Entries by Security Incident Response Team

BF-SIRT Newsletter 2018-09

Memcrashed – Major amplification attacks from UDP port 11211 Over last couple of days we’ve seen a big increase in an obscure amplification attack vector – using the memcached protocol, coming from UDP port 11211. The general idea behind all amplification attacks is the same. An IP-spoofing capable attacker sends forged requests to a vulnerable […]

BF-SIRT Newsletter 2018-08

Apple fixes that “1 character to crash your Mac and iPhone” bug Apple has pushed out an emergency update for all its operating systems and devices, including TVs, watches, tablets, phones and Macs. The fix patches a widely-publicised vulnerability known officially as CVE-2018-4124, and unofficially as “one character to crash your iPhone”, or “the Telugu […]

BF-SIRT Newsletter 2018-06

Beginning in July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as “not secure”. For the past several years, we’ve moved toward a more secure web by strongly advocating that sites adopt HTTPS encryption. And within the last year, we’ve also helped users understand that HTTP sites are not secure […]