Daily NCSC-FI news followup 2019-12-15

(Lazy) Sunday Maldoc Analysis: A Bit More …

isc.sans.edu/forums/diary/Lazy+Sunday+Maldoc+Analysis+A+Bit+More/25608/ At the end of my diary entry “(Lazy) Sunday Maldoc Analysis”, I wrote that there was something unusal about this document. Let’s take a look at the content of the file and compare that with the file size.

Luulitko älylukon olevan turvallinen? Varoittava esimerkki panee miettimään

www.is.fi/digitoday/tietoturva/art-2000006342753.html Kännykällä ohjattava ja yksityisasunnoissa käytetty KeyWe Smart Lock – -niminen älylukko on haavoittuva, eikä sitä voi edes korjata jälkikäteen. Näin kertoo suomalainen tietoturvayhtiö F-Secure, joka perehtyi lukon toimintaan syvällisesti.

Chrome Will Automatically Scan Your Passwords Against Data Breaches

www.wired.com/story/chrome-79-password-check/ Google’s password checking feature has slowly been spreading across the Google ecosystem this past year. It started as the “Password Checkup” extension for desktop versions of Chrome, which would audit individual passwords when you entered them, and several months later it was integrated into every Google account as an on-demand audit you can run on all your saved passwords. Now, instead of a Chrome extension, Password Checkup is being integrated into the desktop and mobile versions of Chrome 79.

Shadow IT Is The Cybersecurity Threat That Keeps Giving All Year Long

www.forbes.com/sites/louiscolumbus/2019/12/15/shadow-it-is-the-cybersecurity-threat-that-keeps-giving-all-year-long/ More than 5,000 personal devices connect to enterprise networks every day with little or no endpoint security enabled in one of every three companies in the U.S., U.K., and Germany. More than 1,000 shadow IoT devices connect to enterprise networks every day in 30% of the U.S., U.K., and German companies. 12% of U.K. organizations are seeing more than 10,000 shadow IoT devices connect to their enterprise networks every day.

#hacking | The biggest tech threats to 2020 elections

nationalcybersecurity.com/hacking-the-biggest-tech-threats-to-2020-elections/ As our election system modernizes, securing our democratic process has become a chief concern for both U.S. legislators and voters. Just last month, the House passed the SHIELD Act, which is focused on securing our elections. But thats not going to be enough in an era when technology is turning out entirely new attack surfaces.

You might be interested in …

Daily NCSC-FI news followup 2020-08-19

A New Fileless P2P Botnet Malware Targeting SSH Servers Worldwide thehackernews.com/2020/08/p2p-botnet-malware.html Cybersecurity researchers today took the wraps off a sophisticated, multi-functional peer-to-peer (P2P) botnet written in Golang that has been actively targeting SSH servers since January 2020.. Called “FritzFrog,” the modular, multi-threaded and file-less botnet has breached more than 500 servers to date, infecting well-known […]

Read More

Daily NCSC-FI news followup 2021-07-27

Microsoft Teams now automatically blocks phishing attempts www.bleepingcomputer.com/news/security/microsoft-teams-now-automatically-blocks-phishing-attempts/ Microsoft has extended Defender for Office 365 Safe Links protection to Microsoft Teams to safeguard users from malicious URL-based phishing attacks.. This added protection couldn’t have come at a better time, seeing that, based on Microsoft’s stats, the Microsoft Teams userbase has exploded over the last 18 […]

Read More

Daily NCSC-FI news followup 2020-02-24

Operation DRBControl www.trendmicro.com/vinfo/us/security/news/cyber-attacks/operation-drbcontrol-uncovering-a-cyberespionage-campaign-targeting-gambling-companies-in-southeast-asia Uncovering a Cyberespionage Campaign Targeting Gambling Companies in Southeast Asia. The DRBControl campaign attacks its targets using a variety of malware and techniques that coincide with those used in other known cyberespionage campaigns. EU Commission to staff: Switch to Signal messaging app www.politico.eu/pro/eu-commission-to-staff-switch-to-signal-messaging-app/ The European Commission has told its staff to start […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.