Daily NCSC-FI news followup 2020-03-28

Two zero days are Targeting DrayTek Broadband CPE Devices

blog.netlab.360.com/two-zero-days-are-targeting-draytek-broadband-cpe-devices-en/ rom December 4, 2019, 360Netlab Threat Detection System has observed two different attack groups using two 0-day vulnerabilities of DrayTek[1] Vigor enterprise routers and switch devices to conduct a series of attacks, including eavesdropping on devices network traffic, running SSH services on high ports, creating system backdoor accounts, and even creating a specific Malicious Web Session

Bosses Panic-Buy Spy Software to Keep Tabs on Remote Workers

www.bloomberg.com/news/features/2020-03-27/bosses-panic-buy-spy-software-to-keep-tabs-on-remote-workers We have seen individuals taking unfair advantage of flexible work arrangements by essentially taking vacations, Gregory Garrabrants, the online banks chief executive officer, wrote in the March 16 message reviewed by Bloomberg News. If daily tasks arent completed, workers will be subject to disciplinary action, up to and including termination.

Quantum entanglement breakthrough could boost encryption, secure communications

www.zdnet.com/article/quantum-entanglement-breakthrough-could-boost-encryption-secure-communications/ A team of researchers has published details of a new way to reliably create particles that are well-suited to use in quantum communications, which could lead to the unhackable communication protocols that have long been pitched as one of the most useful applications of the technology.

Yeah, that Zoom app you’re trusting with work chatter? It lives with ‘vampires feeding on the blood of human data’

www.theregister.co.uk/2020/03/27/doc_searls_zoom_privacy/ Doc Searls, co-author of the influential internet marketing book The Cluetrain Manifesto last century, today warned [cached] Zoom not only has the right to extract data from its users and their meetings, it can work with Google and other ad networks to turn this personal information into targeted ads that follow them across the web.. And he concluded: “Zoom is in the advertising business, and in the worst end of it: the one that lives off harvested personal data.

China and Huawei propose reinvention of the internet

www.ft.com/content/c78be2cf-a1a1-40b1-8ab7-904d7095e0f2 China has suggested a radical change to the way the internet works to the UN, in a proposal that claims to enable cutting-edge technologies such as holograms and self-driving cars but which critics say will also bake authoritarianism into the architecture underpinning the web.

You might be interested in …

Daily NCSC-FI news followup 2020-10-10

US Cyber Command has sought to disrupt the world’s largest botnet, hoping to reduce its potential impact on the election www.washingtonpost.com/national-security/cyber-command-trickbot-disrupt/2020/10/09/19587aae-0a32-11eb-a166-dc429b380d10_story.html In recent weeks, the U.S. military has mounted an operation to temporarily disrupt what is described as the world’s largest botnet one used also to drop ransomware, which officials say is one of the […]

Read More

Daily NCSC-FI news followup 2019-07-26

Stock Trading Service Robinhood Admits To Storing Some Passwords in Cleartext www.zdnet.com/article/robinhood-admits-to-storing-some-passwords-in-cleartext/ “On Monday night, we discovered that some user credentials were stored in a readable format within our internal system,” the company said.. “We resolved the issue, and after thorough review, found no evidence that this information was accessed by anyone outside our response […]

Read More

Daily NCSC-FI news followup 2020-03-13

Alert (AA20-073A) – Enterprise VPN Security www.us-cert.gov/ncas/alerts/aa20-073a As organizations prepare for possible impacts of Coronavirus Disease 2019 (COVID-19), many may consider alternate workplace options for their employees. Remote work optionsor teleworkrequire an enterprise virtual private network (VPN) solution to connect employees to an organization’s information technology (IT) network. As organizations elect to implement telework, the […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.