Daily NCSC-FI news followup 2019-08-16

New Bluetooth KNOB Attack Lets Attackers Manipulate Traffic

www.bleepingcomputer.com/news/security/new-bluetooth-knob-attack-lets-attackers-manipulate-traffic/ A new Bluetooth vulnerability named “Key Negotiation Of Bluetooth attack” or “KNOB” has been disclosed that allow attackers to more easily brute force the encryption key used during pairing to monitor or manipulate the data transferred between two paired devices.. see also knobattack.com/

Ammottava aukko päästi viemään salasanat, kasvot ja sormenjäljet suomalaiskäyttäjä kiistää vaaran

www.is.fi/digitoday/tietoturva/art-2000006206472.html Kulkulupien myöntämisessä käytetystä BioStar 2 -ohjelmistosta paljastui hälyttävä tietoturvaongelma.. Web-pohjainen älylukko BioStar 2 on voinut sallia hakkereille erittäin arkaluonteisen tiedon varastamisen, väittää ongelman havainnut vpnMentor.. VpnMentor pystyi etäältä pääsemään käsiksi esimerkiksi yli miljoonaan sormenjälkitietoon ja kaikkiaan 27,8 miljoonaan tallenteeseen. Tietoa saatiin 23 gigatavun edestä ja siinä oli mukana muun muassa sormenjälkiä, kasvokuvia, salaamattomia salasanoja, tietoja työntekijöiden kulkuoikeuksista ja työntekijöiden henkilökohtaisia tietoja.

Over the course of three days (12 – 15 August 2019) we monitored the public submissions of three popular online sandbox services. These services allow anyone to upload a file and then generate a report about what happens when the file is opened; they then give an indication as to whether the file is malicious or benign.

blog.cylab.co/2019/08/16/confidential-company-documents-exposed-in-public-sandboxes/ The services chosen all have public feeds and do not require payment in order to download or view the public submissions.. By far the most numerous benign documents were invoices and purchase orders. We collected just over 200 in three days; this was expected as these are some of the most popular document types being emailed between businesses.

Microsoft Warns of Phishing Attacks Using Custom 404 Pages

www.bleepingcomputer.com/news/security/microsoft-warns-of-phishing-attacks-using-custom-404-pages/ Microsoft security researchers discovered an unusual phishing campaign which employs custom 404 error pages to trick potential victims into handing out their Microsoft credentials.. To do this, the attackers register a domain and instead of creating a single phishing landing page to redirect their victims to, they configure a custom 404 page which shows the fake login form.. This allows the phishers to have an infinite amount of phishing landing pages URLs generated with the help of a single registered domain.

European Central Bank Shuts Down ‘BIRD Portal’ After Getting Hacked

thehackernews.com/2019/08/european-central-bank-hack.html The European Central Bank (ECB) confirmed Thursday that it had been hit by a cyberattack that involved attackers injecting malware into one of its websites and potentially stealing contact information of its newsletter subscribers.

Energy Sector Phish Swims Past Microsoft Email Security via Google Drive

threatpost.com/energy-phish-microsoft-security-google-drive/147397/ The savvy technique of avoiding malicious links in the email allowed the phishing attack to reach its targets.

Analysis of a Spearphishing Maldoc

isc.sans.edu/diary/rss/25242

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.