Daily NCSC-FI news followup 2020-01-18

Microsoft Issues Mitigation for Actively Exploited IE Zero-Day

www.bleepingcomputer.com/news/security/microsoft-issues-mitigation-for-actively-exploited-ie-zero-day/ Microsoft published a security advisory containing mitigation measures for an actively exploited zero-day remote code execution (RCE) vulnerability impacting Internet Explorer.. Redmond’s advisory says that the company is aware of “limited targeted attacks” targeting this vulnerability.

Kriittinen nollapäivähaavoittuvuus Internet Explorerissa (CVE-2020-0674)

www.kyberturvallisuuskeskus.fi/fi/kriittinen-nollapaivahaavoittuvuus-internet-explorerissa-cve-2020-0674 Microsoft on julkaissut tiedotteen kriittisestä haavoittuvuudesta, joka koskee Internet Explorer selaimen skriptit suorittavaa komponenttia (scripting engine). Haavoittuvuudelle ei ole päivitystä. Haavoittuvuuden avulla hyökkääjä voi suorittaa haitallista koodia kohdejärjestelmässä käyttäjän oikeuksin. Haavoittuvuutta käytetään maailmalla hyväksi.

Dont Let the Vulnera-Bullies Win. Use our free tool to see if you are patched against Vulnerability CVE-2020-0601

blog.trendmicro.com/dont-let-the-vulnera-bullies-win-patch-against-vulnerability-cve-2020-0601-and-do-it-now/ You can download our Trend Micro Vulnerability Assessment Tool right now to see if you are protected against the latest Microsoft vulnerability.

Business in the front, party in the back: backdoors in elastic servers expose private data

blog.malwarebytes.com/threat-spotlight/2020/01/business-in-the-front-party-in-the-back-backdoors-in-elastic-servers-expose-private-data/ Continuing my series on insecure cloud infrastructure, where I previously covered AWS and PACS, I will be going into some detail on elastic servers. Specifically, I will cover a number of cases in which I discovered a common misconfiguration, leading to open backdoors, which expose many records of personal data.

Hackers may have used critical Shellshock bug to breach Georgia election server

arstechnica.com/information-technology/2020/01/a-georgia-election-server-was-vulnerable-to-shellshock-and-may-have-been-hacked/ Forensic evidence shows signs that a Georgia election server may have been hacked ahead of the 2016 and 2018 elections by someone who exploited Shellshock, a critical flaw that gives attackers full control over vulnerable systems, a computer security expert said in a court filing on Thursday.

Citrix updates on Citrix ADC, Citrix Gateway vulnerability

www.citrix.com/blogs/2020/01/17/citrix-updates-on-citrix-adc-citrix-gateway-vulnerability/ As you know, we announced a vulnerability and comprehensive mitigations on December 17 for certain versions of Citrix Application Delivery Controller (ADC), formerly known as NetScaler ADC, and Citrix Gateway, formerly known as NetScaler Gateway, that, if exploited, could allow an unauthenticated attacker to perform arbitrary code execution.. We wanted to share some updates after further review:

The trouble with Microsofts Troubleshooters

medium.com/@radimre83/the-trouble-with-microsofts-troubleshooters-6e32fc80b8bd Recent versions of Windows are equipped with a Troubleshooting feature that can be found in the Control Panel or the new Settings application. You might find this tool useful if you have some trouble with your computer as it can quickly fix some common issues in a user-friendly way.. This write up demonstrates an implementation flaw that can be used to compromise a computer where a crafted diagnostic package is opened. Microsoft pushed back providing a fix for the current versions of Windows; to avoid trouble, pay special attention to not open .diagcab files. Mail server operators are recommended to include this file type to their blacklists.

You might be interested in …

Daily NCSC-FI news followup 2019-11-08

Sure, we made your Wi-Fi routers phone home with telemetry, says Ubiquiti. What of it? www.theregister.co.uk/2019/11/07/ubiquiti_networks_phone_home/ Ubiquiti Networks is fending off customer complaints after emitting a firmware update that caused its UniFi wireless routers to quietly phone HQ with telemetry.. It all kicked off when the US-based manufacturer confirmed that a software update released this […]

Read More

Daily NCSC-FI news followup 2019-06-22

NASA hacked because of unauthorized Raspberry Pi connected to its networkA: www.zdnet.com/article/nasa-hacked-because-of-unauthorized-raspberry-pi-connected-to-its-network/ A report published this week by the NASA Office of Inspector General reveals that in April 2018 hackers breached the agency’s network and stole approximately 500 MB of data related to Mars missions. The point of entry was a Raspberry Pi device that […]

Read More

Daily NCSC-FI news followup 2020-10-28

Vastaamo-kiristäjä pysyi piilossa vaikka lunnaiden maksuaika umpeutui nyt uhkana uhrien identiteettivarkaudet yle.fi/uutiset/3-11618253 Kiristäjä ei tiettävästi julkaissut uusia henkilötietoja tai potilaskertomuksia tiistaina, kuten uhkasi. Vastaamo-kiristyksen uhrien tietoja levitetään nyt uudella tavalla asiantuntijat: Harkitse tarkkaan, mitä kirjoitat someen www.is.fi/digitoday/art-2000006702529.html Tiedetään, että idiootit pimeässä verkossa ovat jo levittäneet poliisien, kansanedustajien ja muiden julkisuuden henkilöiden potilastietoja, sanoo F-Securen tietoturvajohtaja […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.