BF-SIRT Newsletter 2018-03

Researchers have uncovered a government-sponsored mobile hacking group operating since 2012.
OnePlus had its store compromised, leaving 40 000 credit cards compromised.
Hackers have started exploiting three Microsoft Office flaws to spread Zyklon malware.

Top 5 Security Links
OnePlus minus 40,000 credit cards: Smartmobe store hacked to siphon payment info to crooks
Transmission users beware: Flaw lets hackers control your computer
Skygofree Android malware is “one of the most powerful ever seen”
Hackers Exploiting Three Microsoft Office Flaws to Spread Zyklon Malware
Researchers Uncover Government-Sponsored Mobile Hacking Group Operating Since 2012

BF-SIRT Newsletter 2018-02

Microsoft released patches for Meltdown and Spectre, but it’s important to update ones antivirus before applying the patches.

Latest WebLogic exploit caused an increase in compromised hosts being used for mining Cryptocurrencies.

F-Secure finds a new Intel AMT Security Issue which gives hackers with physical access full control of laptops in 30 seconds.

Top 5 Security Links
Police give out infected USBs as prizes in cybersecurity quiz
Wi-Fi Alliance launches WPA3 protocol with new security features
Mining or Nothing!
Anti-Virus updates required ahead of Microsoft’s Meltdown, Spectre patches
New Intel AMT Security Issue Lets Hackers Gain Full Control of Laptops in 30 Seconds

BF-SIRT Newsletter 2018-01

Meltdown and Spectre, two security flaws said to be affecting almost all CPUs released since 1995, was announced this week, and will probably haunt us for years to come.

Exploit code used in the Mirai malware variant called Satori, which was used to attack hundreds of thousands of Huawei routers over the past several weeks, is now public. We might see more of this in near future botnets.

A researcher released details of a local privilege escalation attack against macOS that dates back to 2002, totally ignoring any responsible disclosure process.

Top 5 Security Links
Meltdown and Spectre – Bugs in modern computers leak passwords and sensitive data.
Mozilla Patches Critical Bug in Thunderbird
Attention, vSphere VDP backup admins: There is a little remote root hole you need to patch…
MacOS LPE Exploit Gives Attackers Root Access
Code Used in Zero Day Huawei Router Attack Made Public