Daily NCSC-FI news followup 2020-05-10

Microsoft adds protection against Reply-All email storms in Office 365

www.zdnet.com/article/microsoft-adds-protection-against-reply-all-email-storms-in-office-365/ Microsoft rolled out this week a new feature to Office 365 customers to help their IT staff detect and stop “Reply-All email storms.”. The term refers to situations when employees use the Reply-All option in mass-mailed emails, such as company-wide notifications.

Sodinokibi ransomware can now encrypt open and locked files

www.bleepingcomputer.com/news/security/sodinokibi-ransomware-can-now-encrypt-open-and-locked-files/ The Sodinokibi (REvil) ransomware has added a new feature that allows it to encrypt more of a victim’s files, even those that are opened and locked by another process. Some applications, such as database or mail servers, will lock files that they have open so that other programs cannot modify them. These file locks prevent the data from being corrupted by two processes writing to a file at the same time.

5 common password mistakes you should avoid

www.welivesecurity.com/2020/05/07/5-common-password-mistakes-you-should-avoid/ Typing in a password to access one of the tens or hundreds of services that we use has become such an everyday part of our lives that we rarely give it a second thought. Quite often we try to keep our passwords simple and easy to remember so we can move quickly past logging in and get on with what matters. That is just one of the many mistakes we make when it comes to something that we rely on to secure a part of our digital identity.

Hackers Turned Virginia Government Websites Into Elaborate eBooks Scam Pages

www.vice.com/en_us/article/88947x/hackers-virginia-government-websites-ebooks-scam Hackers hijacked and took over control of two subdomains on the official website of the Virginia state government. For some reason, they then turned the two sites into some sort of eBook scam. The two subdomains, vwn.virginia.gov and crc.virginia.gov had the same content, a list of eBook titles and genres, which redirect to a messy page filled with links to download PDFs.

ChatBooks discloses data breach after data sold on dark web

www.bleepingcomputer.com/news/security/chatbooks-discloses-data-breach-after-data-sold-on-dark-web/ ChatBooks photo print service has informed its customers that user information was stolen from their systems following a cyber attack. Data consisting of 15 million user records is now being offered for sale on the dark web. This breach is part of a spree of leaks from a group of hackers that is now selling over 73 million user records from 11 companies.

Nmap Basics – The Security Practitioner’s Swiss Army Knife

isc.sans.edu/forums/diary/Nmap+Basics+The+Security+Practitioners+Swiss+Army+Knife/26104/ To elaborate on Xavier’s and Bojan’s excellent nmap diaries over the last few days, I thought that today might be a good day to go back to basics on nmap and demonstrate why nmap really is a security practitioners swiss army knife and should be in each of our testing toolkits.

You might be interested in …

Daily NCSC-FI news followup 2019-08-02

LookBack Malware Targets the United States Utilities Sector with Phishing Attacks Impersonating Engineering Licensing Boards www.proofpoint.com/us/threat-insight/post/lookback-malware-targets-united-states-utilities-sector-phishing-attacks Between July 19 and July 25, 2019, several spear phishing emails were identifiedtargeting three US companies in the utilities sector. . The phishing messages were found to contain a Microsoft Word document attachment that uses VBA macros to installLookBack […]

Read More

Daily NCSC-FI news followup 2021-01-09

Excelerating Analysis Tips and Tricks to Analyze Data with Microsoft Excel www.fireeye.com/blog/threat-research/2019/12/tips-and-tricks-to-analyze-data-with-microsoft-excel.html Incident response investigations dont always involve standard host-based artifacts with fully developed parsing and analysis tools. At FireEye Mandiant, we frequently encounter incidents that involve a number of systems and solutions that utilize custom logging or artifact data. Determining what happened in an […]

Read More

Daily NCSC-FI news followup 2020-01-10

Why is a 22GB database containing 56 million US folks’ personal details sitting on the open internet using a Chinese IP address? Seriously, why? www.theregister.co.uk/2020/01/09/checkpeoplecom_data_exposed/ The information silo appears to belong to Florida-based CheckPeople.com, which is a typical people-finder website: for a fee, you can enter someone’s name, and it will look up their current […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.