Daily NCSC-FI news followup 2019-06-18

Microsoft Operating Systems BlueKeep Vulnerability

www.us-cert.gov/ncas/alerts/AA19-168A BlueKeep (CVE-2019-0708) exists within the Remote Desktop Protocol (RDP) used by the Microsoft Windows OSs listed above. An attacker can exploit this vulnerability to perform remote code execution on an unprotected system.

Russian Hacks on U.S. Voting System Wider Than Previously Known

www.bloomberg.com/news/articles/2017-06-13/russian-breach-of-39-states-threatens-future-u-s-elections Russias cyberattack on the U.S. electoral system before Donald Trumps election was far more widespread than has been publicly revealed, including incursions into voter databases and software systems in almost twice as many states as previously reported.

THE HIGHLY DANGEROUS ‘TRITON’ HACKERS HAVE PROBED THE US GRID

www.wired.com/story/triton-hackers-scan-us-power-grid/ Over the past several months, security analysts at the Electric Information Sharing and Analysis Center (E-ISAC) and the critical-infrastructure security firm Dragos have been tracking a group of sophisticated hackers carrying out broad scans of dozens of US power grid targets, apparently looking for entry points into their networks. Scanning alone hardly represents a serious threat. But these hackers, known as Xenotimeor sometimes as the Triton ac

Microsoft Management Console Bugs Allow Windows Takeover

threatpost.com/microsoft-management-console-bugs/145791/ A Windows interface that allows system administrators to configure and monitor systems from an admin level has several vulnerabilities that would allow an attacker to install malicious payloads and even take over a target, privileged machine.

GoldBrute: the botnet searching for RDP connections

www.pandasecurity.com/mediacenter/malware/goldbrute-botnet-rdp/ This new threat is GoldBrute, a botnet that is currently scanning the Internet, actively searching for Windows machines with the Remote Desktop Protocol (RDP) connection enabled. The researchers have discovered that the malware has compiled a list of 1.5 million unique systems with RDP enabled.

Threat Actors Use Older Cobalt Strike Versions to Blend In

www.bleepingcomputer.com/news/security/threat-actors-use-older-cobalt-strike-versions-to-blend-in/ Plenty of outdated Cobalt Strike servers exist in the wild, helping cybercriminals or giving security professionals the upper hand when testing corporate defenses; and they can be easily identified to stifle intrusions of any purpose.

You might be interested in …

Daily NCSC-FI news followup 2019-06-08

Critical Flaws in Amcrest HDSeries Camera Allow Complete Takeover threatpost.com/amcrest-critical-security-issues/145507/ Two critical severity bugs have been publicly disclosed that impact Amcrest HDSeries model IPM-721S cameras. Both vulnerabilities open the consumer-grade ($50) Wi-Fi cameras to complete takeover by remote, unauthenticated attackers. Mandar Satam, senior security researcher at Synopsys, found the six security flaws in the IPM-721S […]

Read More

Daily NCSC-FI news followup 2020-11-22

Manchester United Shuts Down Systems To Fend Off A Sophisticated Cyber Attack www.forbes.com/sites/leemathews/2020/11/21/manchester-united-shuts-down-systems-to-fend-off-a-sophisticated-cyber-attack/?sh=2759d59b4b60 Its not often that you find cybersecurity headlines on sports websites, but you will this weekend. Manchester United, the third most valuable soccer team in the world, announced yesterday that its network had been breached by hackers.

Read More

Daily NCSC-FI news followup 2020-10-02

Emotet malware takes part in the 2020 U.S. elections www.bleepingcomputer.com/news/security/emotet-malware-takes-part-in-the-2020-us-elections/ Emotet is now taking part in the United States 2020 Presidential election with a new spam campaign pretending to be from the Democratic National Convention’s Team Blue initiative. XDSpy cyber-espionage group operated discretely for nine years www.bleepingcomputer.com/news/security/xdspy-cyber-espionage-group-operated-discretely-for-nine-years/ Researchers at ESET today published details about a […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.