Entries by Hans-Petter Fjeld

BF-SIRT Newsletter 2017-02

The top stories from this week consist of stories such as GoDaddy revoking 8951 certificates issued without proper domain validation and how browser autofill profiles can cause information leakage. You can also read about the Google Infrastructure Security Design and how to hijack broken nameservers to compromise a target. Top 5 Security Links Cracking The […]

BF-SIRT Newsletter 2016-51

The top stories from this week consist of stories about hackers suspected of causing power outage in Ukraine and a summary of what you can learn from the security year 2016. You can also read a story about how 44% of organizations fail to meet breach reporting deadlines and how to make a rootkit yourself. Top […]

BF-SIRT Newsletter 2016-48

The top stories from this week consist of stories such as Ransomware Crooks caught San Francisco Transport System and ImageGate: Check Point uncovers a new method for distributing malware through images. You can also read a story about Paypals OAuth hijacking and Tesla smartphone app was found to lack security. Top 5 Security links: Microsoft […]

BF-SIRT Newsletter 2016-44

The top stories from this week consist of stories such as Google warning about an actively exploited 0-day vulnerability in Windows. You can also read a story about Critical Flaws in MySQL Give Hackers Root Access to Server, and Google joins Mozilla and Apple in banning WoSign and StartCom as CAs. Top 5 Security links […]

BF-SIRT Newsletter 2016-34

The top stories from this week consist of stories such as Apple releasing important out of band security fix for iOS after 3 zero-day vulnerabilities was used in the wild to attack a human rights defender, and the GnuPG project fixes a critical problem in the random number generator used by GnuPG and libgcrypt. You […]

BF-SIRT Newsletter 2016-32

The top stories from this week consist of stories such as Microsoft has accidentally leaked the keys to the kingdom, permitting attackers to unlock devices protected by Secure Boot and a flaw in the Linux kernel lets hackers inject malware into downloads and webpages. Read about Flip Feng Shui (FFS), a new exploitation vector that allows […]

BF-SIRT Newsletter 2016-28

The top stories from this week consist of stories such as Facebook Messenger deploys Signal Protocol for end to end encryption, and new malware (nukeware) deletes files and zaps system settings. You can also read a story about gaining Control of a .int Domain Name With DNS Trickery, and how to backdoor an AWS account. […]

BF-SIRT Newsletter 2016-26

The top stories from this week is multiple critical vulnerabilities published in Symantec Endpoint Protection, and that StartEncrypt allowed attackers to gain SSL certificates for domains without authentication. You can also learn about hackers post-intrusion activities in a compromised network, and that the number of corporate users hit by crypto ransomware is skyrocketing. Beware of […]

BF-SIRT Newsletter 2016-24

The top stories from this week consist of stories such as CrowdStrikes analysis and identification of two Russian intelligence adversaries present in the American Democratic National Committee (DNC) network, and a black market is selling access to government servers for 6$. You can also read a story about the zero-day flaw in Adobe Flash being […]

BF-SIRT Newsletter 2016-22

The top stories from this week consist of stories such as how preloaded OEM software update tools is riddled with security flaws, and that TeamViewers users are experiencing unauthorized remote control. You can also read a story about an alleged 0-day Windows exploit for sale at $90,000, and that DDOS prices are plunging. Top 5 […]