Entries by Hans-Petter Fjeld

BF-SIRT Newsletter 2017-11

The top stories from this week is that Microsoft finally patches Windows critical publicly exploited vulnerabilities. We also have stories about Check Point discloses vulnerability that allowed hackers to take over WhatsApp and Telegram accounts. You can also read about how researches conclude that 24% of latest Docker images have significant vulnerabilities or using the […]

BF-SIRT Newsletter 2017-09

The top stories from this week consist of stories about Yahoo Revealing ANOTHER 32 Million Accounts Were Hacked Using ‘Cookie Forging Attack’ and Google’s Project Zero reveals another Microsoft flaw in IE and Edge. You can also read about the process Detectify when through to create an exploit stealing your private Slack tokens or how […]

BF-SIRT Newsletter 2017-07

The top stories from this week consist of stories such as how Microsoft decides to skip patch Tuesday for February and both Adobe and Firefox announce critical security flaws. You can also read about cyber-terrorism and that Daesh is still at script kiddie level according to ex-top NSA lawyer or about a Campaign of Cyber […]

BF-SIRT Newsletter 2017-02

The top stories from this week consist of stories such as GoDaddy revoking 8951 certificates issued without proper domain validation and how browser autofill profiles can cause information leakage. You can also read about the Google Infrastructure Security Design and how to hijack broken nameservers to compromise a target. Top 5 Security Links Cracking The […]

BF-SIRT Newsletter 2016-51

The top stories from this week consist of stories about hackers suspected of causing power outage in Ukraine and a summary of what you can learn from the security year 2016. You can also read a story about how 44% of organizations fail to meet breach reporting deadlines and how to make a rootkit yourself. Top […]

BF-SIRT Newsletter 2016-48

The top stories from this week consist of stories such as Ransomware Crooks caught San Francisco Transport System and ImageGate: Check Point uncovers a new method for distributing malware through images. You can also read a story about Paypals OAuth hijacking and Tesla smartphone app was found to lack security. Top 5 Security links: Microsoft […]

BF-SIRT Newsletter 2016-44

The top stories from this week consist of stories such as Google warning about an actively exploited 0-day vulnerability in Windows. You can also read a story about Critical Flaws in MySQL Give Hackers Root Access to Server, and Google joins Mozilla and Apple in banning WoSign and StartCom as CAs. Top 5 Security links […]

BF-SIRT Newsletter 2016-34

The top stories from this week consist of stories such as Apple releasing important out of band security fix for iOS after 3 zero-day vulnerabilities was used in the wild to attack a human rights defender, and the GnuPG project fixes a critical problem in the random number generator used by GnuPG and libgcrypt. You […]

BF-SIRT Newsletter 2016-32

The top stories from this week consist of stories such as Microsoft has accidentally leaked the keys to the kingdom, permitting attackers to unlock devices protected by Secure Boot and a flaw in the Linux kernel lets hackers inject malware into downloads and webpages. Read about Flip Feng Shui (FFS), a new exploitation vector that allows […]

BF-SIRT Newsletter 2016-28

The top stories from this week consist of stories such as Facebook Messenger deploys Signal Protocol for end to end encryption, and new malware (nukeware) deletes files and zaps system settings. You can also read a story about gaining Control of a .int Domain Name With DNS Trickery, and how to backdoor an AWS account. […]