BF-SIRT Newsletter 2014-05

This week, Arbor, in their Worldwide Infrastructure Security Report, reveals that Datacenters are now magnets for DDoS attacks. Hasbro[.]com, the US toymaker, has also been found to unknowingly be serving malware to visitors in drive-by attacks (they have around 215 000 daily visitors), which again shows that you are not safe just because you are browsing “secure” websites.
Over in Sweden, the news has mostly been about a new service called Lexbase which has caused a lot of controversy. Lexbase offered the possibility to see anyone who has been involved in any shape or form with the justice system, and you could search either by name or check on a map to see which of your neighbors had been involved with the justice system. You could not see the documents/convictions though, for that you had to pay around EUR 10. The site was up for three days, in which time it managed to be under DDoS attacks, and security flaws were found that led to the shut down of the site.
You can find more information about this here:
Site lets Swedes snoop on friends’ criminal past
Lexbase official quits as controversy rages
Lexbase goes offline following hacker attack

Top 5 Security links
Hackers used Xtreme RAT malware to gain access to Israeli Defense computer
Researchers Discover First Android Bootkit, 350,000 Devices Already Infected
Java-based malware hits Windows, Mac and Linux
Surge in mobile network infections affects millions of devices
Honey Encryption tricks Hackers with decryption deception

Top 5 Business Intelligence links
Arbor Networks’ Research Finds 36% Increase in Advanced Persistent Threats and Attacks against Mobile Networks Doubled
Arbor’s Worldwide Infrastructure Security Report
Can TVs and Refrigerators Really Spew Botnet Spam?
DDoS attacks become smarter, faster and more severe
Toy Maker Hasbro’s site serving drive-by download attacks