Daily NCSC-FI news followup 2019-11-30

How is NordVPN unblocking Disney+? It might be through YOUR own computer. Even if youve never used Disney+ or NordVPN.

medium.com/@derek./how-is-nordvpn-unblocking-disney-6c51045dbc30

New Chrome Password Stealer Sends Stolen Data to a MongoDB Database

www.bleepingcomputer.com/news/security/new-chrome-password-stealer-sends-stolen-data-to-a-mongodb-database/ A new trojan has been discovered that attempts to steal passwords stored in the Google Chrome browser. While this is nothing unique, what stands out is that the malware uses a remote MongoDB database to store the stolen passwords.

iOS apps could really benefit from the newly proposed Security.plist standard

www.zdnet.com/article/ios-apps-could-really-benefit-from-the-newly-proposed-security-plist-standard/ The idea is simple. App makers would create a property list file (plist) named security.plist that they would embed inside the root of their iOS apps.. The file would contain all the basic contact details for reporting a security flaw to the app’s creator. Security researchers analyzing an app would have an easy way to get in contact with the app’s creators.

You might be interested in …

Daily NCSC-FI news followup 2019-08-23

Fortinet SSL VPN vulnerability from May 2019 being exploited in wild opensecurity.global/forums/topic/181-fortinet-ssl-vpn-vulnerability-from-may-2019-being-exploited-in-wild/ CVE-2018-13379 is being exploited in the wild on Fortigate SSL VPN firewalls. These exist as a perimeter security control, so it’s a bad vulnerability.. Also: https://twitter.com/GossiTheDog/status/1164536461665996800. Original security advisory (2019-05-24) fortiguard.com/psirt/FG-IR-18-384 Cisco Warns of Public Exploit Code for Critical Switch Flaws www.bleepingcomputer.com/news/security/cisco-warns-of-public-exploit-code-for-critical-switch-flaws/ Cisco […]

Read More

Daily NCSC-FI news followup 2020-09-11

New cyberattacks targeting U.S. elections blogs.microsoft.com/on-the-issues/2020/09/10/cyberattacks-us-elections-trump-biden/ In recent weeks, Microsoft has detected cyberattacks targeting people and organizations involved in the upcoming presidential election, including unsuccessful attacks on people associated with both the Trump and Biden campaigns, as detailed below.. Strontium, operating from Russia, has attacked more than 200 organizations including political campaigns, advocacy groups, parties […]

Read More

Daily NCSC-FI news followup 2020-07-22

Verkkohyökkäys lukitsi autotarvikeliikkeen kassat, salasi tiedot ja sulki ovet Tiedätkö miten varautua, sillä voit olla rikollisen seuraava kohde? yle.fi/uutiset/3-11456333 Kyberturvallisuuskeskus kehottaa varautumaan verkkoiskuun, jotta toimintaa pystyisi jatkamaan mahdollisimman pian. Yrittäjä Raimo Tunkkaria odotti heinäkuisena aamuna ikävä yllätys. Keminmaassa toimivan autotarvike- ja korjaamoyrityksen tietokoneruudulla oli viesti, jossa hakkerit kertoivat lukinneensa yrityksen tiedot. Varaosa Paakkarin asiakas- ja […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.