Daily NCSC-FI news followup 2020-01-11

An Empirical Study of Wireless Carrier Authentication for SIM Swaps

www.issms2fasecure.com/ We examined the authentication procedures used by five prepaid wireless carriers when a customer attempts to change their SIM card, or SIM swap. We found that all five carriers use insecure authentication challenges that can easily be subverted by attackers. We found 17 websites on which user accounts can be compromised based on a SIM swap alone.

Hackers Are Breaking Directly Into Telecom Companies to Take Over Customer Phone Numbers

www.vice.com/en_us/article/5dmbjx/how-hackers-are-breaking-into-att-tmobile-sprint-to-sim-swap-yeh SIM swappers have escalated from bribing employees to using remote desktop software to get direct access to internal T-Mobile, AT&T, and Sprint tools.

Citrix ADC Exploits are Public and Heavily Used. Attempts to Install Backdoor

isc.sans.edu/forums/diary/Citrix+ADC+Exploits+are+Public+and+Heavily+Used+Attempts+to+Install+Backdoor/25700/ Late last night, multiple groups released working exploits for the Citrix ADC path traversal flaw. First, “Project Zero India” released a simple exploit essentially consisting of two curl commands [1]. The first one will write a template file that includes a shell command of the user’s choosing. The second curl request will download the result of the command execution. The exploit worked for me, but

You might be interested in …

Daily NCSC-FI news followup 2019-07-12

Buhtrap group uses zeroday in latest espionage campaigns www.welivesecurity.com/2019/07/11/buhtrap-zero-day-espionage-campaigns/ ESET research reveals notorious crime group also conducting espionage campaigns for the past five years Over 17,000 Domains Infected with Code that Steals Card Data www.bleepingcomputer.com/news/security/over-17-000-domains-infected-with-code-that-steals-card-data/ Cybercriminals running Magecart operations have added payment card skimming code to more than 17,000 domains with JavaScript files in misconfigured […]

Read More

Daily NCSC-FI news followup 2020-07-06

U.K. Set to Start Huawei 5G Phase-Out as Soon as This Year www.bloomberg.com/news/articles/2020-07-05/u-k-prepares-to-start-huawei-5g-phase-out-as-soon-as-this-year Prime Minister Boris Johnson is preparing to begin phasing out the use of Huawei Technologies Co. equipment in the U.K.s 5G telecoms network as soon as this year, a person familiar with the matter said. OVER 1,800 F5 BIG-IP ENDPOINTS VULNERABLE TO […]

Read More

Daily NCSC-FI news followup 2020-07-16

Britannia, USA ja Kanada epäilevät Venäjää koronarokotetutkijoiden vakoilusta yle.fi/uutiset/3-11451847 Maiden mukaan hakkeriryhmä APT29 eli Cozy Bear on hyökännyt rokotetutkimuksessa mukana olevia tutkimusryhmiä vastaan, niin akateemisia kuin lääketeollisuudenkin. Katso myös: www.ncsc.gov.uk/news/uk-and-allies-expose-russian-attacks-on-coronavirus-vaccine-development ja www.ncsc.gov.uk/news/advisory-apt29-targets-covid-19-vaccine-development Useita poliitikkojen ja julkisuuden henkilöiden Twitter-tilejä kaapattiin – Bitcoin-valuuttaa onnistuttiin huijaamaan yli 100 000 euron arvosta yle.fi/uutiset/3-11450130 Viestejä lähetettiin muun muassa Yhdysvaltojen entisen […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.