Daily NCSC-FI news followup 2019-12-15

(Lazy) Sunday Maldoc Analysis: A Bit More …

isc.sans.edu/forums/diary/Lazy+Sunday+Maldoc+Analysis+A+Bit+More/25608/ At the end of my diary entry “(Lazy) Sunday Maldoc Analysis”, I wrote that there was something unusal about this document. Let’s take a look at the content of the file and compare that with the file size.

Luulitko älylukon olevan turvallinen? Varoittava esimerkki panee miettimään

www.is.fi/digitoday/tietoturva/art-2000006342753.html Kännykällä ohjattava ja yksityisasunnoissa käytetty KeyWe Smart Lock – -niminen älylukko on haavoittuva, eikä sitä voi edes korjata jälkikäteen. Näin kertoo suomalainen tietoturvayhtiö F-Secure, joka perehtyi lukon toimintaan syvällisesti.

Chrome Will Automatically Scan Your Passwords Against Data Breaches

www.wired.com/story/chrome-79-password-check/ Google’s password checking feature has slowly been spreading across the Google ecosystem this past year. It started as the “Password Checkup” extension for desktop versions of Chrome, which would audit individual passwords when you entered them, and several months later it was integrated into every Google account as an on-demand audit you can run on all your saved passwords. Now, instead of a Chrome extension, Password Checkup is being integrated into the desktop and mobile versions of Chrome 79.

Shadow IT Is The Cybersecurity Threat That Keeps Giving All Year Long

www.forbes.com/sites/louiscolumbus/2019/12/15/shadow-it-is-the-cybersecurity-threat-that-keeps-giving-all-year-long/ More than 5,000 personal devices connect to enterprise networks every day with little or no endpoint security enabled in one of every three companies in the U.S., U.K., and Germany. More than 1,000 shadow IoT devices connect to enterprise networks every day in 30% of the U.S., U.K., and German companies. 12% of U.K. organizations are seeing more than 10,000 shadow IoT devices connect to their enterprise networks every day.

#hacking | The biggest tech threats to 2020 elections

nationalcybersecurity.com/hacking-the-biggest-tech-threats-to-2020-elections/ As our election system modernizes, securing our democratic process has become a chief concern for both U.S. legislators and voters. Just last month, the House passed the SHIELD Act, which is focused on securing our elections. But thats not going to be enough in an era when technology is turning out entirely new attack surfaces.

You might be interested in …

Daily NCSC-FI news followup 2021-01-23

Exclusive: SonicWall Hacked Using 0-Day Bugs In Its Own VPN Product thehackernews.com/2021/01/exclusive-sonicwall-hacked-using-0-day.html SonicWall, a popular internet security provider of firewall and VPN products, on late Friday disclosed that it fell victim to a coordinated attack on its internal systems. “Recently, SonicWall identified a coordinated attack on its internal systems by highly sophisticated threat actors exploiting […]

Read More

Daily NCSC-FI news followup 2020-06-16

T-Mobile confirms nationwide outage impacting millions of customers abc13.com/tmobile-outage-is-out-t-mobile-down/6248980/ T-Mobile customers are dealing with a nationwide outage of its voice and data network. The phone carrier’s president of technology, Neville Ray, confirmed the outage Monday afternoon. “Our engineers are working to resolve a voice and data issue that has been affecting customers around the country. […]

Read More

Daily NCSC-FI news followup 2019-08-21

Group-IBs new report on Silence: Damage from Silence APT operations increases fivefold. The gang deploys new tools on its worldwide tour www.group-ib.com/media/silence-attacks/ Group-IB, a Singapore-based cybersecurity company that specializes in preventing cyberattacks, has exposed the most recent campaigns carried out by Silence, a Russian-speaking APT group, in the new “Silence 2.0: Going Global” report. Group-IB […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.