Daily NCSC-FI news followup 2019-11-25

Livingston School District in New Jersey Hit With Ransomware

www.bleepingcomputer.com/news/security/livingston-school-district-in-new-jersey-hit-with-ransomware/ Students at the Livingston public school district in New Jersey are undoubtedly happy for a two hour delayed opening tomorrow. Unfortunately, this delay is not being caused by snow, but rather by a ransomware attack that the district is still recovering from.

Hidden Cam Above Bluetooth Pump Skimmer

krebsonsecurity.com/2019/11/hidden-cam-above-bluetooth-pump-skimmer/ Tiny hidden spy cameras are a common sight at ATMs that have been tampered with by crooks who specialize in retrofitting the machines with card skimmers. But until this past week Id never heard of hidden cameras being used at gas pumps in tandem with Bluetooth-based card skimming devices.

Patched GIF Processing Vulnerability CVE-2019-11932 Still Afflicts Multiple Mobile Apps

blog.trendmicro.com/trendlabs-security-intelligence/patched-gif-processing-vulnerability-cve-2019-11932-still-afflicts-multiple-mobile-apps/ CVE-2019-11932, which is a vulnerability in WhatsApp for Android, was first disclosed to the public on October 2, 2019 after a researcher named Awakened discovered that attackers could use maliciously crafted GIF files to allow remote code execution. The vulnerability was patched with version 2.19.244 of WhatsApp, but the underlying problem lies in the library called libpl_droidsonroids_gif.so, . which is part of the android-gif-drawable package. While this flaw has also been patched, many applications still use the older version and remain at risk.

Exploit code published for dangerous Apache Solr remote code execution flaw

www.zdnet.com/article/exploit-code-published-for-dangerous-apache-solr-remote-code-execution-flaw/ Confusion still surrounds a security bug that the Apache Solr team patched over the summer, which turns out it’s actually much more dangerous than anyone thought.

UN Secretary-General: US-China Tech Divide Could Cause More Havoc Than the Cold War

www.wired.com/story/un-secretary-general-antonio-guterres-internet-risks/ In an interview with WIRED editor in chief Nicholas Thompson, António Guterres says the world’s next major conflict will start in cyberspace.

Näin Venäjällä: pakollinen ohjelmistolataus tulossa kaikkiin puhelimiin ja tietokoneisiin

www.tekniikkatalous.fi/uutiset/nain-venajalla-pakollinen-ohjelmistolataus-tulossa-kaikkiin-puhelimiin-ja-tietokoneisiin/b61592a3-229a-421f-80ed-7101c44c28ed Venäjän parlamentin alahuone eli duuma on hyväksynyt lain, jonka mukaan kaikkiin puhelimiin, tietokoneisiin ja älytelevisioihin on tulevaisuudessa asennettava venäläinen ohjelmisto.

You might be interested in …

Daily NCSC-FI news followup 2019-08-01

Ransomware: Cyberattack forces Houston County schools to postpone opening day www.scmagazine.com/home/security-news/malware/cyberattack-forces-houston-county-schools-to-postpone-opening-day/ Ransomware: Syracuse, NY and Watertown, NY City School Districts have been targeted in a ransomware attack spectrumlocalnews.com/nys/watertown/news/2019/07/30/watertown-the-latest-school-system-targeted-by-cyber-attack Ransomware: Steps to Safeguard Against Ransomware Attacks www.us-cert.gov/ncas/current-activity/2019/07/30/steps-safeguard-against-ransomware-attacks 1. Back up systems – now (and daily). Store one copy offline.. 2. Reinforce basic cybersecurity awareness and education. […]

Read More

Daily NCSC-FI news followup 2020-08-17

Hackers Stole 1 Terabyte Of Data From Billion-Dollar U.S. Liquor Maker www.forbes.com/sites/leemathews/2020/08/17/brown-forman-hacked-1tb-data-stolen/ The REvil ransomware gang has struck again. This time the victim is Brown-Forman, the 150-year-old Kentucky-based company behind such brands as Jack Daniels, Finlandia vodka and Korbel champagne.. see also www.bleepingcomputer.com/news/security/us-spirits-and-wine-giant-hit-by-cyberattack-1tb-of-data-stolen/ Tea at the Ritz soured by credit card scammers www.bbc.co.uk/news/technology-53793922 Diners at […]

Read More

Daily NCSC-FI news followup 2021-03-15

Welcome to the era of the mega-hack www.zdnet.com/article/welcome-to-the-era-of-the-mega-hack/ We’re now living in the era of the mega-hack. More than ever, software flaws are being seized on by sophisticated hackers who take these bugs – – and use them to create attacks that compromise the computer systems of thousands of organisations, all at once. Right now, […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.