BF-SIRT Newsletter 2017-22

The top stories from this week is about the OneLogin breach which exposed the ability to decrypt data and a fileserver implant which replace documents on the fly with Trojanized versions without touching the files at rest.

You can also read about how backend servers for 1 000 apps expose terabytes of user data and also how badly configured Hadoop servers expose over 5 Petabytes of data.

Top 5 Security Links
OneLogin: Breach Exposed Ability to Decrypt Data
WikiLeaks Dumps CIA Patient Zero Windows Implant
Backend Servers for 1,000 Apps Expose Terabytes of User Data
Hadoop Servers Expose Over 5 Petabytes of Data
Chrome Bug Allows Sites to Record Audio and Video Without a Visual Indicator