BF-SIRT Newsletter 2016-32

The top stories from this week consist of stories such as Microsoft has accidentally leaked the keys to the kingdom, permitting attackers to unlock devices protected by Secure Boot and a flaw in the Linux kernel lets hackers inject malware into downloads and webpages.

Read about Flip Feng Shui (FFS), a new exploitation vector that allows an attacker virtual machine (VM) to flip a bit in a memory page of a victim VM that runs on the same host as the attacker VM.

There are also two interesting reports about APTs – ProjectSauron and MONSOON.

Top 5 Security Links
Data Breach At Oracle’s MICROS Point-of-Sale Division
A New Wireless Hack Can Unlock 100 Million Volkswagens
Abusing Kerberos to NTLM fallback to defeat BitLocker FDE
Vulnerability Exposes 900M Android Devices—and Fixing Them Won’t Be Easy
Hitler ‘ransomware’ offers to sell you back access to your files – but just deletes them