Basefarm SIRT Newsletter 19

This week have had some critical vulnerabilities released, and those running ColdFusion, NginX and Internet explorer are also highly advised to look at the Basefarm SIRT posts below, as there are some critical vulnerabilities that needs addressing.
A very large and coordinated attack on ATMs allowed the attackers to withdraw $45 Million before getting caught, and an interesting part of this is that it wasn’t due to the Bank’s security system going off that they were caught – but rather as one of the members of the heist was murdured.
You can also find a very interesting story about how the Redkit (which has been in the news quite a lot lately) operates, and for those who are interested in reading more can also find the second part of it on nakedsecurity.
Prolexic have released “PLXPatrol”, a public portal showing the DDoS attacks they are tracking, at

Top 5 Business Intelligence links
Pentagon Warns North Korea Could Become a Hacker Haven
Prolexic Tracks More Than 47 Million DDoS Attack Bots Worldwide
U.S. Blames China’s Military Directly for Cyberattacks
Consumer Reports: 58 Million U.S. PCs Infected With Malware
Traffic from Syria disappeared from Internet

Top 5 Miscellaneous Security links
Eight indicated in $45 Million ATM Heists
Alaska phishing pupils take over classroom computers
Subway multimillion-dollar hack ringleader pleads guilty
A closer look at the malicious Redkit exploit kit Part 1
Three-Year Hunt Nabs Hacker Who Popularized Cybercrime

Basefarm SIRT Posts
Critical ColdFusion vulnerability
Highly Critical Internet Explorer 8.0 vulnerability
Major Stack-based buffer overflow affecting some Nginx versions