Daily NCSC-FI news followup 2019-12-03

An Update on Android TLS Adoption

security.googleblog.com/2019/12/an-update-on-android-tls-adoption.html Today, were happy to announce that 80% of Android apps are encrypting traffic by default. The percentage is even greater for apps targeting Android 9 and higher, with 90% of them encrypting traffic by default.

Critical Android Flaw Leads to Permanent DoS

threatpost.com/google-critical-android-permanent-dos-flaw/150764/ The December security update stomped out critical denial-of-service (DoS) and remote-code-execution (RCE) vulnerabilities in the Android operating system.

Smith & Wesson Web Site Hacked to Steal Customer Payment Info

www.bleepingcomputer.com/news/security/smith-and-wesson-web-site-hacked-to-steal-customer-payment-info/ American gun manufacturer Smith & Wesson’s online store has been compromised by attackers who have injected a malicious script that attempts to steal customer’s payment information.. This type of attack is called Magecart and is when hackers compromise a web site so that they can inject malicious JavaScript scripts into ecommerce or checkout pages. These scripts then steal payment information that is submitted by a customer by sending it to a remote site under the attacker’s control.

Ryuk Ransomware Is Making Victims Left and Right

www.bleepingcomputer.com/news/security/ryuk-ransomware-is-making-victims-left-and-right/ While doing some open-source intelligence (OSINT), a security researcher discovered that a provider of end-to-end solutions for emergency care facilities in the U.S. fell victim to Ryuk ransomware.. The company hit by the malware is T-System based in Dallas, Texas, and it is currently working to recover from the attack. At the moment of writing, company systems are offline.

Russian FaceApp selfie-slurper poses ‘potential counterintelligence threat’, FBI warns

www.theregister.co.uk/2019/12/03/fbi_faceapp_warning/ Netizens who fire up FaceApp for fun may be unknowingly putting national security at risk, according to the FBI.

Microsoft: Spear-phishing email has doubled in a year, so here’s how to beat it

www.zdnet.com/article/microsoft-spear-phishing-email-has-doubled-in-a-year-so-heres-how-to-beat-it/ Microsoft warns that advanced spear-phishing attacks have become so targeted that it refers to them internally as ‘laser’ phishing.

Avast and AVG Firefox Extensions Pulled from Mozilla Addons Site

www.bleepingcomputer.com/news/software/avast-and-avg-firefox-extensions-pulled-from-mozilla-addons-site/ Avast and AVG Firefox Extensions Pulled from Mozilla Addons Site

Microsoft OAuth Flaw Opens Azure Accounts to Takeover

threatpost.com/microsoft-oauth-flaw-azure-takeover/150737/ Some Microsoft applications are vulnerable to an authentication issue that could enable Azure account takeover.

When Stalkerware Stalks the Enterprise

securityintelligence.com/articles/when-stalkerware-stalks-the-enterprise/ Stalkerware apps can track ones location, record audio through the phones microphone, copy and transmit text messages, send call logs, record web browsing activity, record keystrokes and more and all of it can occur without the phone users knowledge.

Facebook Ads Manager Targeted by New Info-Stealing Trojan

www.bleepingcomputer.com/news/security/facebook-ads-manager-targeted-by-new-info-stealing-trojan/ Attackers are distributing an information-stealing Trojan disguised as a PDF reader that steals Facebook and Amazon session cookies as well as sensitive data from the Facebook Ads Manager.

AWS has new tool for those leaky S3 buckets so, yeah, you might need to reconfigure a few things

www.theregister.co.uk/2019/12/03/aws_s3_buckets/ “Access Analyzer for S3 is a new feature that monitors your access policies, ensuring that the policies provide only the intended access to your S3 resources,”. A new single-click option will block public access hopefully letting you avoid unauthorised use of the data before it is too late. The tool will also let you see which policy or ACL allows the access so that you know what to fix.

EFF warns of one-way mirror in the world of corporate online spying

www.zdnet.com/article/eff-warns-of-one-way-mirror-in-the-world-of-corporate-online-spying/ The Electronic Frontier Foundation (EFF) has published an extensive study into the hidden techniques and methods used by online service providers to collect and track our personal information and activities.

Excelerating Analysis Tips and Tricks to Analyze Data with Microsoft Excel


RSA-240 Factored

www.schneier.com/blog/archives/2019/12/rsa-240_factore.html We are pleased to announce the factorization of RSA-240, from RSA’s challenge list, and the computation of a discrete logarithm of the same size (795 bits)

You might be interested in …

Daily NCSC-FI news followup 2020-12-04

KUTSU TRAFICOMIN KYBERTURVALLISUUSKESKUKSEN MEDIAWEBINAARIIN: ONKO KODIN ÄLYLAITE AVOIN OVI HAKKERILLE? www.epressi.com/tiedotteet/teknologia/kutsu-traficomin-kyberturvallisuuskeskuksen-mediawebinaariin-onko-kodin-alylaite-avoin-ovi-hakkerille.html Verkossa olevat älylaitteet voivat olla kanava koteihin suuntautuviin tietoturvahyökkäyksiin. Siksi tuotteiden valmistajien ja markkinoijien täytyy varmistaa laitteidensa tietoturvataso. Miten vuosi sitten Liikenne- ja viestintävirasto Traficomin julkistama Tietoturvamerkki on otettu vastaan yrityksissä? Miten se auttaa kuluttajia löytämään tietoturvallisen älylaitteen?. Ilmoittaudu mediawebinaariimme viimeistään ti 8.12. klo […]

Read More

Daily NCSC-FI news followup 2020-05-30

List of well-known web sites that port scan their visitors www.bleepingcomputer.com/news/security/list-of-well-known-web-sites-that-port-scan-their-visitors/ Last weekend, news heavily circulated that eBay.com was port scanning visitors’ computers when they browsed their site. To see what other sites may be using this script, BleepingComputer reached out to DomainTools, a cybersecurity company specializing in web domain and DNS threat intelligence. Of […]

Read More

Daily NCSC-FI news followup 2020-12-10

Ransomware forces hosting provider Netgain to take down data centers www.bleepingcomputer.com/news/security/ransomware-forces-hosting-provider-netgain-to-take-down-data-centers/ Netgain offers hosting and cloud IT solutions, including managed IT services and desktop-as-a-service environments, to companies in the healthcare and accounting industry.. According to [a customer], thousands of Netgain servers were affected by the ransomware attack, and that Netgain is working around the clock […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.