Daily NCSC-FI news followup 2019-10-20

Equifax used ‘admin’ as username and password for sensitive data

finance.yahoo.com/news/equifax-password-username-admin-lawsuit-201118316.html

The Pixel 4s face unlock works on sleeping, unconscious people

arstechnica.com/gadgets/2019/10/the-pixel-4s-face-unlock-works-on-sleeping-unconscious-people/

NordVPN is investigating a potential certificate leak. Unconfirmed as of now. https://twitter.com/NordVPN/status/1185979592374398976 See also https://twitter.com/cryptostorm_is/status/1185976222364438528

You might be interested in …

Daily NCSC-FI news followup 2020-03-24

Fortinet Security Researcher Discovers Multiple Critical Vulnerabilities in Adobe Photoshop www.fortinet.com/blog/threat-research/fortinet-security-researcher-discovers-multiple-critical-vulnerabilities-in-adobe-photoshop.html This past January, I discovered and reported multiple critical zero-day vulnerabilities in Adobe Photoshop CC 2020. This past Tuesday (Mar 17, 2020), Adobe released several out-of-band security patches that addressed those vulnerabilities. They are identified as CVE-2020-3783, CVE-2020-3784, CVE-2020-3785, CVE-2020-3786, CVE-2020-3787, CVE-2020-3788 and CVE-2020-3789. […]

Read More

Daily NCSC-FI news followup 2020-08-26

Reverse Engineering and observing an IoT botnet www.gdatasoftware.com/blog/2020/08/36243-reverse-engineering-and-observing-an-iot-botnet IoT devices are everywhere around us and some of them are not up to date with todays security standard. A single light bulb exposed to the internet can offer an attacker a variety of possibilities to attack companies or households. The possibilities are endless. If we think […]

Read More

Daily NCSC-FI news followup 2020-08-12

Annatko selaimen tallentaa salasanasi? Haittaohjelman uusi versio voi varastaa ne salaa www.is.fi/digitoday/tietoturva/art-2000006598720.html Salasanoja vohkiva Agent Tesla muuttui entistäkin pahemmaksi uhkaksi. Samalla se osoittaa, miten kätevyys voi kostautua salasanojen säilytyksessä.. Selain kysyy verkkopalveluun kirjautuessa, tallennetaanko salasana jatkoa varten. Kovin usein tulee painettua kyllä, jotta seuraavalla kerralla olisi helpompi päästä sisään. Tämä kuitenkin synnyttää rikollisille houkuttelevan varannon […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.