Daily NCSC-FI news followup 2019-11-24

CNAME Cloaking, the dangerous disguise of third-party trackers

medium.com/nextdns/cname-cloaking-the-dangerous-disguise-of-third-party-trackers-195205dc522a What has started to happen in the last few months in the world of third-party tracking is having a major impact on peoples privacy, and it all stayed pretty much under the radar.

How to Avoid Black Friday Scams Online

www.wired.com/story/how-to-avoid-black-friday-scams-online/ Black Friday attracts crowds, and crowds attract scammers, and that means you need to take extra care when shopping online over the Black Friday and Cyber Monday weekend. There’ll be people out there keen to relieve you of more money than you’ll save on a TV set or a gaming console.

Local Malware Analysis with Malice

isc.sans.edu/forums/diary/Local+Malware+Analysis+with+Malice/25544/ This project (Malice) provides the ability to have your own locally managed multi-engine malware scanning system. The framework allows the owner to analyze files for known malware. It can be used both as a command tool to analyze samples and review the results via a Kibana web interface. The Command-Line Interface (CLI) is used to scan a file or directory or can be setup to watch and scan new files

Utilities Targeted in Cyberattacks Identified

www.wsj.com/articles/utilities-targeted-in-cyberattacks-identified-11574611200

You might be interested in …

Daily NCSC-FI news followup 2019-11-09

Titanium: the Platinum group strikes again securelist.com/titanium-the-platinum-group-strikes-again/94961/ Platinum is one of the most technologically advanced APT actors with a traditional focus on the APAC region. During recent analysis we discovered Platinum using a new backdoor that we call Titanium (named after a password to one of the self-executable archives). Titanium is the final result of […]

Read More

Daily NCSC-FI news followup 2021-02-24

Haavoittuvuuksia VMwaren tuotteissa – päivitä heti www.kyberturvallisuuskeskus.fi/fi/haavoittuvuuksia-vmwaren-tuotteissa-paivita-heti VMware julkaisi päivityksiä, jotka tulisi asentaa välittömästi. Haavoittuvuudet mahdollistavat esimerkiksi etänä suoritettavat komennot sekä mielivaltaisen ohjelmakoodin suorittamisen. Kriittinen haavoittuvuus CVE-2021-21972 koskee VMware vCenter Server – -hallinta-alustaa, joka mahdollistaa etänä suoritettavien komentojen suorittamisen. Julkaistu vakava haavoittuvuus CVE-2021-21974 koskee ESXi OpenSLP -puskurin ylivuotoa. Google funds Linux maintainers to boost Linux […]

Read More

Daily NCSC-FI news followup 2021-02-23

Cyber Criminals Exploit Accellion FTA for Data Theft and Extortion www.fireeye.com/blog/threat-research/2021/02/accellion-fta-exploited-for-data-theft-and-extortion.html “”. Starting in mid-December 2020, malicious actors that Mandiant tracks as UNC2546 exploited multiple zero-day vulnerabilities in Accellion’s legacy File Transfer Appliance (FTA) to install a newly discovered web shell named DEWMODE. The motivation of UNC2546 was not immediately apparent, but starting in late […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.