Daily NCSC-FI news followup 2019-07-13

Brazil is at the forefront of a new type of router attack

www.zdnet.com/article/brazil-is-at-the-forefront-of-a-new-type-of-router-attack/ On these sites, malicious ads (malvertising) run special code inside users’ browsers to search and detect the IP address of a home router, the router’s model. When they detect the router’s IP and model, the malicious ads then use a list of default usernames and passwords to log into users’ devices, without their knowledge.. If the attacks are successful, additional malicious code relayed through the malicious ads will modify the default DNS settings on the victims’ routers, replacing the DNS server IP addresses routers receive from the upstream ISPs with the IP addresses of DNS servers managed by the hackers.

Brilliant Boston boffins blow big borehole in Bluetooth’s ballyhooed barricades: MAC addy randomization broken

www.theregister.co.uk/2019/07/12/untraceable_bluetooth_exposed/ David Strobinski, David Li, and Johannes Becker at Boston University told The Register how they found that the MAC randomization system of Bluetooth LE, designed to thwart the tracking of devices, transmits packages of data that can still be used to uniquely identify, and thus track the location of a mobile phone or PC.

iOS URL Scheme Susceptible to Hijacking

blog.trendmicro.com/trendlabs-security-intelligence/ios-url-scheme-susceptible-to-hijacking/ The URL Scheme can be dangerous and is not recommended for the transfer of sensitive data. Attackers can take advantage of the non-authentication feature since communication and data is transferred regardless of the source or destination.

Burning down the house with IoT

www.pentestpartners.com/security-blog/burning-down-the-house-with-iot/ Weve shown that we can tamper with the temperature, so even if used safely by the user, a hacker can make them less safe.. Yes, this attack requires the hacker to be within Bluetooth range, but it would have been so easy for the manufacturer to include a pairing/bonding function to prevent this.

You might be interested in …

Daily NCSC-FI news followup 2021-09-09

GitHub finds 7 code execution vulnerabilities in ‘tar’ and npm CLI www.bleepingcomputer.com/news/security/github-finds-7-code-execution-vulnerabilities-in-tar-and-npm-cli/ GitHub security team has identified several high-severity vulnerabilities in npm packages, “tar” and “@npmcli/arborist,” used by npm CLI. Zoho patches actively exploited critical ADSelfService Plus bug www.bleepingcomputer.com/news/security/zoho-patches-actively-exploited-critical-adselfservice-plus-bug/ The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are exploiting a critical […]

Read More

Daily NCSC-FI news followup 2020-12-22

Kyberturvallisuuskeskuksen uusi julkaisu: Opas tietomurtojen havaitsemiseen www.kyberturvallisuuskeskus.fi/fi/julkaisut/opas-tietomurtojen-havaitsemiseen Tässä ohjeessa keskitytään erityisesti tietomurron havaitsemiseen lokitietojen avulla. Esimerkkeinä käytetään Windows Event Log – -­tapahtumalokeja tai muita Windows-­käyttöjärjestelmän lokitapahtumia. Valittuja esimerkkitapahtumia on havaittu tutkituissa tietomurroista tunkeutujien jäljiltä. PDF: www.kyberturvallisuuskeskus.fi/sites/default/files/media/file/Opas-tietomurtojen-havaitsemiseen.pdf SolarWinds hackers breached US Treasury officials’ email accounts www.bleepingcomputer.com/news/security/solarwinds-hackers-breached-us-treasury-officials-email-accounts/ US Senator Ron Wyden said that dozens of US Treasury […]

Read More

Daily NCSC-FI news followup 2019-12-18

MPY:n runkoverkkoon iski vakava häiriö ja suuri osa tietoliikenneyhteyksistä meni poikki “Liian pitkä katkos, palaverin paikka” lansi-savo.fi/uutiset/lahella/412aad43-f61a-4456-a342-9e98bd254d16 MPY tiedotti iltapäivällä vakavasta häiriöstä runkoverkossaan ja kertoi suuren osan yhteyksistä olevan poikki. Yhteys korjaantui seitsemän jälkeen illalla. . Myyntijohtaja Juha Putkonen kertoo, että asia havaittiin kahden maissa iltapäivällä eli katkos kesti noin viisi tuntia.. Myös: blogi.mpy.fi/kuluttajat/hairiotiedotteet/vakava-hairio-mpyn-runkoverkossa-suuri-osa-yhteyksista-poikki Seven […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.