Daily NCSC-FI news followup 2020-01-04

Police Tracked a Terror Suspect Until His Phone Went Dark After a Facebook Warning

www.morningstar.com/news/dow-jones/202001026663/police-tracked-a-terror-suspect-until-his-phone-went-dark-after-a-facebook-warning WhatsApp, Facebook Inc.’s popular messaging tool, had just notified about 1,400 users — among them the suspected terrorist — that their phones had been hacked by an “advanced cyber actor.” An elite surveillance team was using spyware from NSO Group, an Israeli company, to track the suspect, according to a law-enforcement official overseeing the investigation.

U.S. Officials Brace for Cyber-Attack Retaliation From Iran

www.msn.com/en-us/news/world/us-officials-brace-for-cyber-attack-retaliation-from-iran/ar-BBYAGGB Former U.S. officials and security experts said there is precedent for such concerns amid years of tit-for-tat cyber-attacks between the two countries. As recently as June, after the U.S. sent additional troops to the Middle East and announced further sanctions on Iran, cyber-attacks targeting U.S. industries and government agencies increased, the Department of Homeland Security said at the time.. Also

www.motherjones.com/politics/2020/01/heres-what-a-cyber-attack-by-iran-might-look-like/

Promiscuous Cookies and Their Impending Death via the SameSite Policy

www.troyhunt.com/promiscuous-cookies-and-their-impending-death-via-the-samesite-policy/ Come version 80, any cookie without a SameSite attribute will be treated as “Lax” by Chrome. This is really important to understand because put simply, it’ll very likely break a bunch of stuff.. Enterprise IT administrators may need to implement special policies to temporarily revert Chrome Browser to legacy behavior if some services such as single sign-on or internal applications are not ready for the February launch.

This page is currency unavailable… Travelex scrubs UK homepage, kills services, knackers other sites amid ‘software virus’ infection

www.theregister.co.uk/2020/01/03/travelex_down_malware/ While no details were given on just what the infection was or how it got onto the network, Brit infosec watcher Kevin Beaumont pointed out Travelex had public-facing Windows remote-desktop servers with no Network Level Authentication enabled that’s the feature that requires users to authenticate before they can establish a session and attempt to login.

You might be interested in …

Daily NCSC-FI news followup 2021-02-07

Hacked by SolarWinds backdoor masterminds, Mimecast now lays off staff after profit surge www.theregister.com/2021/02/07/in_brief_security/ Plus: British Mensa in data leak blunder, DARPA are Star Wars fans, Sonicwall patch out, and more. Email security biz Mimecast not only fell victim to the SolarWinds hackers, leading to its own customers being attacked, it is also trimming its […]

Read More

Daily NCSC-FI news followup 2019-10-27

TrialWorks Ransomware Attack Disrupts Court Cases and Deadlines www.bleepingcomputer.com/news/security/trialworks-ransomware-attack-disrupts-court-cases-and-deadlines/ TrialWorks, one of the top-rated providers of legal case management software for law firms and attorneys, became the victim of a ransomware attack earlier this month. The ripples of disruption from this incident made it impossible for lawyers to access the legal documents hosted on TrialWorks […]

Read More

Daily NCSC-FI news followup 2021-09-06

Conti affiliates use ProxyShell Exchange exploit in ransomware attacks news.sophos.com/en-us/2021/09/03/conti-affiliates-use-proxyshell-exchange-exploit-in-ransomware-attacks/ An investigation into recent attacks by a Conti affiliate reveals that that the attackers initially accessed targeted organizations networks with ProxyShell, an exploit of vulnerabilities in Microsoft Exchange that have been the subject of multiple critical updates over the past several months. The attacker otherwise […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.