Daily NCSC-FI news followup 2020-03-30

Revealed: Saudis suspected of phone spying campaign in US

www.theguardian.com/world/2020/mar/29/revealed-saudis-suspected-of-phone-spying-campaign-in-us Saudi Arabia appears to be exploiting weaknesses in the global mobile telecoms network to track its citizens as they travel around the US, according to a whistleblower who has shown the Guardian millions of alleged secret tracking requests.

Emotet: Dangerous Malware Keeps on Evolving

medium.com/threat-intel/emotet-dangerous-malware-keeps-on-evolving-ac84aadbb8de Emotet is one of the most dangerous malware threats active today. Emotet (Trojan.Emotet) began life as a banking Trojan but evolved several years ago to act as a malware loader for other threats Emotet infects a machine and then downloads another threat e.g. the TrickBot information stealer, onto the infected system. Emotet is now one of the biggest threat distributors out there, renting its

Work from home: Videoconferencing with security in mind

www.welivesecurity.com/2020/03/30/work-from-home-videoconferencing-security-in-mind/? At the time of writing one-third of the worlds population is enduring restricted movement to stem the spread of COVID-19. The lockdown has driven huge swaths of the working population to become remote workers, many for the first time. The sudden surge in employees, students, teachers, and many other professionals working from home is driving a huge increase in demand for videoconferencing, online

COVID-19 Impact: Cyber Criminals Target Zoom Domains

blog.checkpoint.com/2020/03/30/covid-19-impact-cyber-criminals-target-zoom-domains/ While the world is struggling with the Coronavirus outbreak, many countries have implemented precautionary measures. Schools are being closed, communities are asked to shelter-in-place, and many organizations have enabled their employees to work remotely. As a result, video communication platforms are the daily norm. As the interest and usage of these platforms increases, cyber criminals stay a step . ahead. For instance, Check Point Research recently discovered a technique which could have allowed a threat actor to identify and join active Zoom meetings.

You might be interested in …

Daily NCSC-FI news followup 2020-01-20

Citrix Patches CVE-2019-19781 Flaw in Citrix ADC 11.1 and 12.0 www.bleepingcomputer.com/news/security/citrix-patches-cve-2019-19781-flaw-in-citrix-adc-111-and-120/ Citrix released permanent fixes for the actively exploited CVE-2019-19781 vulnerability impacting Citrix Application Delivery Controller (ADC), Citrix Gateway, and Citrix SD-WAN WANOP appliances and allowing unauthenticated attackers to perform arbitrary code execution.. Besides releasing these permanent fixes for the CVE-2019-19781 flaw, Citrix also says […]

Read More

Daily NCSC-FI news followup 2020-04-07

80% of all exposed Exchange servers still unpatched for critical flaw www.bleepingcomputer.com/news/security/80-percent-of-all-exposed-exchange-servers-still-unpatched-for-critical-flaw/ Starting March 24, Rapid7 used its Project Sonar internet-wide survey tool to discover all publicly-facing Exchange servers on the Internet and the numbers are grim.. As they found, “at least 357,629 (82.5%) of the 433,464 Exchange servers” are still vulnerable to attacks that […]

Read More

Daily NCSC-FI news followup 2020-08-06

Australia’s 2020 Cyber Security Strategy www.pm.gov.au/media/australias-2020-cyber-security-strategy The Morrison Governments 2020 Cyber Security Strategy outlines how we will keep Australian families and businesses secure online, protect and strengthen the security and resilience of Australias critical infrastructure and ensure law enforcement agencies have the powers and technical capabilities to detect, target, investigate and disrupt cybercrime, including on […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.