BF-SIRT Newsletter 2017-40

This weeks top stories is that Yahoo says all 3 billion accounts was hit by the 2013 hack and Google Security researchers have discovered seven serious vulnerabilities in Dnsmasq.

Security researchers have developed a variant of the Rowhammer attack that is able to bypass all the current countermeasures proposed for such an attack, and Apache Tomcat patches important remote code execution flaw.

Top 5 Security links
Yahoo says all 3 billion accounts hit by 2013 hack
Widely used DNS forwarder and DHCP server Dnsmasq riddled with flaws
Rowhammer Variant Bypasses Countermeasures
Apache Tomcat Patches Important Remote Code Execution Flaw
3 Zero-Day Plugin Vulnerabilities Being Exploited In The Wild