Daily NCSC-FI news followup 2020-01-03

Don’t Xiaomi pics of other people’s places! Chinese kitmaker fingers dodgy Boxing Day cache update after Google banishes it from Home

www.theregister.co.uk/2020/01/03/google_blocks_xiaomi/ Xiaomi has blamed some post-Christmas cache digestion problems after finding itself plonked on the naughty step by Google which blocked the Chinese tech conglomerate’s devices from its Nest Hub and Assistant last night.

U.S. Government Issues Warning About Possible Iranian Cyberattacks

www.bleepingcomputer.com/news/security/us-government-issues-warning-about-possible-iranian-cyberattacks/ Christopher C. Krebs, Director of Cybersecurity and Infrastructure Security Agency issued a warning about a potential new wave of Iranian cyber-attacks targeting U.S. assets after Maj. Gen. Qassim Suleimani was killed by a U.S. airstrike at the Baghdad airport in Iraq.

You might be interested in …

Daily NCSC-FI news followup 2021-01-09

Excelerating Analysis Tips and Tricks to Analyze Data with Microsoft Excel www.fireeye.com/blog/threat-research/2019/12/tips-and-tricks-to-analyze-data-with-microsoft-excel.html Incident response investigations dont always involve standard host-based artifacts with fully developed parsing and analysis tools. At FireEye Mandiant, we frequently encounter incidents that involve a number of systems and solutions that utilize custom logging or artifact data. Determining what happened in an […]

Read More

Daily NCSC-FI news followup 2020-06-03

Critical SAP ASE Flaws Allow Complete Control of Databases threatpost.com/critical-sap-ase-flaws-complete-control-databases/156239/ If exploited, the most severe flaws could give unprivileged users complete control of databases and in some cases even underlying operating systems – The most severe vulnerability, CVE-2020-6248, has a CVSS score of 9.1 out of 10. See also: wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=545396222. And also: www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/system-takeover-through-new-sap-ase-vulnerabilities/ Vulnerability Spotlight: […]

Read More

Daily NCSC-FI news followup 2019-07-12

Buhtrap group uses zeroday in latest espionage campaigns www.welivesecurity.com/2019/07/11/buhtrap-zero-day-espionage-campaigns/ ESET research reveals notorious crime group also conducting espionage campaigns for the past five years Over 17,000 Domains Infected with Code that Steals Card Data www.bleepingcomputer.com/news/security/over-17-000-domains-infected-with-code-that-steals-card-data/ Cybercriminals running Magecart operations have added payment card skimming code to more than 17,000 domains with JavaScript files in misconfigured […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.