BF-SIRT Newsletter 2014-17

Welcome to this week’s newsletter! Due to vacations, the SIRT newsletter will be put on hold until the middle of August when vacations ends.
Those of you who are using Struts in your environments should make sure you read how Apache warns of faulty zero-day patch for struts.

Top 5 Security links
Apache warns of faulty zero-day patch for struts
Romanian Man Arrested for Stealing Card Data, Attempting to Hack Presidency Site
Merchants, Buyers on Dark Web Get Their Own Search Engine
Mounties always get their man: Heartbleed ‘hacker’, 19, CUFFED
Japan airport staff dash to replace passcodes after security cock-up

Top 5 Business Intelligence links
Most But Not All Sites Have Fixed Heartbleed Flaw
Amplification, reflection DDoS attacks increase 35 percent in Q1 2014
Nine patterns make up 92 percent of security incidents
HD manufacturer Lacie admits yearlong data breach
POS Malware, RATs and Banking Trojans Used by Cybercrime Group