Daily NCSC-FI news followup 2019-08-16

New Bluetooth KNOB Attack Lets Attackers Manipulate Traffic

www.bleepingcomputer.com/news/security/new-bluetooth-knob-attack-lets-attackers-manipulate-traffic/ A new Bluetooth vulnerability named “Key Negotiation Of Bluetooth attack” or “KNOB” has been disclosed that allow attackers to more easily brute force the encryption key used during pairing to monitor or manipulate the data transferred between two paired devices.. see also knobattack.com/

Ammottava aukko päästi viemään salasanat, kasvot ja sormenjäljet suomalaiskäyttäjä kiistää vaaran

www.is.fi/digitoday/tietoturva/art-2000006206472.html Kulkulupien myöntämisessä käytetystä BioStar 2 -ohjelmistosta paljastui hälyttävä tietoturvaongelma.. Web-pohjainen älylukko BioStar 2 on voinut sallia hakkereille erittäin arkaluonteisen tiedon varastamisen, väittää ongelman havainnut vpnMentor.. VpnMentor pystyi etäältä pääsemään käsiksi esimerkiksi yli miljoonaan sormenjälkitietoon ja kaikkiaan 27,8 miljoonaan tallenteeseen. Tietoa saatiin 23 gigatavun edestä ja siinä oli mukana muun muassa sormenjälkiä, kasvokuvia, salaamattomia salasanoja, tietoja työntekijöiden kulkuoikeuksista ja työntekijöiden henkilökohtaisia tietoja.

Over the course of three days (12 – 15 August 2019) we monitored the public submissions of three popular online sandbox services. These services allow anyone to upload a file and then generate a report about what happens when the file is opened; they then give an indication as to whether the file is malicious or benign.

blog.cylab.co/2019/08/16/confidential-company-documents-exposed-in-public-sandboxes/ The services chosen all have public feeds and do not require payment in order to download or view the public submissions.. By far the most numerous benign documents were invoices and purchase orders. We collected just over 200 in three days; this was expected as these are some of the most popular document types being emailed between businesses.

Microsoft Warns of Phishing Attacks Using Custom 404 Pages

www.bleepingcomputer.com/news/security/microsoft-warns-of-phishing-attacks-using-custom-404-pages/ Microsoft security researchers discovered an unusual phishing campaign which employs custom 404 error pages to trick potential victims into handing out their Microsoft credentials.. To do this, the attackers register a domain and instead of creating a single phishing landing page to redirect their victims to, they configure a custom 404 page which shows the fake login form.. This allows the phishers to have an infinite amount of phishing landing pages URLs generated with the help of a single registered domain.

European Central Bank Shuts Down ‘BIRD Portal’ After Getting Hacked

thehackernews.com/2019/08/european-central-bank-hack.html The European Central Bank (ECB) confirmed Thursday that it had been hit by a cyberattack that involved attackers injecting malware into one of its websites and potentially stealing contact information of its newsletter subscribers.

Energy Sector Phish Swims Past Microsoft Email Security via Google Drive

threatpost.com/energy-phish-microsoft-security-google-drive/147397/ The savvy technique of avoiding malicious links in the email allowed the phishing attack to reach its targets.

Analysis of a Spearphishing Maldoc


You might be interested in …

Daily NCSC-FI news followup 2020-02-01

Exercise Crossed Swords 2020 Reached New Levels of Multinational and Interdisciplinary Cooperation ccdcoe.org/news/2020/exercise-crossed-swords-2020-reached-new-levels-of-multinational-and-interdisciplinary-cooperation/ The 6th iteration of the annual cyber exercise Crossed Swords in Riga, Latvia, brought together more than 120 technical experts, Cyber Commands´ members, Special Forces operators and military police. Organized jointly by the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) and […]

Read More

Daily NCSC-FI news followup 2019-06-08

Critical Flaws in Amcrest HDSeries Camera Allow Complete Takeover threatpost.com/amcrest-critical-security-issues/145507/ Two critical severity bugs have been publicly disclosed that impact Amcrest HDSeries model IPM-721S cameras. Both vulnerabilities open the consumer-grade ($50) Wi-Fi cameras to complete takeover by remote, unauthenticated attackers. Mandar Satam, senior security researcher at Synopsys, found the six security flaws in the IPM-721S […]

Read More

Daily NCSC-FI news followup 2021-03-13

Protecting on-premises Exchange Servers against recent attacks www.microsoft.com/security/blog/2021/03/12/protecting-on-premises-exchange-servers-against-recent-attacks/ For the past few weeks, Microsoft and others in the security industry have seen an increase in attacks against on-premises Exchange servers. The target of these attacks is a type of email server most often used by small and medium-sized businesses, although larger organizations with on-premises Exchange […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.