Daily NCSC-FI news followup 2019-09-28

More SIM Cards Vulnerable to Simjacker Attack Than Previously Disclosed

thehackernews.com/2019/09/dynamic-sim-toolkit-vulnerability.html Remember the Simjacker vulnerability? Now, it turns out that the [email protected] Browser is not the only dynamic SIM toolkit that contains the Simjacker issue which can be exploited remotely from any part of the world without any authorizationregardless of which handsets or mobile operating systems victims are using.

Most malspam contains a malicious URL these days, not file attachments

www.zdnet.com/article/most-malspam-contains-a-malicious-url-these-days-not-file-attachments/ Most malicious email spam (malspam) sent in the first half of the year has contained links to malicious files, rather than file attachments, according to telemetry gathered by cyber-security firm Proofpoint.

Cyber-Attacks Hit Defense Contractors in Europe and North America

www.bleepingcomputer.com/news/security/cyber-attacks-hit-defense-contractors-in-europe-and-north-america/ Defense contractors Rheinmetall AG and Defence Construction Canada (DCC) were hit this month by cyber-attacks that impacted and disrupted their information technology systems.

Masad Stealer: Exfiltrating using Telegram

forums.juniper.net/t5/Threat-Research/Masad-Stealer-Exfiltrating-using-Telegram/ba-p/468559 Juniper Threat Labs discovered a new Trojan-delivered spyware that uses Telegram to exfiltrate stolen information. Using Telegram as a Command and Control (CnC) channel allows the malware some anonymity, as Telegram is a legitimate messaging application with 200 million monthly active users.

You might be interested in …

Daily NCSC-FI news followup 2020-11-18

Hackers are actively probing millions of WordPress sites www.bleepingcomputer.com/news/security/hackers-are-actively-probing-millions-of-wordpress-sites/ Unknown threat actors are scanning for WordPress websites with Epsilon Framework themes installed on over 150, 000 sites and vulnerable to Function Injection attacks that could lead to full site takeovers. Hacking group exploits ZeroLogon in automotive, industrial attack wave www.zdnet.com/article/cicada-hacking-group-exploits-zerologon-launches-new-backdoor-in-automotive-industry-attack-wave/ The active cyberattack is thought […]

Read More

Daily NCSC-FI news followup 2020-09-08

Microsoft September 2020 Patch Tuesday fixes 129 vulnerabilities www.zdnet.com/article/microsoft-september-2020-patch-tuesday-fixes-129-vulnerabilities/ Twenty critical remote code execution bugs have been patched this month, including in Windows and SharePoint enterprise servers. See also: isc.sans.edu/diary/rss/26544 Critical Adobe Flaws Allow Attackers to Run JavaScript in Browsers threatpost.com/critical-adobe-flaws-attackers-javascript-browsers/159026/ Adobe patched 11 bugs overall in its Experience Manager; five of those are rated […]

Read More

Daily NCSC-FI news followup 2021-01-09

Excelerating Analysis Tips and Tricks to Analyze Data with Microsoft Excel www.fireeye.com/blog/threat-research/2019/12/tips-and-tricks-to-analyze-data-with-microsoft-excel.html Incident response investigations dont always involve standard host-based artifacts with fully developed parsing and analysis tools. At FireEye Mandiant, we frequently encounter incidents that involve a number of systems and solutions that utilize custom logging or artifact data. Determining what happened in an […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.