Daily NCSC-FI news followup 2019-08-31

VLAN as an additional security layer

www.kaspersky.com/blog/vlan-security/28253/ Every company has employees who handle large volumes of external e-mail. HR officers, PR managers, and salespeople are a few common examples. In addition to their regular mail, they receive a lot of spam, phishing messages, and malicious attachments. Moreover, the nature of their work requires them to open unverified attachments and click links in unfamiliar e-mails. Information security professionals typically isolate such departments from critically important nodes in the corporate network. But in companies with no dedicated IT security, they pose a major risk to all staff.. One of the most effective ways to safeguard company units that work with critical information against the risk of infection is to segment the corporate network into several autonomous subnets.

WordPress sites under attack as hacker group tries to create rogue admin accounts

www.zdnet.com/article/wordpress-sites-under-attack-as-hacker-group-tries-to-create-rogue-admin-accounts/ Hackers exploit vulnerabilities in more than ten WordPress plugins to plant backdoor accounts on unpatched sites. A hacker group is exploiting vulnerabilities in more than ten WordPress plugins to create rogue admin accounts on WordPress sites across the internet. The attacks are an escalation part of a hacking campaign that started last month. During previous attacks, the hackers exploited vulnerabilities in the same plugins to plant malicious code on the hacked sites. This code was meant to show popup ads or to redirect incoming visitors to other websites.

TrickBot Bypasses Secure Email Gateway Using Google Docs Phishing

www.bleepingcomputer.com/news/security/trickbot-bypasses-secure-email-gateway-using-google-docs-phishing/ The Google Docs online word processor is being used by attackers to disseminate TrickBot banking Trojan payloads to unsuspecting victims via executables camouflaged as PDF documents. Phishing is used by attackers to deceive their targets into handing over sensitive information using social engineering techniques by redirecting them to fraudulent websites they control or to deliver malicious payloads via e-mails designed to look like they’re sent by someone they trust.

Coin-mining malware jumps from Arm IoT gear to Intel servers

www.theregister.co.uk/2019/08/30/coinmining_malware_intel/ Cryptocurrency crooks look to siphon cycles from enterprise kit. A coin-mining malware infection previously only seen on Arm-powered IoT devices has made the jump to Intel systems. Akamai senior security researcher Larry Cashdollar says one of his honeypot systems recently turned up what appears to be an IoT malware that targets Intel machines running Linux.

How Twitter CEO Jack Dorsey’s Account Was Hacked

www.wired.com/story/jack-dorsey-twitter-hacked/ Jack Dorseys ongoing mission to increase the civility of public discourse suffered a setback Friday, when an anonymous hacker took over his Twitter account for 20 minutes and retweeted @taytaylov3rs claim that nazi germany did nothing wrong.. Twitter, as you likely know if you’ve spent any time there, has an ongoing, well-documented problem with Nazis, white supremacists, and other extremists. It appears taytaylov3r’s account has since been suspended.. Myƶs:

yle.fi/uutiset/3-10948286

Thread on network input parsers

blog.erratasec.com/2019/08/thread-on-network-input-parsers.html I am spending far too long on this chapter on “parsers”. It’s this huge gaping hole in Computer Science where academics don’t realize it’s a thing. It’s like physics missing one of Newton’s laws, or medicine ignoring broken bones, or chemistry ignoring fluorine. The problem is that without existing templates of how “parsing” should be taught, it’s really hard coming up with a structure for describing it from scratch.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.