Posts

Bug-hunters punch huge holes in WPA3 standard for Wi-Fi security

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

Researchers have detailed a set of side-channel and downgrade attacks that potentially allow an attacker to compromise Wi-Fi networks equipped with WPA3 protection.

Read more

 

Top 5 Security News

WordPress Urges Users to Uninstall Yuzo Plugin After Flaw Exploited

Google launches new security tools for G Suite users

Credential-stuffing attacks behind 30 billion login attempts in 2018

Android 7.0+ Phones Can Now Double as Google Security Keys

The right way to do AI in security

Google Releases Google Chrome 30

Google has released Chrome 30 for Windows, Mac, Linux, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities could allow a remote attacker to cause a denial of service condition, spoof the address bar, or obtain sensitive information.

More information: http://googlechromereleases.blogspot.se/search/label/Stable%20updates

Basefarm SIRT Newsletter 28

Bluebox Labs found a vulnerability in Android which has been a lot in the news, and while Google have issued a Patch for it, it doesn’t mean the users will have the fix before the OEMs send it out to them. Reports regarding Styx-Crypt and the previous attacks on South Korea. A serious flaw was also found in Cryptocat that meant it was extremely easy to eavesdrop on conversations for seven months.
Microsoft and Adobe did their regular Patch Tuesday for July, which covers a few critical vulnerabilities that you should apply!

Top 5 Business Intelligence links
DEF CON To Feds: We Need Some Time Apart
Ponemon Survey: 59% Of IT Profs Say Security Metrics Are Too Complicated For Management
Practical IT: How to plan against threats to your business
Oops. Japanese Government Shares Internal E-Mails on Google
McAfee: Malware hunts for South Korean military secrets

Top 5 Miscellaneous Security links
Serious flaw found in Cryptocat chat app
Who’s Behind The Styx-Crypt Exploit Pack?
Uncovering Android Master Key that makes 99% of devices vulnerable
This Is Not a Test: Emergency Broadcast Systems Proved Hackable
Thousands of websites defaced after Belgium and Netherland domain registrars hacked

Basefarm SIRT Posts
Patch Tuesday July 2013

Google Chrome 25.0.1364.87

Google has released an update to their browser, and all users are suggested to update as soon as possible to avoid exploitation.

More information: http://googlechromereleases.blogspot.se/search/label/Stable%20updates