BF-SIRT Newsletter 2017-36

This weeks top stories is how a breach at Equifax may impact 143 million Americans. BroadSoft, a huge communication software and service provider just leaked more than 600GB of sensitive files online, through a publicly accessible AWS S3 bucket.

Cybercriminals known as Dragonfly is behind a new wave of cyber attacks against the energy sector, writes Symantec, and a malware author uses same Skype ID to run IoT botnet and apply for jobs.

There are also some nice writeups this week, one article is about analyzing different strategies for subverting the CloudFlare security service and identifying the real IP addresses of cloud targets, another is about Mastercard Internet Gateway Service and how a hashing design flaw allows modification of the transaction amount (and MasterCard not responding to the vulnerability). The final one is about how AT&T modems use hard-coded credentials, and turned on public SSH by default.

Finally, for those who are following the case of Marcus Hutchins, a British security researched arrested after attending security conferences in Los Angeles this August, Krebs has a nice writeup that might shed a bit more light on the case while we wait for the trial.

Top 5 Security links
Breach at Equifax May Impact 143M Americans
Global Communication Software and Service Provider Left Massive Amount of Data Online
Introducing CFire: Evading CloudFlare Security Protections
Dragonfly: Western energy sector targeted by sophisticated attack group
Mastercard Internet Gateway Service: Hashing Design Flaw