Daily NCSC-FI news followup 2019-11-25

Livingston School District in New Jersey Hit With Ransomware

www.bleepingcomputer.com/news/security/livingston-school-district-in-new-jersey-hit-with-ransomware/ Students at the Livingston public school district in New Jersey are undoubtedly happy for a two hour delayed opening tomorrow. Unfortunately, this delay is not being caused by snow, but rather by a ransomware attack that the district is still recovering from.

Hidden Cam Above Bluetooth Pump Skimmer

krebsonsecurity.com/2019/11/hidden-cam-above-bluetooth-pump-skimmer/ Tiny hidden spy cameras are a common sight at ATMs that have been tampered with by crooks who specialize in retrofitting the machines with card skimmers. But until this past week Id never heard of hidden cameras being used at gas pumps in tandem with Bluetooth-based card skimming devices.

Patched GIF Processing Vulnerability CVE-2019-11932 Still Afflicts Multiple Mobile Apps

blog.trendmicro.com/trendlabs-security-intelligence/patched-gif-processing-vulnerability-cve-2019-11932-still-afflicts-multiple-mobile-apps/ CVE-2019-11932, which is a vulnerability in WhatsApp for Android, was first disclosed to the public on October 2, 2019 after a researcher named Awakened discovered that attackers could use maliciously crafted GIF files to allow remote code execution. The vulnerability was patched with version 2.19.244 of WhatsApp, but the underlying problem lies in the library called libpl_droidsonroids_gif.so, . which is part of the android-gif-drawable package. While this flaw has also been patched, many applications still use the older version and remain at risk.

Exploit code published for dangerous Apache Solr remote code execution flaw

www.zdnet.com/article/exploit-code-published-for-dangerous-apache-solr-remote-code-execution-flaw/ Confusion still surrounds a security bug that the Apache Solr team patched over the summer, which turns out it’s actually much more dangerous than anyone thought.

UN Secretary-General: US-China Tech Divide Could Cause More Havoc Than the Cold War

www.wired.com/story/un-secretary-general-antonio-guterres-internet-risks/ In an interview with WIRED editor in chief Nicholas Thompson, António Guterres says the world’s next major conflict will start in cyberspace.

Näin Venäjällä: pakollinen ohjelmistolataus tulossa kaikkiin puhelimiin ja tietokoneisiin

www.tekniikkatalous.fi/uutiset/nain-venajalla-pakollinen-ohjelmistolataus-tulossa-kaikkiin-puhelimiin-ja-tietokoneisiin/b61592a3-229a-421f-80ed-7101c44c28ed Venäjän parlamentin alahuone eli duuma on hyväksynyt lain, jonka mukaan kaikkiin puhelimiin, tietokoneisiin ja älytelevisioihin on tulevaisuudessa asennettava venäläinen ohjelmisto.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.