Daily NCSC-FI news followup 2019-12-24

Google Chrome impacted by new Magellan 2.0 vulnerabilities

www.zdnet.com/article/google-chrome-impacted-by-new-magellan-2-0-vulnerabilities/ A new set of SQLite vulnerabilities can allow attackers to remotely run malicious code inside Google Chrome, the world’s most popular web browser.. All apps that use an SQLite database to store data are vulnerable, although, the vector for “remote attacks over the internet” is

How to secure your digital Christmas presents

www.welivesecurity.com/2019/12/23/how-secure-digital-christmas-presents/ Whether its a smartphone, laptop or, say, an Internet-of-Things (IoT) gadget, theres a number of things you should consider even before you begin to use your new device.

A Twitter app bug was used to match 17 million phone numbers to user accounts

techcrunch.com/2019/12/24/twitter-android-bug-phone-numbers/ He said Twitters contact upload feature doesnt accept lists of phone numbers in sequential format likely as a way to prevent this kind of matching. Instead, he generated more than two billion phone numbers, one after the other, then randomized the numbers, and uploaded them to Twitter through the Android app.

Cyber attack forces airline to cancel flights in Alaska

techxplore.com/news/2019-12-cyber-ravnair-cancel-flights-alaska.html RavnAir canceled at least a half-dozen flights in Alaska on Saturdayat the peak of holiday travelfollowing what the company described as “a malicious cyber attack” on its computer network.

Looking into Attacks and Techniques Used Against WordPress Sites

blog.trendmicro.com/trendlabs-security-intelligence/looking-into-attacks-and-techniques-used-against-wordpress-sites/ Wordpess is estimated to be used by 35% of all websites today, which makes it an ideal target for threat actors.

Using WebRTC ICE Servers for Port Scanning in Chrome

medium.com/tenable-techblog/using-webrtc-ice-servers-for-port-scanning-in-chrome-ce17b19dd474

Hardware hacks: The next generation of cybercrime

www.helpnetsecurity.com/2019/12/19/hardware-hacks/

Analysis of RDP attacks: Defender Quarantines Lsass Dumps

www.wilbursecurity.com/2019/12/defender-quarantines-lsass-dumps/

Wireshark Tutorial: Examining Ursnif Infections

unit42.paloaltonetworks.com/wireshark-tutorial-examining-ursnif-infections/

You might be interested in …

Daily NCSC-FI news followup 2019-06-05

The EU Found Out That Its Embassy In Moscow Had Been Hacked But Kept It A Secret www.buzzfeednews.com/article/albertonardelli/eu-embassy-moscow-hack-russia A sophisticated cyber espionage event began in February 2017. Russian entities are believed to be behind the hack, a source told BuzzFeed News. The Most Expensive Lesson Of My Life: Details of SIM port hack medium.com/coinmonks/the-most-expensive-lesson-of-my-life-details-of-sim-port-hack-35de11517124 I […]

Read More

Daily NCSC-FI news followup 2020-02-01

Exercise Crossed Swords 2020 Reached New Levels of Multinational and Interdisciplinary Cooperation ccdcoe.org/news/2020/exercise-crossed-swords-2020-reached-new-levels-of-multinational-and-interdisciplinary-cooperation/ The 6th iteration of the annual cyber exercise Crossed Swords in Riga, Latvia, brought together more than 120 technical experts, Cyber Commands´ members, Special Forces operators and military police. Organized jointly by the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) and […]

Read More

Daily NCSC-FI news followup 2019-06-26

Security flaw in LTE networks can let hackers send false presidential alerts cyware.com/news/security-flaw-in-lte-networks-can-let-hackers-send-false-presidential-alerts-109ceabf A vulnerability in LTE networks can be abused by hackers to launch spoofing attacks. The flaw can be exploited to send out spoofed AMBER alerts, and false presidential alerts. New Silex malware is bricking IoT devices, has scary plans www.zdnet.com/article/new-silex-malware-is-bricking-iot-devices-has-scary-plans/ A new […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.