Daily NCSC-FI news followup 2020-01-14

Russians Hacked Ukrainian Gas Company at Center of Impeachment

www.nytimes.com/2020/01/13/us/politics/russian-hackers-burisma-ukraine.html It is not yet clear what the hackers found, or precisely what they were searching for. But the experts say the timing and scale of the attacks suggest that the Russians could be searching for potentially embarrassing material on the Bidens the same kind of information that Mr. Trump wanted from Ukraine when he pressed for an investigation of the Bidens and Burisma, setting off a chain of events

Who is Mr Ding?

intrusiontruth.wordpress.com/2020/01/14/who-is-mr-ding/ We have identified that Professor Gu Jian is connected to the front company Hainan Xiandun and supported some of their activities from his position at Hainan University. But his was more of a supporting role. Who was in charge?

New CrowdStrike Report Finds an Increase in Cyber Adversaries Turning to Business Disruption as Main Attack Objective

www.crowdstrike.com/press-releases/report-finds-business-disruption-is-main-objective-of-adversaries/ CrowdStrike® Inc. (Nasdaq: CRWD), a leader in cloud-delivered endpoint protection, today announced the release of the CrowdStrike Services Cyber Front Lines Report which provides valuable takeaways from the front lines of incident response (IR) cases spanning 2019 and shares insights that matter for 2020 and beyond. The report identifies new attack methods and challenges, while offering

3 Lessons From the Incident Response Tabletops

securityintelligence.com/posts/3-lessons-from-the-incident-response-tabletops/ Here are a few lessons Ive learned about incident response from having run tabletop exercises within IBM and alongside our clients.

9 Reasons Why Cybersecurity Stress Is an Industry Epidemic

securityintelligence.com/articles/9-reasons-why-cybersecurity-stress-is-an-industry-epidemic/ Cybersecurity stress is an industrywide epidemic among security professionals. Burnout is a hard conversation, but its necessary for CISOs to face workplace stress before it compromises productivity, talent retention or individual well-being.

5G Security

www.schneier.com/blog/archives/2020/01/china_isnt_the_.html The security risks inherent in Chinese-made 5G networking equipment are easy to understand. Because the companies that make the equipment are subservient to the Chinese government, they could be forced to include backdoors in the hardware or software to give Beijing remote access. Eavesdropping is also a risk, although efforts to listen in would almost certainly be detectable. More insidious is the

Microsoft Patch Tuesday for January 2020

isc.sans.edu/forums/diary/Microsoft+Patch+Tuesday+for+January+2020/25710/ But CVE-2020-0601 isn’t the only vulnerability you should be worried about this month. CVE-2020-0609 and CVE-2020-0610 are fixing remote code execution vulnerabilities in the Windows Remote Desktop Gateway (RD Gateway). Remember BlueKeep? The RD Gateway is used to authenticate users and allow access to internal RDP services. As a result, RD Gateway is often exposed and used to protect the actual RDP . servers from exploitation.

You might be interested in …

Daily NCSC-FI news followup 2020-07-11

Trump confirms US conducted cyberattack against Russia in 2018 edition.cnn.com/2020/07/10/politics/donald-trump-us-russia-cyberattack/index.html President Donald Trump, for the first time, confirmed the US conducted a covert cyberattack in 2018 against Russia’s Internet Research Agency. Russian hacker found guilty for Dropbox, LinkedIn, and Formspring breaches www.zdnet.com/article/russian-hacker-found-guilty-for-dropbox-linkedin-and-formspring-breaches/ A California jury found Russian hacker Yevgeniy Nikulin guilty for breaching the internal […]

Read More

Daily NCSC-FI news followup 2020-08-29

Emotet malware’s new ‘Red Dawn’ attachment is just as dangerous www.bleepingcomputer.com/news/security/emotet-malwares-new-red-dawn-attachment-is-just-as-dangerous/ The Emotet botnet has begun to use a new template for their malicious attachments, and it is just as dangerous as ever. After a five-month “vacation, ” the Emotet malware returned in July 2020 and began to spew massive amounts of malicious spam worldwide. […]

Read More

Daily NCSC-FI news followup 2019-12-08

Clever Microsoft Phishing Scam Creates a Local Login Form www.bleepingcomputer.com/news/security/clever-microsoft-phishing-scam-creates-a-local-login-form/ A clever phishing campaign has been spotted that bundles the scam’s landing page in the HTML attachment rather than redirecting users to another site that asks them to log in. A typical credential-stealing phishing scam consists of an email where the attacker tries to convince […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.