Daily NCSC-FI news followup 2019-09-10

Business Email Compromise Is a $26 Billion Scam Says the FBI

www.bleepingcomputer.com/news/security/business-email-compromise-is-a-26-billion-scam-says-the-fbi/ FBI’s Internet Crime Complaint Center (IC3) says that Business Email Compromise (BEC) scams are continuing to grow every year, with a 100% increase in the identified global exposed losses between May 2018 and July 2019.

281 Arrested in Worldwide Business Email Compromise Crackdown

www.bleepingcomputer.com/news/security/281-arrested-in-worldwide-business-email-compromise-crackdown/ 281 people were arrested over a four-month period in the U.S. and in countries around the world as part of Operation reWired, a coordinated effort of multiple law enforcement agencies from several countries.

Office 365 ATP Automated Incident Response Now Generally Available

www.bleepingcomputer.com/news/microsoft/office-365-atp-automated-incident-response-now-generally-available/ Microsoft announced today the general availability of the Automated Incident Response feature in Office 365 Advanced Threat Protection (ATP) users to support the rising requirements of security teams.

Microsoft Phishing Page Uses Captcha to Bypass Automated Detection

www.bleepingcomputer.com/news/security/microsoft-phishing-page-uses-captcha-to-bypass-automated-detection/ A new phishing campaign has been observed in the wild using captcha boxes to hide a fake Microsoft account login page from secure email gateways (SEGs).

Microsoft Teams Can Be Used To Execute Arbitrary Payloads

www.bleepingcomputer.com/news/security/microsoft-teams-can-be-used-to-execute-arbitrary-payloads/ Attackers can use genuine binaries from Microsoft Teams to execute a malicious payload using a mock installation folder for the collaboration software.

How Safari and iMessage Have Made iPhones Less Secure

www.wired.com/story/ios-security-imessage-safari/ Security researchers say iOS’s security woes stem in part from Apple putting too much trust in its own software’s code.

The NetCAT is out of the bag: Intel chipset exploited to sniff SSH passwords as they’re typed over the network

www.theregister.co.uk/2019/09/10/intel_netcat_side_channel_attack/ Cunning data-snooping side-channel technique is tough to exploit, Chipzilla warns. Report: www.vusec.net/projects/netcat/

Microsoft’s September 2019 Patch Tuesday Fixes 79 Vulnerabilities

www.bleepingcomputer.com/news/microsoft/microsofts-september-2019-patch-tuesday-fixes-79-vulnerabilities/ With the release of the September 2019 security updates, Microsoft has released 2 advisories and updates for 79 vulnerabilities. Of these vulnerabilities, 17 are classified as Critical. . Also:

isc.sans.edu/diary/rss/25310

Microsoft Releases the September 2019 Security Updates for Office

www.bleepingcomputer.com/news/microsoft/microsoft-releases-the-september-2019-security-updates-for-office/ Microsoft released the September 2019 Microsoft Office security updates, bundling a total of 19 security updates and five cumulative updates across seven different products, five of them patching remote code execution flaws.

It’s 2019, and Windows PCs can be pwned via a shortcut file, a webpage, an evil RDP server…

www.theregister.co.uk/2019/09/10/patch_tuesday_abode_sap/ Microsoft joins Adobe and SAP in cleaning up security bugs, two of which are under active attack

Exploit Kits Target Windows Users with Ransomware and Trojans

www.bleepingcomputer.com/news/security/exploit-kits-target-windows-users-with-ransomware-and-trojans/ Over the weekend and into today, four different malvertising campaigns have been redirecting users to exploit kits that install password stealing Trojans, ransomware, and clipboard hijackers.. (Using vulnerabilities from 2018 and before)

Some D-Link and Comba WiFi Routers Leak Their Passwords in Plaintext

thehackernews.com/2019/09/router-password-hacking.html

Rolling in DoH: Chrome 78 to experiment with DNS-over-HTTPS hot on the heels of Firefox

www.theregister.co.uk/2019/09/10/chrome_78_dnsoverhttps/ Google promises it won’t override your choice of DNS provider

Scraping A Public Website Doesn’t Violate the CFAA, Ninth Circuit (Mostly) Holds

reason.com/2019/09/09/scraping-a-public-website-doesnt-violate-the-cfaa-ninth-circuit-mostly-holds/ The Ninth Circuit Court of Appeals has handed down a groundbreaking decision today on the federal computer hacking law, the Computer Fraud and Abuse Act (CFAA). In HiQ Labs v. LinkedIn, the court held that scraping a public website is likely not a CFAA violation.

You might be interested in …

Daily NCSC-FI news followup 2020-05-05

How Many Engineers Does It Take to Digitally Secure a Solar Panel? www.nist.gov/blogs/cybersecurity-insights/how-many-engineers-does-it-take-digitally-secure-solar-panel The headline for this blog post is not a trick question or the beginning of a bad joke. I asked this question maybe a bit facetiously when I met the National Cybersecurity Center of Excellence (NCCoE) energy sector team in late 2018. […]

Read More

Daily NCSC-FI news followup 2020-08-25

DDoS Hide & Seek: On the Effectiveness of a Booter Services Takedown labs.ripe.net/Members/daniel_kopp/ddos-hide-and-seek In this article, we investigated booter-based DDoS attacks in the wild and the impact of an FBI takedown targeting fifteen booter websites in December 2018. We investigated and compared attack properties of multiple booter services by launching DDoS attacks against our own […]

Read More

Daily NCSC-FI news followup 2019-06-27

Firefox Will Give You a Fake Browsing History to Fool Advertisers www.vice.com/en_us/article/43j8qm/firefox-will-give-you-a-fake-browsing-history-to-fool-advertisers Using the ‘Track THIS’ tool opens up 100 tabs at a time that will make you seem like a hypebeast, a filthy rich person, a doomsday prepper, or an influencer. Google Public DNS over HTTPS (DoH) supports RFC 8484 standard security.googleblog.com/2019/06/google-public-dns-over-https-doh.html Ever since […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.