Entries by Hans-Petter Fjeld

BF-SIRT Newsletter 2017-26

The top stories from this week is of course that the ransomware Petya adds worm capabilities and that Google researcher uncovers another RCE in Microsoft Malware Protection Engine. You can also read about how British parliamentary email accounts were compromised this weekend, or that the Windows 10 source code has leaked online. Top 5 Security […]

BF-SIRT Newsletter 2017-25

The top stories from this week is that TrickBot Goes Nordic, Once in a While and South Korean web hosting company ransomed for 550 BTC. You can also read the Cisco 2017 Annual Cybersecurity Report and McAfee Labs Threat Report for June 2017. Top 5 Security links TrickBot Goes Nordic, Once in a While South […]

BF-SIRT Newsletter 2017-24

The top stories from this week is how you now can subscribe to SS7 interception and tracking of mobile phones for $500 and Al-Jazeera reportedly hit by systematic hacking attempts. You can also read about ‘Crash Override’: The Malware That Took Down a Power Grid, or how Samsung left millions vulnerable to hackers because it […]

BF-SIRT Newsletter 2017-23

The top stories from this week is how The Intercept outed the NSA contractor Reality Winner and a new PowerPoint Mouseover based downloader. You can also read about the journey to hijacking a country’s TLD and about Dvmap, the first Android malware with code injection. Top 5 Security links: How The Intercept Outed Reality Winner […]

BF-SIRT Newsletter 2017-22

The top stories from this week is about the OneLogin breach which exposed the ability to decrypt data and a fileserver implant which replace documents on the fly with Trojanized versions without touching the files at rest. You can also read about how backend servers for 1 000 apps expose terabytes of user data and […]

BF-SIRT Newsletter 2017-21

The top stories from this week is about a Samba Remote Code Execution Vulnerability and how Multiple Video Players are Vulnerable to Code Execution via Subtitle Files. You can also read about a NTFS bug that lets anyone hang or crash Windows 7 and 8.1, or how Keybase Extension Brings End-to-End Encrypted Chat To Twitter, […]

BF-SIRT Newsletter 2017-19

The top stories from this week is how a bad bug in Microsoft’s Windows malware scanner can be used to install malware and how HP laptops include keyloggers in the Audio driver. You can also read about three 0-days affecting Microsoft Office is actively exploited, and a new vulnerability exploiting the Linux kernel via packet […]

BF-SIRT Newsletter 2017-17

The top stories from this week is how 15 000 machines world wide got infected by NSA exploit released by Shadow Brokers and that BGP is still broken as VISA netblock is re-routed to Russian ISP. You can also read about Symantecs response to Google with remediation plans or how nomx mail security device is […]

BF-SIRT Newsletter 2017-15

The top stories from this week is that TheShadowBrokers released the password to their eqgrp-auction-file with stolen NSA exploits and from that it was found a Solaris 0-day remote root exploit. You can also read about the new release candidate for OWASP Top 10 and a writeup of the Dallas Siren Hack. Top 5 Security […]

BF-SIRT Newsletter 2017-13

The top stories from this week is that Google will be reducing trust in Symantec certificates following numerous slip-ups. Also, VMware’s reported three bugs that probably deserve your urgent attention. You can also read about the black box discovery of memory corruption RCE on box.com, and the update from Apple that patches a large number […]