BF-SIRT Newsletter 2015-11

Welcome to another edition of the newsletter! This week we cover stories such as how google engineers created the Rowhammer Hardware Exploit and how two people have been indicted for stealing 1 billion email addresses in historic breach. We also cover things such as how CloudFlare Aims to Defeat Massive DDoS Attacks with Virtual DNS, and the ever growing market of using ad bidding networks to deliver ransomware.

Amongst the Windows Updates this month were a fix for FREAK, and it also turned out that the vulnerability STUXNET used previously and was thought to have been patched since 2010 actually wasn’t, so Microsoft updated this patch as well.

Top 5 Security links
Self-deleting malware targets home routers to gather information
Equation APT Group Attack Platform A Study in Stealth
Rowhammer Hardware Exploit Poses Threat to DRAM Memory in Many Laptops, PCs
UK: 57 arrested for cyber crime, including US DoD hacker
Two indicted for stealing 1 billion email addresses in historic breach

Top 5 Business Intelligence links
Mind-reading DNS security analysis offers early warning for APT attacks
Massive cyber-attack: what businesses can learn from major data breaches
CloudFlare Aims to Defeat Massive DDoS Attacks with Virtual DNS
Panda antivirus labels itself as malware
Cyber crooks take advantage of ad bidding networks to deliver ransomware

Basefarm posts
Patch Tuesday March 2015