Daily NCSC-FI news followup 2019-12-20

267 miljoonan Facebook-käyttäjän tiedot päätyivät nettiin – älä silti hätäile

www.is.fi/digitoday/tietoturva/art-2000006350462.html Vuoto ei kuitenkaan ole hälyttävin mahdollinen, vaikka koskeekin suurta määrää käyttäjiä. Tietueessa ei esimerkiksi ole salasanoja tai maksukortin tietoja. Lisäksi tiedot ovat enimmäkseen amerikkalaisilta käyttäjiltä.. Src:

www.comparitech.com/blog/information-security/267-million-phone-numbers-exposed-online/

Supo: 5g-verkkotoimijat arvioitava ja poliittinen keskustelu käytävä

www.is.fi/digitoday/tietoturva/art-2000006348909.html

Cisco ASA DoS Bug Attacked in Wild

blogs.cisco.com/security/talos/cisco-asa-dos-bug-attacked-in-wild Cisco Talos has recently noticed a sudden spike in exploitation attempts against a specific vulnerability. The attacker can use a specially crafted URL to cause the ASA appliance to reboot or disclose unauthenticated information.

Frankfurt city officials take down IT network to prevent Emotet to be used as a staging point to launch a ransomware attack.

www.zdnet.com/article/frankfurt-shuts-down-it-network-following-emotet-infection/ Frankfurt is the fourth German entity that shut down its IT network in the past two weeks because of Emotet.

Canadian Insurance Firm Hit By Maze Ransomware, Denies Data Theft

www.bleepingcomputer.com/news/security/canadian-insurance-firm-hit-by-maze-ransomware-denies-data-theft/ According to emails sent to BleepingComputer from the operators of the Maze Ransomware, Andrew Agencies was attacked on October 21st, 2019 when the attackers breached their network and encrypted 245 computers. Based on the encrypted sizes listed in this proof, the Maze Ransomware states they have encrypted a total of 63 terabytes of data.

Ransomware: The number of victims paying up is on the rise, and that’s bad news

www.zdnet.com/article/ransomware-the-number-of-victims-paying-up-is-on-the-rise-and-thats-bad-news/

Nexus Mods breached.

www.nexusmods.com/news/14178 Even though we were able to secure the endpoint as soon as we discovered the exploit, as a measure of security, we are informing all of you, as we cannot rule out that further access to other user data including email addresses, password hashes and password salts has taken place.. Also

www.bleepingcomputer.com/news/security/nexus-mods-game-modding-site-discloses-data-breach/

– From dropbox(updater) to NT AUTHORITY\SYSTEM

decoder.cloud/2019/12/18/from-dropboxupdater-to-nt-authoritysystem/ In this post Im going to show how to use the DropBoxUpdater service in order to get SYSTEM privileges starting from a simple Windows user.

Privilege Escalation Flaws Found in Preinstalled Acer, ASUS Software

www.securityweek.com/privilege-escalation-flaws-found-preinstalled-acer-asus-software The first bug impacts Acer Quick Access, an application that allows users to toggle wireless devices on or off, to modify power-off USB charge settings and network sharing options, and more.. The second flaw impacts ASUS ATK Package and can be exploited during the post-compromise phase of an attack, to achieve persistence and evade detection.

OpenSSL 1.0.2u released.

www.openssl.org/news/openssl-1.0.2-notes.html

DNSSEC still fueling DNS amplification attacks, TCP SYN flood attacks rise

www.helpnetsecurity.com/2019/12/19/dns-amplification-attacks-increase/ TCP SYN flood is not a new method, but findings indicate that techniques have grown in sophistication and have emerged as the third most used attack vector, behind DNS amplification and HTTP flood attacks.

You might be interested in …

Daily NCSC-FI news followup 2019-11-24

CNAME Cloaking, the dangerous disguise of third-party trackers medium.com/nextdns/cname-cloaking-the-dangerous-disguise-of-third-party-trackers-195205dc522a What has started to happen in the last few months in the world of third-party tracking is having a major impact on peoples privacy, and it all stayed pretty much under the radar. How to Avoid Black Friday Scams Online www.wired.com/story/how-to-avoid-black-friday-scams-online/ Black Friday attracts crowds, and […]

Read More

Daily NCSC-FI news followup 2019-09-11

Ryuk Related Malware Steals Confidential Military, Financial Files www.bleepingcomputer.com/news/security/ryuk-related-malware-steals-confidential-military-financial-files/ A new malware with strange associations to the Ryuk Ransomware has been discovered to look for and steal confidential financial, military, and law enforcement files. Microsoft to Improve Office 365 Phishing Email Notifications www.bleepingcomputer.com/news/security/microsoft-to-improve-office-365-phishing-email-notifications/ Microsoft is currently working on enhancing the notification system for quarantined malware […]

Read More

Daily NCSC-FI news followup 2019-06-10

Email attacks are on the rise www.itproportal.com/news/email-attacks-are-on-the-rise/ The number of organisations that use email security as part of their threat defences is actually shrinking, new figures from Cisco are showing. The Cisco 2019 Cybersecurity Series says that this year, 41 per cent of organisations have this type of security set up, down from 56 per […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.