BF-SIRT Newsletter 2017-45

This weeks top stories is that the recent Intel Chips running Minix for their Management Engine have debugging ports that can be reached over USB, USB is also a theme in Linux Kernel patching these days with more than 40 security issues discovered.

Amazon has updated their AWS Dashboard to warn admins when they are exposing S3 buckets.

Researchers at Volexity has been tracking the Vietnamese threat actor APT32 group since May 2017 and claim they are one of the most advanced APTs in the threat landscape.

Top 5 Security links
Intel’s super-secret Management Engine firmware now glimpsed, fingered via USB
Don’t worry about those 40 Linux USB security holes. That’s not a typo
Amazon Updates AWS Dashboard to Warn Admins When They’re Exposing S3 Buckets
Misconfigured Amazon S3 Buckets Expose Users, Companies to Stealthy MitM Attacks
Vietnamese APT32 Group is One of the Most Advanced APTs in the Threat Landscape