C410 A2BE CB73 EF77 746E 9682 E2C4 91CE D20D 800F

Infosec bits for weeks 48-49/17

- Roderick Mooi

  1. US-CERT TA14-017A: UDP-Based Amplification Attacks – updated
    - Good background, detection methods and mitigation advice
    - CLDAP attacks have moved up to no. 3
  2. Google study finds phishing attacks more efficient than data breaches
    - www.scmagazine.com/google-study-finds-250000-web-credentials-stolen-every-week/article/706810/
    - www.zdnet.com/article/google-our-hunt-for-hackers-reveals-phishing-is-far-deadlier-than-data-breaches/
  3. Intel Releases Firmware Updates for Multiple Vulnerabilities
    - www.us-cert.gov/ncas/current-activity/2017/11/21/Intel-Firmware-Vulnerability
    - www.theregister.co.uk/2017/11/23/intel_firmware_fixes_slow_to_arrive/
    - www.bleepingcomputer.com/news/hardware/dell-other-vendors-start-shipping-laptops-with-intel-me-firmware-disabled/
  4. Patches Available for Samba Vulnerabilities
    - Patch your embedded devices (or any others using samba) and/or disable SMB1
    - blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/
    - redmondmag.com/articles/2017/05/18/more-advice-on-disabling-windows-smb-1.aspx
    - Remember to check your printers!
  5. Microsoft Office Equation Editor Flaw is Already Being Exploited
  6. Malicious Document Turns Off Word Macro Protections
  7. GitHub: Introducing security alerts on GitHub
  8. AWS Bucket Misconfiguration Exposes Classified NSA Data
    - Key takeaway: Use Amazon’s free vulnerability assessment service for the first 90 days while you implement a plan to extend your own vulnerability management solution to include the new AWS bucket
  9. Enable First-Party Isolation (FPI) on FireFox to further block trackers from adding to your online profile
  10. FaceID Beaten By Mask
  11. ‘Pop-Unders’ used to Launch Hidden, Persistent Cryptocurrency Miners
    - www.bleepingcomputer.com/news/security/cryptojacking-script-continues-to-operate-after-users-close-their-browser/
    - isc.sans.edu/forums/diary/9+Fast+and+Easy+Ways+To+Lose+Your+Crypto+Coins/23071/
  12. Prison hacker who tried to free friend now likely to join him inside!