Daily NCSC-FI news followup 2019-09-10

Business Email Compromise Is a $26 Billion Scam Says the FBI

www.bleepingcomputer.com/news/security/business-email-compromise-is-a-26-billion-scam-says-the-fbi/ FBI’s Internet Crime Complaint Center (IC3) says that Business Email Compromise (BEC) scams are continuing to grow every year, with a 100% increase in the identified global exposed losses between May 2018 and July 2019.

281 Arrested in Worldwide Business Email Compromise Crackdown

www.bleepingcomputer.com/news/security/281-arrested-in-worldwide-business-email-compromise-crackdown/ 281 people were arrested over a four-month period in the U.S. and in countries around the world as part of Operation reWired, a coordinated effort of multiple law enforcement agencies from several countries.

Office 365 ATP Automated Incident Response Now Generally Available

www.bleepingcomputer.com/news/microsoft/office-365-atp-automated-incident-response-now-generally-available/ Microsoft announced today the general availability of the Automated Incident Response feature in Office 365 Advanced Threat Protection (ATP) users to support the rising requirements of security teams.

Microsoft Phishing Page Uses Captcha to Bypass Automated Detection

www.bleepingcomputer.com/news/security/microsoft-phishing-page-uses-captcha-to-bypass-automated-detection/ A new phishing campaign has been observed in the wild using captcha boxes to hide a fake Microsoft account login page from secure email gateways (SEGs).

Microsoft Teams Can Be Used To Execute Arbitrary Payloads

www.bleepingcomputer.com/news/security/microsoft-teams-can-be-used-to-execute-arbitrary-payloads/ Attackers can use genuine binaries from Microsoft Teams to execute a malicious payload using a mock installation folder for the collaboration software.

How Safari and iMessage Have Made iPhones Less Secure

www.wired.com/story/ios-security-imessage-safari/ Security researchers say iOS’s security woes stem in part from Apple putting too much trust in its own software’s code.

The NetCAT is out of the bag: Intel chipset exploited to sniff SSH passwords as they’re typed over the network

www.theregister.co.uk/2019/09/10/intel_netcat_side_channel_attack/ Cunning data-snooping side-channel technique is tough to exploit, Chipzilla warns. Report: www.vusec.net/projects/netcat/

Microsoft’s September 2019 Patch Tuesday Fixes 79 Vulnerabilities

www.bleepingcomputer.com/news/microsoft/microsofts-september-2019-patch-tuesday-fixes-79-vulnerabilities/ With the release of the September 2019 security updates, Microsoft has released 2 advisories and updates for 79 vulnerabilities. Of these vulnerabilities, 17 are classified as Critical. . Also:


Microsoft Releases the September 2019 Security Updates for Office

www.bleepingcomputer.com/news/microsoft/microsoft-releases-the-september-2019-security-updates-for-office/ Microsoft released the September 2019 Microsoft Office security updates, bundling a total of 19 security updates and five cumulative updates across seven different products, five of them patching remote code execution flaws.

It’s 2019, and Windows PCs can be pwned via a shortcut file, a webpage, an evil RDP server…

www.theregister.co.uk/2019/09/10/patch_tuesday_abode_sap/ Microsoft joins Adobe and SAP in cleaning up security bugs, two of which are under active attack

Exploit Kits Target Windows Users with Ransomware and Trojans

www.bleepingcomputer.com/news/security/exploit-kits-target-windows-users-with-ransomware-and-trojans/ Over the weekend and into today, four different malvertising campaigns have been redirecting users to exploit kits that install password stealing Trojans, ransomware, and clipboard hijackers.. (Using vulnerabilities from 2018 and before)

Some D-Link and Comba WiFi Routers Leak Their Passwords in Plaintext


Rolling in DoH: Chrome 78 to experiment with DNS-over-HTTPS hot on the heels of Firefox

www.theregister.co.uk/2019/09/10/chrome_78_dnsoverhttps/ Google promises it won’t override your choice of DNS provider

Scraping A Public Website Doesn’t Violate the CFAA, Ninth Circuit (Mostly) Holds

reason.com/2019/09/09/scraping-a-public-website-doesnt-violate-the-cfaa-ninth-circuit-mostly-holds/ The Ninth Circuit Court of Appeals has handed down a groundbreaking decision today on the federal computer hacking law, the Computer Fraud and Abuse Act (CFAA). In HiQ Labs v. LinkedIn, the court held that scraping a public website is likely not a CFAA violation.

You might be interested in …

Daily NCSC-FI news followup 2019-10-11

Hakkeriryhmä testasi Jyväskylän yliopiston tietoturvaa www.jyu.fi/fi/ajankohtaista/arkisto/2019/10/hakkeriryhma-testasi-jyvaskylan-yliopiston-tietoturvaa Useiden Jyväskylän yliopiston tietojärjestelmien tietoturvaa testattiin syyskuussa normaalista poikkeavalla tavalla, kun valkohattuhakkeriryhmä Team ROT etsi niistä tietoturvaongelmia toteuttamassaan tietoturvatestauksessa.. Tietoturvatestaus toteutettiin viikonlopun aikana niin, että se haittasi mahdollisimman vähän yliopiston normaalia toimintaa. Testaajilla ei ollut fyysistä pääsyä yliopiston järjestelmiin, vaan yhteys niihin muodostettiin etäältä avoimen verkon kautta juuri niin […]

Read More

Daily NCSC-FI news followup 2019-07-06

ACSC Releases Updated Essential Eight Maturity Model www.us-cert.gov/ncas/current-activity/2019/07/05/acsc-releases-updated-essential-eight-maturity-model The Australian Cyber Security Centre (ACSC) has released updates to its Essential Eight Maturity Model. The model assists organizations in determining the maturity of their implementation of the Essential EightACSCs list of the top mitigation strategies to help organizations protect their systems against adversary threats. The model […]

Read More

Daily NCSC-FI news followup 2020-04-07

80% of all exposed Exchange servers still unpatched for critical flaw www.bleepingcomputer.com/news/security/80-percent-of-all-exposed-exchange-servers-still-unpatched-for-critical-flaw/ Starting March 24, Rapid7 used its Project Sonar internet-wide survey tool to discover all publicly-facing Exchange servers on the Internet and the numbers are grim.. As they found, “at least 357,629 (82.5%) of the 433,464 Exchange servers” are still vulnerable to attacks that […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.