San Francisco Airport (SFO) at night

BF-SIRT Newsletter 2018-16

State-Sponsored Cyber Actors do State-Sponsored Cyber Actor stuff

US-CERT published a joint Technical Alert (TA) resulting from efforts between the Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI), and the United Kingdom’s National Cyber Security Centre (NCSC) providing information on the worldwide cyber exploitation of network infrastructure devices (e.g., router, switch, firewall, Network-based Intrusion Detection System (NIDS) devices) by Russian state-sponsored cyber actors. And they provide some nice concrete information that can be reacted to. The fact that this happens is not new, and there is no reason to think Russia is the only ones who does this, they are not doing anything spectacular or fancy either. Check for the indicators provided, keep calm and carry on.

 

In a separate note, Oracle announces 250 security fixes in quarterly patch update, Cisco published important and critical security advisories for Firepower, ASA and WebEx.

 

Top 5 Security links
RSA 2018 Keynote – The Five Most Dangerous New Attack Techniques
PCI Council Releases Guidelines for Cloud Compliance
Hacking charge for URL-manipulation in Canada
Drupalgeddon 2 Vulnerability Used to Infect Servers With Backdoors & Coinminers
Tech Firms Sign ‘Digital Geneva Accord’ Not to Aid Governments in Cyberwar

 

(Blogpost image by Andrew Choy from Santa Clara, California, “San Francisco International Airport at night“, Creative Commons Attribution-Share Alike)