Daily NCSC-FI news followup 2019-08-14

In the Balkans, businesses are under fire from a doublebarreled weapon

www.welivesecurity.com/2019/08/14/balkans-businesses-double-barreled-weapon/ Weve discovered an ongoing campaign in the Balkans spreading two tools having a similar purpose: a backdoor and a remote access trojan we named, respectively, BalkanDoor and BalkanRAT

August Patch Tuesday: Update Fixes Wormable Flaws in Remote Desktop Services, VBScript Gets Disabled by Default

blog.trendmicro.com/trendlabs-security-intelligence/august-patch-tuesday-update-fixes-wormable-flaws-remote-desktop-services-vbscript-disabled-by-default/ Microsoft released updates to patch 93 CVEs, along with two advisories, in this months Patch Tuesday. The bulletin patches issues in Azure DevOps Server, Internet Explorer, Microsoft Office, Microsoft Windows, Visual Studio, to name a few. The patches address 29 vulnerabilities rated Critical and 64 that were rated Important.

Kokemäen kaupunki selvisi haittaohjelmahyökkäyksestä tietoturvallisuutta kehitetään jatkossa

www.tivi.fi/uutiset/tv/7b3aa2db-d37e-47f4-86e2-dd84140b0679 Kokemäen kaupunki tiedottaa haittaohjelman aiheuttaman häiriötilanteen olevan nyt ohi. Kaupungin järjestelmät on palautettu käyttöön tänään keskiviikkona.

DDoS attacks: Getting smaller, sneakier – and more dangerous

www.zdnet.com/article/ddos-attacks-getting-smaller-sneakier-and-more-dangerous/#ftag=RSSbaffb68 High-profile Distributed Denial of Service (DDoS) attacks continue to get bigger — but the smaller, more subtle attacks could be the ones that businesses need to worry about.

Huge Survey of Firmware Finds No Security Gains in 15 Years

securityledger.com/2019/08/huge-survey-of-firmware-finds-no-security-gains-in-15-years/ A survey of more than 6,000 firmware images spanning more than a decade finds no improvement in firmware security and lax security standards for the software running connected devices by Linksys, Netgear and other major vendors.

You might be interested in …

Daily NCSC-FI news followup 2020-02-14

U.S. Charges Huawei with Stealing Trade Secrets from 6 Companies thehackernews.com/2020/02/united-states-china-huawei.html The US Department of Justice (DoJ) and the Federal Bureau of Investigation (FBI) charged Huawei with racketeering and conspiring to steal trade secrets from six US firms, in a significant escalation of a lawsuit against the Chinese telecom giant that began last year. North […]

Read More

Daily NCSC-FI news followup 2019-06-30

Breaking: Huawei will be allowed to do business with U.S. companies again www.androidauthority.com/breaking-huawei-allowed-to-do-business-with-us-companies-again-1004260/ U.S. companies will be allowed to work with Huawei again, President Trump announced in a news conference.. Its not clear what this means for now, but its likely Huawei will be able to acquire basic components like Qualcomm processors and Googles Android […]

Read More

Daily NCSC-FI news followup 2021-04-13

Microsoft April 2021 Patch Tuesday fixes 108 flaws, 5 zero-days www.bleepingcomputer.com/news/microsoft/microsoft-april-2021-patch-tuesday-fixes-108-flaws-5-zero-days/ Today is Microsoft’s April 2021 Patch Tuesday, and with it comes five zero-day vulnerabilities and more Critical Microsoft Exchange vulnerabilities. It has been a tough couple of months for Windows and Microsoft Exchange admins, and it looks like April won’t be any easier, so […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.