Daily NCSC-FI news followup 2020-03-07

New AMD Side Channel Attacks Discovered, Impacts Zen Architecture

www.tomshardware.com/news/new-amd-side-channel-attacks-discovered-impacts-zen-architecture A new paper released by the Graz University of Technology details two new “Take A Way” attacks, Collide+Probe and Load+Reload, that can leak secret data from AMD processors by manipulating the L1D cache predictor. The researchers claim that the vulnerability impacts all AMD processors from 2011 to 2019, meaning that the Zen microarchitecture is also impacted.

This Unpatchable Flaw Affects All Intel CPUs Released in Last 5 Years

thehackernews.com/2020/03/intel-csme-vulnerability.html All Intel processors released in the past 5 years contain an unpatchable vulnerability that could allow hackers to compromise almost every hardware-enabled security technology that are otherwise designed to shield sensitive data of users even when a system gets compromised.. The vulnerability, tracked as CVE-2019-0090, resides in the hard-coded firmware running on the ROM (“read-only memory”) of the Intel’s Converged Security and Management Engine (CSME), which can’t be patched without replacing the silicon.

Zoho Releases Security Update on ManageEngine Desktop Central

www.us-cert.gov/ncas/current-activity/2020/03/06/zoho-releases-security-update-manageengine-desktop-central Zoho has released a security update on a vulnerability (CVE-2020-10189) affecting ManageEngine Desktop Central build 10.0.473 and below. A remote attacker could exploit this vulnerability to take control of an affected system. see also

www.manageengine.com/products/desktop-central/remote-code-execution-vulnerability.html

FBI Warns of BEC Attacks Abusing Microsoft Office 365, Google G Suite

www.bleepingcomputer.com/news/security/fbi-warns-of-bec-attacks-abusing-microsoft-office-365-google-g-suite/ The US Federal Bureau of Investigation (FBI) warned private industry partners of threat actors abusing Microsoft Office 365 and Google G Suite as part of Business Email Compromise (BEC) attacks.. “Between January 2014 and October 2019, the Internet Crime Complaint Center (IC3) received complaints totaling over $2.1 billion in actual losses from BEC scams targeting Microsoft Office 365 and Google G Suite.”

FYI: When Virgin Media said it leaked ‘limited contact info’, it meant p0rno filter requests, IP addresses, IMEIs as well as names, addresses and more

www.theregister.co.uk/2020/03/06/virgin_more_leak_details/

Chain Reactor: Simulate Adversary Behaviors on Linux

isc.sans.edu/forums/diary/Chain+Reactor+Simulate+Adversary+Behaviors+on+Linux/25872/

As the U.S. spied on the world, the CIA and NSA bickered

www.washingtonpost.com/national-security/as-the-us-spied-on-the-world-the-cia-and-nsa-bickered/2020/03/06/630a4e72-5365-11ea-b119-4faabac6674f_story.html U.S. spy agencies were on the verge of an espionage breakthrough, closing in on the clandestine purchase of a Swiss company that could give American intelligence the ability to crack much of the worlds encrypted communications.

You might be interested in …

Daily NCSC-FI news followup 2020-01-08

No, the US Army isnt drafting you for WWIII by text message www.theverge.com/2020/1/7/21055797/us-army-draft-ww3-scam-text-message-fake On Tuesday, the Army put out a news bulletin alerting the public of fraudulent text messages from people claiming to be recruiters. Some texts tell the person receiving them to head to their local recruiting office for immediate departure to Iran. Others […]

Read More

Daily NCSC-FI news followup 2020-03-08

Data-Stealing FormBook Malware Preys on Coronavirus Fears www.bleepingcomputer.com/news/security/data-stealing-formbook-malware-preys-on-coronavirus-fears/ Another email campaign pretending to be Coronavirus (COVID-19) information from the World Health Organization (WHO) is distributing a malware downloader that installs the FormBook information-stealing Trojan. Hackers can clone millions of Toyota, Hyundai, and Kia keys arstechnica.com/cars/2020/03/hackers-can-clone-millions-of-toyota-hyundai-and-kia-keys/ Encryption flaws in common anti-theft feature expose vehicles from major […]

Read More

Daily NCSC-FI news followup 2020-06-10

Ransomware attacks spike by 140%, 57% of organizations agree to pay atlasvpn.com/blog/ransomware-attacks-spike-by-140-57-of-organizations-agree-to-pay Data extracted and analyzed by Atlas VPN reveals, the amounts of demanded ransom payments increased by 140%, comparing the numbers of 2018 to 2019. More and more organizations succumb to blackmail: 57% of organizations settled and paid the ransom during the last 12 […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.