BF-SIRT Newsletter 2016-26

The top stories from this week is multiple critical vulnerabilities published in Symantec Endpoint Protection, and that StartEncrypt allowed attackers to gain SSL certificates for domains without authentication.

You can also learn about hackers post-intrusion activities in a compromised network, and that the number of corporate users hit by crypto ransomware is skyrocketing.

Beware of new crypto ransomware malware that spreads via sms and pretends to be WhatsApp, Uber and Google Play.

Top 5 Security links
Extracting Qualcomm’s KeyMaster Keys – Breaking Android Full Disk Encryption
A Case Study in Attacking KeePass
Detecting DNS Data Exfiltration
Exploring and exploiting Lenovo firmware secrets
Apple EFI firmware passwords and the SCBO myth

Top 5 Business Intelligence links
Self-Driving Tesla Was Involved in Fatal Crash, U.S. Says
Chinese gambling site served near record-breaking complex DDoS
Google fined in Peru for Ignoring the “Right To Be Forgotten”
Apple rejects Spotify’s app update, Spotify calls approval process a ‘weapon’
Empty DDoS Threats: Meet the Armada Collective