Daily NCSC-FI news followup 2019-12-03

An Update on Android TLS Adoption

security.googleblog.com/2019/12/an-update-on-android-tls-adoption.html Today, were happy to announce that 80% of Android apps are encrypting traffic by default. The percentage is even greater for apps targeting Android 9 and higher, with 90% of them encrypting traffic by default.

Critical Android Flaw Leads to Permanent DoS

threatpost.com/google-critical-android-permanent-dos-flaw/150764/ The December security update stomped out critical denial-of-service (DoS) and remote-code-execution (RCE) vulnerabilities in the Android operating system.

Smith & Wesson Web Site Hacked to Steal Customer Payment Info

www.bleepingcomputer.com/news/security/smith-and-wesson-web-site-hacked-to-steal-customer-payment-info/ American gun manufacturer Smith & Wesson’s online store has been compromised by attackers who have injected a malicious script that attempts to steal customer’s payment information.. This type of attack is called Magecart and is when hackers compromise a web site so that they can inject malicious JavaScript scripts into ecommerce or checkout pages. These scripts then steal payment information that is submitted by a customer by sending it to a remote site under the attacker’s control.

Ryuk Ransomware Is Making Victims Left and Right

www.bleepingcomputer.com/news/security/ryuk-ransomware-is-making-victims-left-and-right/ While doing some open-source intelligence (OSINT), a security researcher discovered that a provider of end-to-end solutions for emergency care facilities in the U.S. fell victim to Ryuk ransomware.. The company hit by the malware is T-System based in Dallas, Texas, and it is currently working to recover from the attack. At the moment of writing, company systems are offline.

Russian FaceApp selfie-slurper poses ‘potential counterintelligence threat’, FBI warns

www.theregister.co.uk/2019/12/03/fbi_faceapp_warning/ Netizens who fire up FaceApp for fun may be unknowingly putting national security at risk, according to the FBI.

Microsoft: Spear-phishing email has doubled in a year, so here’s how to beat it

www.zdnet.com/article/microsoft-spear-phishing-email-has-doubled-in-a-year-so-heres-how-to-beat-it/ Microsoft warns that advanced spear-phishing attacks have become so targeted that it refers to them internally as ‘laser’ phishing.

Avast and AVG Firefox Extensions Pulled from Mozilla Addons Site

www.bleepingcomputer.com/news/software/avast-and-avg-firefox-extensions-pulled-from-mozilla-addons-site/ Avast and AVG Firefox Extensions Pulled from Mozilla Addons Site

Microsoft OAuth Flaw Opens Azure Accounts to Takeover

threatpost.com/microsoft-oauth-flaw-azure-takeover/150737/ Some Microsoft applications are vulnerable to an authentication issue that could enable Azure account takeover.

When Stalkerware Stalks the Enterprise

securityintelligence.com/articles/when-stalkerware-stalks-the-enterprise/ Stalkerware apps can track ones location, record audio through the phones microphone, copy and transmit text messages, send call logs, record web browsing activity, record keystrokes and more and all of it can occur without the phone users knowledge.

Facebook Ads Manager Targeted by New Info-Stealing Trojan

www.bleepingcomputer.com/news/security/facebook-ads-manager-targeted-by-new-info-stealing-trojan/ Attackers are distributing an information-stealing Trojan disguised as a PDF reader that steals Facebook and Amazon session cookies as well as sensitive data from the Facebook Ads Manager.

AWS has new tool for those leaky S3 buckets so, yeah, you might need to reconfigure a few things

www.theregister.co.uk/2019/12/03/aws_s3_buckets/ “Access Analyzer for S3 is a new feature that monitors your access policies, ensuring that the policies provide only the intended access to your S3 resources,”. A new single-click option will block public access hopefully letting you avoid unauthorised use of the data before it is too late. The tool will also let you see which policy or ACL allows the access so that you know what to fix.

EFF warns of one-way mirror in the world of corporate online spying

www.zdnet.com/article/eff-warns-of-one-way-mirror-in-the-world-of-corporate-online-spying/ The Electronic Frontier Foundation (EFF) has published an extensive study into the hidden techniques and methods used by online service providers to collect and track our personal information and activities.

Excelerating Analysis Tips and Tricks to Analyze Data with Microsoft Excel


RSA-240 Factored

www.schneier.com/blog/archives/2019/12/rsa-240_factore.html We are pleased to announce the factorization of RSA-240, from RSA’s challenge list, and the computation of a discrete logarithm of the same size (795 bits)

You might be interested in …

Daily NCSC-FI news followup 2021-07-22

Akamai DNS global outage takes down major websites, online services www.bleepingcomputer.com/news/security/akamai-dns-global-outage-takes-down-major-websites-online-services/ Akamai is investigating an ongoing outage affecting many major websites and online services, including Steam, the PlayStation Network, Newegg, Cloudflare, AWS, Amazon, Google, and Salesforce. Root cause – Akamai Edge DNS was down: edgedns.status.akamai.com/incidents/n5zl6dythvfv Researchers Hid Malware Inside an AI’s ‘Neurons’ And It Worked […]

Read More

Daily NCSC-FI news followup 2021-09-19

An American Company Fears Its Windows Hacks Helped India Spy On China And Pakistan www.forbes.com/sites/thomasbrewster/2021/09/17/exodus-american-tech-helped-india-spy-on-china/ A U.S. company’s tech was abused by the Indian government, amidst warnings Americans are contributing to a spyware industry already under fire for being out of control. Earlier this year, researchers at Russian cybersecurity firm Kaspersky witnessed a cyberespionage campaign […]

Read More

[NCSC-FI News] Onko Venäjä irrottautumassa internetistä? Viestintä aiheutti hämmennystä

Verkossa on sunnuntaina ja maanantaina levinnyt huhu, jonka mukaan Venäjä valmistautuisi irrottamaan maan verkot internetistä perjantaina. Tämä tieto saattaa kuitenkin olla väärintulkinta Venäläisen talouslehti Kommersantin mukaan kyse olisi pikemminkin siitä, että maan virastot olisi ohjeistettu siirtämään kaikki julkishallinnon sivut venäläisten palveluntarjoajien hoteisiin ja vahvistamaan nimipalvelinten toimintaa. Source: Read More (NCSC-FI daily news followup)

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.