Entries by Hans-Petter Fjeld

BF-SIRT Newsletter 2016-44

The top stories from this week consist of stories such as Google warning about an actively exploited 0-day vulnerability in Windows. You can also read a story about Critical Flaws in MySQL Give Hackers Root Access to Server, and Google joins Mozilla and Apple in banning WoSign and StartCom as CAs. Top 5 Security links […]

BF-SIRT Newsletter 2016-34

The top stories from this week consist of stories such as Apple releasing important out of band security fix for iOS after 3 zero-day vulnerabilities was used in the wild to attack a human rights defender, and the GnuPG project fixes a critical problem in the random number generator used by GnuPG and libgcrypt. You […]

BF-SIRT Newsletter 2016-32

The top stories from this week consist of stories such as Microsoft has accidentally leaked the keys to the kingdom, permitting attackers to unlock devices protected by Secure Boot and a flaw in the Linux kernel lets hackers inject malware into downloads and webpages. Read about Flip Feng Shui (FFS), a new exploitation vector that allows […]

BF-SIRT Newsletter 2016-28

The top stories from this week consist of stories such as Facebook Messenger deploys Signal Protocol for end to end encryption, and new malware (nukeware) deletes files and zaps system settings. You can also read a story about gaining Control of a .int Domain Name With DNS Trickery, and how to backdoor an AWS account. […]

BF-SIRT Newsletter 2016-26

The top stories from this week is multiple critical vulnerabilities published in Symantec Endpoint Protection, and that StartEncrypt allowed attackers to gain SSL certificates for domains without authentication. You can also learn about hackers post-intrusion activities in a compromised network, and that the number of corporate users hit by crypto ransomware is skyrocketing. Beware of […]

BF-SIRT Newsletter 2016-24

The top stories from this week consist of stories such as CrowdStrikes analysis and identification of two Russian intelligence adversaries present in the American Democratic National Committee (DNC) network, and a black market is selling access to government servers for 6$. You can also read a story about the zero-day flaw in Adobe Flash being […]

BF-SIRT Newsletter 2016-22

The top stories from this week consist of stories such as how preloaded OEM software update tools is riddled with security flaws, and that TeamViewers users are experiencing unauthorized remote control. You can also read a story about an alleged 0-day Windows exploit for sale at $90,000, and that DDOS prices are plunging. Top 5 […]

Chinese salesmen in your inbox

The last days I have seen a few traditional unsolicited mails I wanted to post about. The gist of the mails are that someone claiming to represent some formal-sounding venture in a (to you) remote location, like China, are kind enough to inform that some other entity is going to register your brand name and […]