the mnemonic blog- security news, opinion, research and advice

Date:18.05.15 Author:Jan Henrik Schou Straumsheim

Summary of observations and vulnerabilities for the week of May 11, 2015

Last week, Microsoft and Adobe issued their monthly security updates, and CrowdStrike reported a serious vulnerability affecting several virtualization platforms.

Continue reading
Date:11.05.15 Author:Jan Henrik Schou Straumsheim

Weekly update #2015-20

Last week, severe vulnerabilities were reported in WordPress add-ons, as well as software from Lenovo and Cisco.

Continue reading
Date:30.04.15 Author:Tønnes Ingebrigtsen

Sharing Secrets

THE IMPORTANCE OF INFORMATION SHARING CANNOT BE OVERSTATED.

Whether you’re a federal government agency or a small business owner selling hand knit socks on the Internet, a simple truth exists: all organizations are facing an onslaught of cyberattacks on a daily basis, and this is no secret.

It is not a secret that clients become infected with malware, internet-facing services are prodded for vulnerabilities and the volume of malicious emails received are measured in the thousands. Nor is it a secret that many of these attacks are successfully breaching security defenses and infiltrating networks globally.

No, these are merely facts, not secrets.But if we now live in an era where it is common and accepted knowledge that all organizations are under attack, many attacks of which are successful, why is there such reluctance to share data that will only benefit global defenses as a whole?

Continue reading
Date:02.03.15 Author:Martin Eian

Geodo - Round 3

Summary

Geodo is a modified version of the Feodo Banking Trojan (also known as Bugat and Cridex). It was first spotted in June 2014 (1). An in-depth analysis of Geodo revealed that it has the ability to self-propagate through e-mail (2). Infected computers become spam bots that distribute e-mails with a link to the Trojan. Starting Monday February 23rd 2015, we observed a new wave of Geodo distribution.

Continue reading
Date:29.01.15 Author:Petter Nordahl-Hagen

Status on products versus vulnerability in glibc, CVE-2015-0235, “GHOST”

Information about the vulnerability itself:

https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability

Qualys says they will soon publish exploit module for Metasploit, so exploits may soon be in the wild.

This is a short summary from mnemonic, the official information is on the vendors websites.

Continue reading