BF-SIRT NEWSLETTER #5
Year – Week: 2013 – 09
This week, Microsoft also admitted to have been affected by the same attack that hit Apple and Facebook.
Information on how Apple devices running the latest update can get their data compromised if the attacker has physical access to the phone was also divulged, so it’s important to not leave your phone unattended. Should your phone be lost or stolen, it’s important to do a remote wipe as soon as you can. Cpanel also released information that root passwords belonging to servers of their customers that had been used by their technical support had been compromised, leaving many customers at risk. They have sent advice to affected customers to change their root or account passwords. There has also been a lot of discussions, as was expected, during the week regarding the validity of Mandiant’s APT1 report about how China is sponsoring hacking against the US.
As the “Sports holidays” are currently on-going in Sweden (and other countries), we’d like to remind everyone to keep your mobile devices that you bring on your holiday secure. You can read some tips about this on the following site: http://bfblogg.wpengine.com/blog/2012/12/21/mobile-security/
Stuxnet 0.5 – the missing link.
Phishing has gotten Very good.
At the vulnerability Oscars, the winner is… Buffer overflows!
How much does it cost to buy 10 000 US based malware infected hosts?