Basefarm SIRT Newsletter 25

This week, the newsletter comes out a day in advance due to tomorrow being Midsummer celebrations in Sweden! Microsoft has joined Google, Mozilla, and the rest by finally offering a bug bounty where it will pay up to $150000 per vulnerability. Attackers are also, as usual, taking advantage of the latest buzz (in this case PRISM) and are sending out fake phising mails. As to our own blog posts, we go through HP iLO, Java JRE/JDK and Puppet vulnerabilities that should be patched as soon as possible!

Top 5 Business Intelligence links
The Web Cookie Is Dying. Here’s The Creepier Technology That Comes Next
Microsoft announces standing bug bounty program
“Nej till Google!” – Sweden tells a local council that Google’s cloud is a no-go area
Why Are We So Slow To Detect Data Breaches?
EU’s Cybersecurity Strategy gets harsh criticism from data protection advocate

Top 5 Miscellaneous Security links
Double Cashing With Mobile Banking
Chinese hackers launch PRISM scare campaign
LinkedIn DNS hijacked, site offline
Carberp toolkit now available for just $5k
Rich Mogull on Apple Security Strategy

Basefarm SIRT Posts
Oracle Patches JDK/JRE
HP iLO3 and iLO4 affected by unauthorized access vulnerability
Puppet Unauthenticated Remote Code Execution Vulnerability