threat actor APT32 group since May 2017 and claim they are one of the most advanced APTs in the threat landscape.

Top 5 Security links
Intel’s super-secret Management Engine firmware now glimpsed, fingered via USB
Don’t worry about those 40 Linux USB security holes. That’s not a typo
Amazon Updates AWS Dashboard to Warn Admins When They’re Exposing S3 Buckets
Misconfigured Amazon S3 Buckets Expose Users, Companies to Stealthy MitM Attacks
Vietnamese APT32 Group is One of the Most Advanced APTs in the Threat Landscape

BF-SIRT Newsletter 2017-44

This weeks top stories is that the Reaper IoT Botnet is not fully mobilized according to report, and that Heathrow Airport Security Plans was found on memory stick on a street in London.

European Union member states have drafted a diplomatic document which states serious cyber-attacks by a foreign nation could be construed as an act of war.

If you are looking for some in-depth reading, Sophos has released its 2018 Malware Forecast report concluding that ransomware-as-a-service will see the insidious malware spread rapidly beyond personal computers in the year ahead. Proofpoint researchers uncovered a long-running malvertising campaign and has a nice write up and threat actor profile: KovCoreG, The Kovter Saga.

Top 5 Security Links
Reaper IoT Botnet Not Fully Mobilised, Says Report
Heathrow Airport Security Plans Found on Memory Stick
EU to Declare Cyber-Attacks “Act of War”
Threat Actor Profile: Kovcoreg, The Kovter Saga
Sophos: 2018 Malware Forecast Report