BF-SIRT Newsletter 2014-02

Welcome back to a new year! This newsletter consist of news that has happened throughout the holiday period. Some recommended reading is how Yahoo visitors got served with malicious ads as well as how Krebs worked on Deconstructing the $9.84 Credit Card Hustle. There has also been an uprise in DDoS attacks from NTP servers, as Hackers Spend Christmas Break Launching Large Scale NTP-Reflection Attacks.

Top 5 Security links
Flash Memory Cards contain powerful unsecured microcontrollers
Deconstructing the $9.84 Credit Card Hustle
Planning to rob a Windows ATM? Ditch the sledgehammer and bring a USB STICK
Hackers Spend Christmas Break Launching Large Scale NTP-Reflection Attacks
Is XXE the new SQLi?

Top 5 Business Intelligence links
What can we expect this year?
UK CPNI Releases Spear Phishing Paper
Key trends in ransomware, evasion techniques and social attacks
A Target payment processor denies being impacted in 40M card breach
Yahoo visitors got served with malicious ads