Daily NCSC-FI news followup 2019-09-10

Business Email Compromise Is a $26 Billion Scam Says the FBI

www.bleepingcomputer.com/news/security/business-email-compromise-is-a-26-billion-scam-says-the-fbi/ FBI’s Internet Crime Complaint Center (IC3) says that Business Email Compromise (BEC) scams are continuing to grow every year, with a 100% increase in the identified global exposed losses between May 2018 and July 2019.

281 Arrested in Worldwide Business Email Compromise Crackdown

www.bleepingcomputer.com/news/security/281-arrested-in-worldwide-business-email-compromise-crackdown/ 281 people were arrested over a four-month period in the U.S. and in countries around the world as part of Operation reWired, a coordinated effort of multiple law enforcement agencies from several countries.

Office 365 ATP Automated Incident Response Now Generally Available

www.bleepingcomputer.com/news/microsoft/office-365-atp-automated-incident-response-now-generally-available/ Microsoft announced today the general availability of the Automated Incident Response feature in Office 365 Advanced Threat Protection (ATP) users to support the rising requirements of security teams.

Microsoft Phishing Page Uses Captcha to Bypass Automated Detection

www.bleepingcomputer.com/news/security/microsoft-phishing-page-uses-captcha-to-bypass-automated-detection/ A new phishing campaign has been observed in the wild using captcha boxes to hide a fake Microsoft account login page from secure email gateways (SEGs).

Microsoft Teams Can Be Used To Execute Arbitrary Payloads

www.bleepingcomputer.com/news/security/microsoft-teams-can-be-used-to-execute-arbitrary-payloads/ Attackers can use genuine binaries from Microsoft Teams to execute a malicious payload using a mock installation folder for the collaboration software.

How Safari and iMessage Have Made iPhones Less Secure

www.wired.com/story/ios-security-imessage-safari/ Security researchers say iOS’s security woes stem in part from Apple putting too much trust in its own software’s code.

The NetCAT is out of the bag: Intel chipset exploited to sniff SSH passwords as they’re typed over the network

www.theregister.co.uk/2019/09/10/intel_netcat_side_channel_attack/ Cunning data-snooping side-channel technique is tough to exploit, Chipzilla warns. Report: www.vusec.net/projects/netcat/

Microsoft’s September 2019 Patch Tuesday Fixes 79 Vulnerabilities

www.bleepingcomputer.com/news/microsoft/microsofts-september-2019-patch-tuesday-fixes-79-vulnerabilities/ With the release of the September 2019 security updates, Microsoft has released 2 advisories and updates for 79 vulnerabilities. Of these vulnerabilities, 17 are classified as Critical. . Also:


Microsoft Releases the September 2019 Security Updates for Office

www.bleepingcomputer.com/news/microsoft/microsoft-releases-the-september-2019-security-updates-for-office/ Microsoft released the September 2019 Microsoft Office security updates, bundling a total of 19 security updates and five cumulative updates across seven different products, five of them patching remote code execution flaws.

It’s 2019, and Windows PCs can be pwned via a shortcut file, a webpage, an evil RDP server…

www.theregister.co.uk/2019/09/10/patch_tuesday_abode_sap/ Microsoft joins Adobe and SAP in cleaning up security bugs, two of which are under active attack

Exploit Kits Target Windows Users with Ransomware and Trojans

www.bleepingcomputer.com/news/security/exploit-kits-target-windows-users-with-ransomware-and-trojans/ Over the weekend and into today, four different malvertising campaigns have been redirecting users to exploit kits that install password stealing Trojans, ransomware, and clipboard hijackers.. (Using vulnerabilities from 2018 and before)

Some D-Link and Comba WiFi Routers Leak Their Passwords in Plaintext


Rolling in DoH: Chrome 78 to experiment with DNS-over-HTTPS hot on the heels of Firefox

www.theregister.co.uk/2019/09/10/chrome_78_dnsoverhttps/ Google promises it won’t override your choice of DNS provider

Scraping A Public Website Doesn’t Violate the CFAA, Ninth Circuit (Mostly) Holds

reason.com/2019/09/09/scraping-a-public-website-doesnt-violate-the-cfaa-ninth-circuit-mostly-holds/ The Ninth Circuit Court of Appeals has handed down a groundbreaking decision today on the federal computer hacking law, the Computer Fraud and Abuse Act (CFAA). In HiQ Labs v. LinkedIn, the court held that scraping a public website is likely not a CFAA violation.

You might be interested in …

Daily NCSC-FI news followup 2021-01-21

Digitaalinen turvallisuus 2030 -ohjelma kehittää yhteiskunnan kyberhäiriöiden sietokykyä www.huoltovarmuuskeskus.fi/digitaalinen-turvallisuus-2030-ohjelma-kehittaa-yhteiskunnan-kyberhairioiden-sietokykya/ Huoltovarmuuskeskus käynnistää laajan ohjelmakokonaisuuden, jonka tarkoituksena on kehittää yhteiskunnan sietokykyä kyberhäiriöitä vastaan. Digitaalinen turvallisuus 2030 -ohjelman painopisteet ovat kyberhäiriöihin varautuminen, toimintakyky häiriöiden sattuessa, yhteistyö yhteiskunnan ja yritysmaailman eri toimijoiden välillä sekä tulevaisuuden ilmiöiden ennakointi. Ohjelma on osa Suomen kansallisen kyberturvallisuusstrategian toteutusta. Ransomware is now the biggest […]

Read More

Daily NCSC-FI news followup 2021-06-26

Microsoft says SolarWinds hacking group has breached three new victims therecord.media/microsoft-says-solarwinds-hacking-group-has-breached-three-new-victims/ Microsoft said on Friday that it discovered new cyberattacks carried out by Nobelium, the codename the company has assigned to the Russian state-sponsored hacking group responsible for the SolarWinds hack last year. Direct link to Microsoft report: msrc-blog.microsoft.com/2021/06/25/new-nobelium-activity/ Microsoft admits to signing rootkit malware […]

Read More

Daily NCSC-FI news followup 2019-06-13

Tivi: Louhen palvelimissa tietomurto, palveluja alhaalla jo neljättä päivää Uskomattoman hidasta toimintaa www.tivi.fi/uutiset/louhen-palvelimissa-tietomurto-palveluja-alhaalla-jo-neljatta-paivaa-uskomattoman-hidasta-toimintaa/1f174864-f64a-46d7-9aab-dbdab45801c5 Suomalaisen webhotelli-yhtiö Louhen palvelut ovat kärsineet vakavista ongelmista tietomurron takia. Louhi tiedottaa verkkosivuillaan, että seitsemän webhotellipalvelinta on kärsinyt ongelmista. Niiden johdosta verkkosivut ja sähköpostipalvelut eivät ole toimineet. Tapahtuneen tietomurron johdosta palvelut tullaan siirtämään korvaaville alustoille niin pian kuin mahdollista, Louhi tiedottaa. Ransomware […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.