BF-SIRT Newsletter 2014-06

Top news for this week are that Adobe Flash users need to quickly patch in order to avoid falling victim of the latest Adobe Flash exploit that is in the wild. You can read more about this on our blog. Sweden’s largest newspaper, Aftonbladet, has fallen victim of someone in their advertisement network spreading FakeAW Malware to users who aren’t expecting to be infected by a regular site such as Aftonbladet. There is a blog post here that is written by Bart Blaze, that goes into detail about it, and those interested to learn more about FakeAV can check out the article by net-security on How a fake antivirus attack works.
The latest “>Ouch! has also been released. In this newsletter, SANS explain what malware is, who is developing it, why and how to protect yourself against it.

Top 5 Security links
Swedish newssite compromised
PNG image metadata leading to iframe injections
War on Anonymous: British Spies Attacked Hackers, Snowden Docs Show
Gameover ZeuS adds nasty trick
New Flash Exploit Used to Distribute Credential-stealing Malware

Top 5 Business Intelligence links
How a fake antivirus attack works
Police ransomware: A multimillion business
DDoS attacks used to influence stock prices
“>Ouch! February 2014
Security Tip (ST14-001) – Sochi 2014 Olympic Games

Basefarm SIRT Posts
Adobe Flash Zero Day Exploit