Daily NCSC-FI news followup 2019-12-03

An Update on Android TLS Adoption

security.googleblog.com/2019/12/an-update-on-android-tls-adoption.html Today, were happy to announce that 80% of Android apps are encrypting traffic by default. The percentage is even greater for apps targeting Android 9 and higher, with 90% of them encrypting traffic by default.

Critical Android Flaw Leads to Permanent DoS

threatpost.com/google-critical-android-permanent-dos-flaw/150764/ The December security update stomped out critical denial-of-service (DoS) and remote-code-execution (RCE) vulnerabilities in the Android operating system.

Smith & Wesson Web Site Hacked to Steal Customer Payment Info

www.bleepingcomputer.com/news/security/smith-and-wesson-web-site-hacked-to-steal-customer-payment-info/ American gun manufacturer Smith & Wesson’s online store has been compromised by attackers who have injected a malicious script that attempts to steal customer’s payment information.. This type of attack is called Magecart and is when hackers compromise a web site so that they can inject malicious JavaScript scripts into ecommerce or checkout pages. These scripts then steal payment information that is submitted by a customer by sending it to a remote site under the attacker’s control.

Ryuk Ransomware Is Making Victims Left and Right

www.bleepingcomputer.com/news/security/ryuk-ransomware-is-making-victims-left-and-right/ While doing some open-source intelligence (OSINT), a security researcher discovered that a provider of end-to-end solutions for emergency care facilities in the U.S. fell victim to Ryuk ransomware.. The company hit by the malware is T-System based in Dallas, Texas, and it is currently working to recover from the attack. At the moment of writing, company systems are offline.

Russian FaceApp selfie-slurper poses ‘potential counterintelligence threat’, FBI warns

www.theregister.co.uk/2019/12/03/fbi_faceapp_warning/ Netizens who fire up FaceApp for fun may be unknowingly putting national security at risk, according to the FBI.

Microsoft: Spear-phishing email has doubled in a year, so here’s how to beat it

www.zdnet.com/article/microsoft-spear-phishing-email-has-doubled-in-a-year-so-heres-how-to-beat-it/ Microsoft warns that advanced spear-phishing attacks have become so targeted that it refers to them internally as ‘laser’ phishing.

Avast and AVG Firefox Extensions Pulled from Mozilla Addons Site

www.bleepingcomputer.com/news/software/avast-and-avg-firefox-extensions-pulled-from-mozilla-addons-site/ Avast and AVG Firefox Extensions Pulled from Mozilla Addons Site

Microsoft OAuth Flaw Opens Azure Accounts to Takeover

threatpost.com/microsoft-oauth-flaw-azure-takeover/150737/ Some Microsoft applications are vulnerable to an authentication issue that could enable Azure account takeover.

When Stalkerware Stalks the Enterprise

securityintelligence.com/articles/when-stalkerware-stalks-the-enterprise/ Stalkerware apps can track ones location, record audio through the phones microphone, copy and transmit text messages, send call logs, record web browsing activity, record keystrokes and more and all of it can occur without the phone users knowledge.

Facebook Ads Manager Targeted by New Info-Stealing Trojan

www.bleepingcomputer.com/news/security/facebook-ads-manager-targeted-by-new-info-stealing-trojan/ Attackers are distributing an information-stealing Trojan disguised as a PDF reader that steals Facebook and Amazon session cookies as well as sensitive data from the Facebook Ads Manager.

AWS has new tool for those leaky S3 buckets so, yeah, you might need to reconfigure a few things

www.theregister.co.uk/2019/12/03/aws_s3_buckets/ “Access Analyzer for S3 is a new feature that monitors your access policies, ensuring that the policies provide only the intended access to your S3 resources,”. A new single-click option will block public access hopefully letting you avoid unauthorised use of the data before it is too late. The tool will also let you see which policy or ACL allows the access so that you know what to fix.

EFF warns of one-way mirror in the world of corporate online spying

www.zdnet.com/article/eff-warns-of-one-way-mirror-in-the-world-of-corporate-online-spying/ The Electronic Frontier Foundation (EFF) has published an extensive study into the hidden techniques and methods used by online service providers to collect and track our personal information and activities.

Excelerating Analysis Tips and Tricks to Analyze Data with Microsoft Excel


RSA-240 Factored

www.schneier.com/blog/archives/2019/12/rsa-240_factore.html We are pleased to announce the factorization of RSA-240, from RSA’s challenge list, and the computation of a discrete logarithm of the same size (795 bits)

You might be interested in …

Daily NCSC-FI news followup 2020-07-15

Mozilla Joins Apple, Google in Reducing TLS Certificate Lifespans – starting September 1, 2020 rootdaemon.com/2020/07/14/mozilla-joins-apple-google-in-reducing-tls-certificate-lifespans/ Currently, SSL/TLS certificates have a maximum lifespan of 825 days, but, in an attempt to ensure better protection of HTTPS connections, browser makers such as Apple, Google and Mozilla are looking into reducing that period to 398 days. The TLS […]

Read More

Daily NCSC-FI news followup 2020-11-24

TA416 Goes to Ground and Returns with a Golang PlugX Malware Loader www.proofpoint.com/us/blog/threat-insight/ta416-goes-ground-and-returns-golang-plugx-malware-loader Following the Chinese National Day holiday in September, Proofpoint researchers observed a resumption of activity by the APT actor TA416. Historic campaigns by this actor have also been publicly attributed to Mustang Panda and RedDelta. This new activity appears to be a […]

Read More

Daily NCSC-FI news followup 2019-11-07

Microsoft crams Office 365 docs into Edge-style sandboxes to thwart malware infections www.theregister.co.uk/2019/11/07/ignite_2019_security/ Your guide to some of the security enhancements announced this week. Office 365 will be getting additional security protections through Application Guard, the sandboxing tool Microsoft debuted with its Edge browser. The idea is that Application Guard will isolate documents, preventing malicious […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.