Daily NCSC-FI news followup 2019-08-09

Finding Evil in Windows 10 Compressed Memory, Part Two: Virtual Store Deep Dive

www.fireeye.com/blog/threat-research/2019/08/finding-evil-in-windows-ten-compressed-memory-part-two.html This blog post is the second in a three-part series covering our Windows 10 memory forensics research and it coincides with our BlackHat USA 2019 presentation. In this post, we demonstrate how to retrieve a compressed page using the structures and algorithms described in our white paper.. Part three:


LLDBFuzzer: Debugging and Fuzzing the Apple Kernel with LLDB Script

blog.trendmicro.com/trendlabs-security-intelligence/lldbfuzzer-debugging-and-fuzzing-the-apple-kernel-with-lldb-script/ To help security researchers, we have developed LLDBFuzzer, which is based on the LLVM Projects next-generation debugger called Low Level Debugger (LLDB). We tested LLDBFuzzer on a MacPros AMD graphic drivers.

Researchers Bypass Apple FaceID Using Biometrics Achilles Heel

threatpost.com/researchers-bypass-apple-faceid-using-biometrics-achilles-heel/147109/ Vulnerabilities have been uncovered in the authentication process of biometrics technology that could allow bad actors to bypass various facial recognition applications including Apples FaceID. But there is a catch. Doing so requires the victim to be out cold.

Porin kaupunkiin kohdistunut tietomurto onkin odotettua vakavampi

yle.fi/uutiset/3-10916012 Porin kaupungin tietomurto on paljastunut vakavammaksi kuin aluksi luultiin. Tutkimusten edetessä on huomattu, että tietomurron tekijät ovat päässeet käsiksi käyttäjien omiin tiedostoihin.

Customer Information Exposed In Air New Zealand Phishing Attack

www.bleepingcomputer.com/news/security/customer-information-exposed-in-air-new-zealand-phishing-attack/ Air New Zealand sent e-mails to customers enrolled in its Airpoints loyalty program to warn them of a phishing attack that successfully compromised the email accounts of two staff members which potentially led to personal information being accessed by the attackers.

Instagram’s lax privacy practices let a trusted partner track millions of users’ physical locations, secretly save their stories, and flout its rules

www.businessinsider.com/startup-hyp3r-saving-instagram-users-stories-tracking-locations-2019-8?r=US&IR=T A buzzy San Francisco startup has been secretly saving what appears to be millions of Instagram users’ stories and tracking their locations. The marketing firm Hyp3r has been scraping huge quantities of data off the Facebook-owned app and using it to build up detailed profiles of people’s movements and interests.

Apple Confirms $1 Million Reward For Anyone Who Can Hack An iPhone

www.forbes.com/sites/thomasbrewster/2019/08/08/apple-confirms-1-million-reward-for-hackers-who-find-serious-iphone-vulnerabilities/#69ec0a8b3948 Apple has massively increased the amount its offering hackers for finding vulnerabilities in iPhones and Macs, up to $1 million. Its by far the highest bug bounty on offer from any major tech company.

You might be interested in …

Daily NCSC-FI news followup 2021-05-21

Insurance company paid $40 million in ransom after march cyberattack www.bloomberg.com/news/articles/2021-05-20/cna-financial-paid-40-million-in-ransom-after-march-cyberattack CNA Financial paid $40 million in late March to regain control of its network after a ransomware attack. The payment is bigger than any previously disclosed payments to hackers. Microsoft Warns of Data Stealing Malware StrRAT That Pretends to Be Ransomware threatpost.com/email-campaign-fake-ransomware-rat/166378/ On Thursday […]

Read More

Daily NCSC-FI news followup 2020-04-12

Sodinokibi Ransomware to stop taking Bitcoin to hide money trail www.bleepingcomputer.com/news/security/sodinokibi-ransomware-to-stop-taking-bitcoin-to-hide-money-trail/ The Sodinokibi Ransomware has started to accept the Monero cryptocurrency to make it harder for law enforcement to track ransom payments and plans to stop allowing bitcoin payments in the future. Burning Cell Towers, Out of Baseless Fear They Spread the Virus www.msn.com/en-us/news/technology/how-a-virus-conspiracy-theory-fueled-arson-and-harassment-in-britain/ar-BB12rCms Across […]

Read More

Daily NCSC-FI news followup 2020-08-20

Emotet palasi kesälomalta ja on jälleen aktiivinen Miten pienennät riskiä ympäristössäsi? blog.f-secure.com/fi/emotet-palasi-kesalomalta-ja-on-jalleen-aktiivinen-miten-pienennat-riskia-ymparistossasi/ Emotet-haittaohjelma on jälleen aktivoitunut rauhallisemman kevään ja kesän jälkeen. Vuodesta 2014 toiminut troijalainen on ollut vaihtelevasti tauolla, mutta jälleen on havaittavissa poikkeuksellisen voimakasta toimintaa.. Kyberturvallisuuskeskus varoitti 18.8.2020 organisaatioita haittaohjelman poikkeuksellisen aktiivisesta leviämisestä suomalaisten organisaatioiden keskuudessa ja uhka on luokiteltu tällä hetkellä vakavaksi Microsoft […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.