Entries by Abel De Kat Angelino

BF-SIRT Newsletter 2018-14

Intel tells remote keyboard users to delete app after critical bug found. On Tuesday, Intel warned of a critical escalation of privilege vulnerability (CVE-2018-3641) in all versions of the Intel Remote Keyboard that allows a network attacker to inject keystrokes as if they were a local user. The vulnerability received a Common Vulnerabilities and Exposure […]

BF-SIRT Newsletter 2018-10

Netflix could pwn 2020s IT security – they need only reach out and take The container is doomed, killed by serverless. Containers are killing Virtual Machines (VM). Nobody uses bare metal servers. Oh, and tape is dead. These, and other clichés, are available for a limited time, printed on a coffee mug of your choice […]

BF-SIRT Newsletter 2018-09

Memcrashed – Major amplification attacks from UDP port 11211 Over last couple of days we’ve seen a big increase in an obscure amplification attack vector – using the memcached protocol, coming from UDP port 11211. The general idea behind all amplification attacks is the same. An IP-spoofing capable attacker sends forged requests to a vulnerable […]

BF-SIRT Newsletter 2018-08

Apple fixes that “1 character to crash your Mac and iPhone” bug Apple has pushed out an emergency update for all its operating systems and devices, including TVs, watches, tablets, phones and Macs. The fix patches a widely-publicised vulnerability known officially as CVE-2018-4124, and unofficially as “one character to crash your iPhone”, or “the Telugu […]

BF-SIRT Newsletter 2018-06

Beginning in July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as “not secure”. For the past several years, we’ve moved toward a more secure web by strongly advocating that sites adopt HTTPS encryption. And within the last year, we’ve also helped users understand that HTTP sites are not secure […]