9283 8B4A 87FE DC6E C327 EF05 70A8 B78D 1623 3FB5

Infosec bits for week 21/18

  1. Check that your Adobe products have been updated (as always…) [The Register]
    - and if that’s not enough:
    - PDF exploit built to combine zero-day Windows and Adobe Reader bugs [SC Magazine]
    - www.welivesecurity.com/2018/05/15/tale-two-zero-days/
  2. Preventing and recovering from ransomware: No More Ransom project
    - www.nomoreransom.org/en/prevention-advice.html
  3. Mirai botnet adds three new attacks to target IoT devices (including routers and DVRs) [ZDNet]
  4. It only took five hours to close a critical vulnerability in Signal’s desktop client [Cyberscoop]
  5. Side-Channel Vulnerability Variants 3a and 4 (aka New variants on Meltdown and Spectre) [US-CERT]
  6. Google’s Selfish Ledger ideas can also be found in its patent applications [The Verge]
  7. Is your browsing safe against tracking?
    - panopticlick.eff.org/
    - browserleaks.com/
    - amiunique.org/

Infosec bits for week 20/18

  1. What Makes a Cybersecurity Team Successful? [SANS]
    - `The real point is “well prepared, well trained, well managed teams using mature processes will perform better, and need less ad hoc personal interaction to do so.” ‘ – Pescatore
    - `One difference between a “team” and any other group of people is a “plan.” At a minimum, a plan will say who will do what and when they will do it.’ – Murray
    - The SANReN CSIRT is here to help – talk to us :)
  2. Drupal Sites Fall Victims to Cryptojacking Campaigns [Bleeping Computer]
    - Large cryptojacking campaign targeting vulnerable Drupal websites [Bad Packets Report]
    - In case you missed it last time, we hope you’ve patched (and are maintaining) your Drupal instances…
  3. The Digital Vigilantes Who Hack Back [The New Yorker]
    - an interesting read, PG L – would’ve removed it if I was allowed to hack back ;)
  4. ‘Next generation’ flaws found on computer processors: magazine [Reuters]
    - Exclusive: Spectre-NG – Multiple new Intel CPU flaws revealed, several serious [c’t]