BF-SIRT Newsletter 2018-01

Meltdown and Spectre, two security flaws said to be affecting almost all CPUs released since 1995, was announced this week, and will probably haunt us for years to come.

Exploit code used in the Mirai malware variant called Satori, which was used to attack hundreds of thousands of Huawei routers over the past several weeks, is now public. We might see more of this in near future botnets.

A researcher released details of a local privilege escalation attack against macOS that dates back to 2002, totally ignoring any responsible disclosure process.

Top 5 Security Links
Meltdown and Spectre – Bugs in modern computers leak passwords and sensitive data.
Mozilla Patches Critical Bug in Thunderbird
Attention, vSphere VDP backup admins: There is a little remote root hole you need to patch…
MacOS LPE Exploit Gives Attackers Root Access
Code Used in Zero Day Huawei Router Attack Made Public