Daily NCSC-FI news followup 2019-09-27

Some Voting Machines Still Have Decade-Old Vulnerabilities

www.wired.com/story/voting-village-results-hacking-decade-old-bugs/ The results of the 2019 Defcon Voting Village are inand they paint an ugly picture for voting machine security.. In three short years, the Defcon Voting Village has gone from a radical hacking project to a stalwart that surfaces voting machine security issues. This afternoon, its organizers released findings from this year’s eventincluding urgent vulnerabilities from a decade ago that still plague voting machines currently in use.

Onko sinulla äly-tv? Nämä kaikki tiedot se kerää sinusta

www.is.fi/digitoday/tietoturva/art-2000006247849.html Älytelevisiot tarkkailevat katsojaa ja lähettävät heistä tietoa moneen paikkaan. Asennusvaiheessa on syytä pitää silmä tarkkana.

Divergent: “Fileless” NodeJS Malware Burrows Deep Within the Host

blog.talosintelligence.com/2019/09/divergent-analysis.html Cisco Talos recently discovered a new malware loader being used to deliver and infect systems with a previously undocumented malware payload called “Divergent.”This threat uses NodeJS a program that executes JavaScript outside of a web browser as well as the legitimate open-source utility WinDivert to facilitate some of the functionality in the Divergent malware.

Here’s a phishing URL to give you nightmares https://www.reddit.com/r/sysadmin/comments/d9ndnf/heres_a_phishing_url_to_give_you_nightmares/ I got an alert about a user click on a phishing email. Took a look at the alert and the URI originally looked legit – adobe.com, no problem. I tested the URI string from Adobe, and sure enough you can put anything after &p1= and adobe will redirect you.. See also:

www.bleepingcomputer.com/news/security/adobe-and-google-open-redirects-abused-by-phishing-campaigns/

Kaivinkone katkaisi tietoliikennekaapelin Vantaalla, Apotti-tietojärjestelmän verkkoyhteydet poikki

www.hs.fi/kaupunki/art-2000006252723.html APOTTI-TIETOJÄRJESTELMÄN yhteydet ovat tällä hetkellä poikki Vantaan kaupungin palveluissa. Sosiaali- ja terveystoimen henkilökunta ei pääse käsiksi potilastietoihin, koska he eivät pääse kirjautumaan järjestelmään.

New Checkm8 jailbreak released for all iOS devices running A5 to A11 chips

www.zdnet.com/article/new-checkm8-jailbreak-released-for-all-ios-devices-running-a5-to-a11-chips/#ftag=RSSbaffb68 A security researcher has released today a new jailbreak that impacts all iOS devices running on A5 to A11 chipsets — chips included in all Apple products released between 2011 and 2017. This includes iPhone models from 4S to 8 and X.

You might be interested in …

Daily NCSC-FI news followup 2020-12-02

Using Speakeasy Emulation Framework Programmatically to Unpack Malware www.fireeye.com/blog/threat-research/2020/12/using-speakeasy-emulation-framework-programmatically-to-unpack-malware.html Andrew Davis recently announced the public release of his new Windows emulation framework named Speakeasy. While the introductory blog post focused on using Speakeasy as an automated malware sandbox of sorts, this entry will highlight another powerful use of the framework: automated malware unpacking. I will […]

Read More

Daily NCSC-FI news followup 2020-02-20

U.S. agency responsible for Trump’s secure communication suffered data breach: letter www.reuters.com/article/us-usa-defense-breach/u-s-agency-responsible-for-trumps-secure-communication-suffered-data-breach-letter-idUSKBN20E27A The letter, dated Feb. 11, 2020, says that between May and July 2019, personal data may have been compromised in a data breach on a system hosted by the Defense Information Systems Agency.. The agency says it provides direct telecommunications and IT support […]

Read More

Daily NCSC-FI news followup 2020-09-10

Viranomainen varoittaa huijausviestistä – varo tätä sähköpostia www.is.fi/digitoday/tietoturva/art-2000006630773.html Apple ID -tunnusten kalastelu on nyt aktiivista. Huijauksen mukaan vastaanottajan Apple ID:tä olisi käytetty luvattomasti muualla Applen iCloud-palveluun kirjautumiseksi. Tämän väitetään tapahtuneen Moskovasta käsin. Mukana on keinotekoinen ip-osoite sekä päivämäärä ja kellonaika. Ne saattavat vaihdella viestistä toiseen. Katso myös meidän twiitti: https://twitter.com/CERTFI/status/1303604786361774080 Ransomware accounted for 41% of […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.