Daily NCSC-FI news followup 2020-03-07

New AMD Side Channel Attacks Discovered, Impacts Zen Architecture

www.tomshardware.com/news/new-amd-side-channel-attacks-discovered-impacts-zen-architecture A new paper released by the Graz University of Technology details two new “Take A Way” attacks, Collide+Probe and Load+Reload, that can leak secret data from AMD processors by manipulating the L1D cache predictor. The researchers claim that the vulnerability impacts all AMD processors from 2011 to 2019, meaning that the Zen microarchitecture is also impacted.

This Unpatchable Flaw Affects All Intel CPUs Released in Last 5 Years

thehackernews.com/2020/03/intel-csme-vulnerability.html All Intel processors released in the past 5 years contain an unpatchable vulnerability that could allow hackers to compromise almost every hardware-enabled security technology that are otherwise designed to shield sensitive data of users even when a system gets compromised.. The vulnerability, tracked as CVE-2019-0090, resides in the hard-coded firmware running on the ROM (“read-only memory”) of the Intel’s Converged Security and Management Engine (CSME), which can’t be patched without replacing the silicon.

Zoho Releases Security Update on ManageEngine Desktop Central

www.us-cert.gov/ncas/current-activity/2020/03/06/zoho-releases-security-update-manageengine-desktop-central Zoho has released a security update on a vulnerability (CVE-2020-10189) affecting ManageEngine Desktop Central build 10.0.473 and below. A remote attacker could exploit this vulnerability to take control of an affected system. see also

www.manageengine.com/products/desktop-central/remote-code-execution-vulnerability.html

FBI Warns of BEC Attacks Abusing Microsoft Office 365, Google G Suite

www.bleepingcomputer.com/news/security/fbi-warns-of-bec-attacks-abusing-microsoft-office-365-google-g-suite/ The US Federal Bureau of Investigation (FBI) warned private industry partners of threat actors abusing Microsoft Office 365 and Google G Suite as part of Business Email Compromise (BEC) attacks.. “Between January 2014 and October 2019, the Internet Crime Complaint Center (IC3) received complaints totaling over $2.1 billion in actual losses from BEC scams targeting Microsoft Office 365 and Google G Suite.”

FYI: When Virgin Media said it leaked ‘limited contact info’, it meant p0rno filter requests, IP addresses, IMEIs as well as names, addresses and more

www.theregister.co.uk/2020/03/06/virgin_more_leak_details/

Chain Reactor: Simulate Adversary Behaviors on Linux

isc.sans.edu/forums/diary/Chain+Reactor+Simulate+Adversary+Behaviors+on+Linux/25872/

As the U.S. spied on the world, the CIA and NSA bickered

www.washingtonpost.com/national-security/as-the-us-spied-on-the-world-the-cia-and-nsa-bickered/2020/03/06/630a4e72-5365-11ea-b119-4faabac6674f_story.html U.S. spy agencies were on the verge of an espionage breakthrough, closing in on the clandestine purchase of a Swiss company that could give American intelligence the ability to crack much of the worlds encrypted communications.

You might be interested in …

Daily NCSC-FI news followup 2020-01-07

Potential for Iranian Cyber Response to U.S. Military Strike in Baghdad www.us-cert.gov/ncas/alerts/aa20-006a The Cybersecurity and Infrastructure Security Agency (CISA) is sharing the following information with the cybersecurity community as a primer for assisting in the protection of our Nations critical infrastructure in light of the current tensions between the Islamic Republic of Iran and the […]

Read More

Daily NCSC-FI news followup 2020-07-16

Britannia, USA ja Kanada epäilevät Venäjää koronarokotetutkijoiden vakoilusta yle.fi/uutiset/3-11451847 Maiden mukaan hakkeriryhmä APT29 eli Cozy Bear on hyökännyt rokotetutkimuksessa mukana olevia tutkimusryhmiä vastaan, niin akateemisia kuin lääketeollisuudenkin. Katso myös: www.ncsc.gov.uk/news/uk-and-allies-expose-russian-attacks-on-coronavirus-vaccine-development ja www.ncsc.gov.uk/news/advisory-apt29-targets-covid-19-vaccine-development Useita poliitikkojen ja julkisuuden henkilöiden Twitter-tilejä kaapattiin – Bitcoin-valuuttaa onnistuttiin huijaamaan yli 100 000 euron arvosta yle.fi/uutiset/3-11450130 Viestejä lähetettiin muun muassa Yhdysvaltojen entisen […]

Read More

Daily NCSC-FI news followup 2021-05-04

Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws labs.sentinelone.com/cve-2021-21551-hundreds-of-millions-of-dell-computers-at-risk-due-to-multiple-bios-driver-privilege-escalation-flaws/ SentinelLabs has discovered five high severity flaws in Dell’s firmware update driver impacting Dell desktops, laptops, notebooks and tablets since 2009. Attackers may exploit these vulnerabilities to locally escalate to kernel-mode privileges. Dell has released a security update […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.