Daily NCSC-FI news followup 2019-09-27

Some Voting Machines Still Have Decade-Old Vulnerabilities

www.wired.com/story/voting-village-results-hacking-decade-old-bugs/ The results of the 2019 Defcon Voting Village are inand they paint an ugly picture for voting machine security.. In three short years, the Defcon Voting Village has gone from a radical hacking project to a stalwart that surfaces voting machine security issues. This afternoon, its organizers released findings from this year’s eventincluding urgent vulnerabilities from a decade ago that still plague voting machines currently in use.

Onko sinulla äly-tv? Nämä kaikki tiedot se kerää sinusta

www.is.fi/digitoday/tietoturva/art-2000006247849.html Älytelevisiot tarkkailevat katsojaa ja lähettävät heistä tietoa moneen paikkaan. Asennusvaiheessa on syytä pitää silmä tarkkana.

Divergent: “Fileless” NodeJS Malware Burrows Deep Within the Host

blog.talosintelligence.com/2019/09/divergent-analysis.html Cisco Talos recently discovered a new malware loader being used to deliver and infect systems with a previously undocumented malware payload called “Divergent.”This threat uses NodeJS a program that executes JavaScript outside of a web browser as well as the legitimate open-source utility WinDivert to facilitate some of the functionality in the Divergent malware.

Here’s a phishing URL to give you nightmares https://www.reddit.com/r/sysadmin/comments/d9ndnf/heres_a_phishing_url_to_give_you_nightmares/ I got an alert about a user click on a phishing email. Took a look at the alert and the URI originally looked legit – adobe.com, no problem. I tested the URI string from Adobe, and sure enough you can put anything after &p1= and adobe will redirect you.. See also:

www.bleepingcomputer.com/news/security/adobe-and-google-open-redirects-abused-by-phishing-campaigns/

Kaivinkone katkaisi tietoliikennekaapelin Vantaalla, Apotti-tietojärjestelmän verkkoyhteydet poikki

www.hs.fi/kaupunki/art-2000006252723.html APOTTI-TIETOJÄRJESTELMÄN yhteydet ovat tällä hetkellä poikki Vantaan kaupungin palveluissa. Sosiaali- ja terveystoimen henkilökunta ei pääse käsiksi potilastietoihin, koska he eivät pääse kirjautumaan järjestelmään.

New Checkm8 jailbreak released for all iOS devices running A5 to A11 chips

www.zdnet.com/article/new-checkm8-jailbreak-released-for-all-ios-devices-running-a5-to-a11-chips/#ftag=RSSbaffb68 A security researcher has released today a new jailbreak that impacts all iOS devices running on A5 to A11 chipsets — chips included in all Apple products released between 2011 and 2017. This includes iPhone models from 4S to 8 and X.

You might be interested in …

Daily NCSC-FI news followup 2020-03-23

Protecting health care www.kaspersky.com/blog/protecting-healthcare-organizations/34269/ Health-care facilities are struggling with the current coronavirus epidemic, so we must help them with cyberprotection. We are offering free six-month licenses for our core solutions. For the average, law-abiding person, the coronavirus COVID-19 is simply a health hazard. Unfortunately, some cybercriminals perceive the epidemic as an additional opportunity to launch […]

Read More

Daily NCSC-FI news followup 2019-11-09

Titanium: the Platinum group strikes again securelist.com/titanium-the-platinum-group-strikes-again/94961/ Platinum is one of the most technologically advanced APT actors with a traditional focus on the APAC region. During recent analysis we discovered Platinum using a new backdoor that we call Titanium (named after a password to one of the self-executable archives). Titanium is the final result of […]

Read More

Daily NCSC-FI news followup 2020-08-27

Confessions of an ID Theft Kingpin, Part II krebsonsecurity.com/2020/08/confessions-of-an-id-theft-kingpin-part-ii/ Yesterdays piece told the tale of Hieu Minh Ngo, a hacker the U.S. Secret Service described as someone who caused more material financial harm to more Americans than any other convicted cybercriminal. Ngo was recently deported back to his home country after serving more than seven […]

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.