Daily NCSC-FI news followup 2019-06-22

NASA hacked because of unauthorized Raspberry Pi connected to its networkA:

www.zdnet.com/article/nasa-hacked-because-of-unauthorized-raspberry-pi-connected-to-its-network/ A report published this week by the NASA Office of Inspector General reveals that in April 2018 hackers breached the agency’s network and stole approximately 500 MB of data related to Mars missions. The point of entry was a Raspberry Pi device that was connected to the IT network of the NASA Jet Propulsion Laboratory (JPL) without authorization or going through the proper security review.

WeTransfer Security Incident Sent Files to the Wrong People

www.bleepingcomputer.com/news/security/wetransfer-security-incident-sent-files-to-the-wrong-people/ In an embarrassing security incident, the WeTransfer file sharing service announced that for two days it was sending it’s users shared files to the wrong people. As this service is used to transfer what are considered private, and potentially sensitive files, this could be a big privacy issue for affected users.

Data of 645k Oregonians exposed after nine DHS employees fell for a phishing attack

www.zdnet.com/article/data-of-645k-oregonians-exposed-after-nine-dhs-employees-fell-for-a-phishing-attack/ The personal information of over 645,000 Oregonians who signed up for benefits with the state’s Department of Human Services (DHS) was inadvertently exposed to hackers after nine DHS employees were fooled by phishing emails. The phishing attack happened on January 8, 2019, according to a news release from the Oregon DHS this week.

PoC Released for Outlook Flaw that Microsoft Patched 6 Month After Discovery

thehackernews.com/2019/06/microsoft-outlook-vulnerability.html As we reported two days ago, Microsoft this week released an updated version of its Outlook app for Android that patches a severe remote code execution vulnerability (CVE-2019-1105) that impacted over 100 million users. However, at that time, very few details of the flaw were available in the advisory, which just revealed that the earlier versions of the email app contained a cross-site scripting (XSS) flaw that could allow attackers to run scripts in the context of the current user just by sending a specially crafted email to the victims. Now, Bryan Appleby from F5 Networks, one of the security researchers who reported this issue independently to Microsoft, released more details and proof-of-concept for the Outlook vulnerability that he reported to the tech giant almost six months ago.. See also:

www.f5.com/labs/articles/threat-intelligence/how-i-hacked-the-microsoft-outlook-android-app-and-found-cve-2019-1105

You might be interested in …

Daily NCSC-FI news followup 2020-05-06

COVID-19: Cloud Threat Landscape unit42.paloaltonetworks.com/covid-19-cloud-threat-landscape/ Unit 42 researchers analyzed 1.2 million newly registered domain (NRD) names containing keywords related to the COVID-19 pandemic from March 9, 2020 to April 26, 2020 (7 weeks). 86, 600+ domains are classified as “risky” or “malicious”, spread across various regions, as shown in Figure 1. The United States has […]

Read More

Daily NCSC-FI news followup 2019-08-23

Fortinet SSL VPN vulnerability from May 2019 being exploited in wild opensecurity.global/forums/topic/181-fortinet-ssl-vpn-vulnerability-from-may-2019-being-exploited-in-wild/ CVE-2018-13379 is being exploited in the wild on Fortigate SSL VPN firewalls. These exist as a perimeter security control, so it’s a bad vulnerability.. Also: https://twitter.com/GossiTheDog/status/1164536461665996800. Original security advisory (2019-05-24) fortiguard.com/psirt/FG-IR-18-384 Cisco Warns of Public Exploit Code for Critical Switch Flaws www.bleepingcomputer.com/news/security/cisco-warns-of-public-exploit-code-for-critical-switch-flaws/ Cisco […]

Read More

Daily NCSC-FI news followup 2019-09-25

This vBulletin vBug is vBad: Zero-day exploit lets miscreants hijack vulnerable web forums www.theregister.co.uk/2019/09/24/vbulletin_vbug_zeroday/ Hackers can inject system commands via version 5 of software, no patch available. An anonymous bug hunter has publicly disclosed a zero-day flaw in the version 5 of the popular vBulletin forum software than can be exploited over the internet to […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.