Daily NCSC-FI news followup 2020-03-28

Two zero days are Targeting DrayTek Broadband CPE Devices

blog.netlab.360.com/two-zero-days-are-targeting-draytek-broadband-cpe-devices-en/ rom December 4, 2019, 360Netlab Threat Detection System has observed two different attack groups using two 0-day vulnerabilities of DrayTek[1] Vigor enterprise routers and switch devices to conduct a series of attacks, including eavesdropping on devices network traffic, running SSH services on high ports, creating system backdoor accounts, and even creating a specific Malicious Web Session

Bosses Panic-Buy Spy Software to Keep Tabs on Remote Workers

www.bloomberg.com/news/features/2020-03-27/bosses-panic-buy-spy-software-to-keep-tabs-on-remote-workers We have seen individuals taking unfair advantage of flexible work arrangements by essentially taking vacations, Gregory Garrabrants, the online banks chief executive officer, wrote in the March 16 message reviewed by Bloomberg News. If daily tasks arent completed, workers will be subject to disciplinary action, up to and including termination.

Quantum entanglement breakthrough could boost encryption, secure communications

www.zdnet.com/article/quantum-entanglement-breakthrough-could-boost-encryption-secure-communications/ A team of researchers has published details of a new way to reliably create particles that are well-suited to use in quantum communications, which could lead to the unhackable communication protocols that have long been pitched as one of the most useful applications of the technology.

Yeah, that Zoom app you’re trusting with work chatter? It lives with ‘vampires feeding on the blood of human data’

www.theregister.co.uk/2020/03/27/doc_searls_zoom_privacy/ Doc Searls, co-author of the influential internet marketing book The Cluetrain Manifesto last century, today warned [cached] Zoom not only has the right to extract data from its users and their meetings, it can work with Google and other ad networks to turn this personal information into targeted ads that follow them across the web.. And he concluded: “Zoom is in the advertising business, and in the worst end of it: the one that lives off harvested personal data.

China and Huawei propose reinvention of the internet

www.ft.com/content/c78be2cf-a1a1-40b1-8ab7-904d7095e0f2 China has suggested a radical change to the way the internet works to the UN, in a proposal that claims to enable cutting-edge technologies such as holograms and self-driving cars but which critics say will also bake authoritarianism into the architecture underpinning the web.

You might be interested in …

Daily NCSC-FI news followup 2020-11-27

Digitally Signed Bandook Malware Once Again Targets Multiple Sectors thehackernews.com/2020/11/digitally-signed-bandook-malware-once.html A cyberespionage group with suspected ties to the Kazakh and Lebanese governments has unleashed a new wave of attacks against a multitude of industries with a retooled version of a 13-year-old backdoor Trojan. Check Point Research called out hackers affiliated with a group named Dark […]

Read More

Daily NCSC-FI news followup 2019-06-11

Wi-Fi in the office convenient but risky www.kaspersky.com/blog/vulnerable-wi-fi/27250/ Almost every office has a Wi-Fi network today, and sometimes more than one. Who wants to connect laptops with a cable? And forget about smartphones and tablets! However, a wireless network can be a weak point in your IT infrastructure. Not all companies use complex and unique […]

Read More

Daily NCSC-FI news followup 2020-01-10

Why is a 22GB database containing 56 million US folks’ personal details sitting on the open internet using a Chinese IP address? Seriously, why? www.theregister.co.uk/2020/01/09/checkpeoplecom_data_exposed/ The information silo appears to belong to Florida-based CheckPeople.com, which is a typical people-finder website: for a fee, you can enter someone’s name, and it will look up their current […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.