Daily NCSC-FI news followup 2020-05-10

Microsoft adds protection against Reply-All email storms in Office 365

www.zdnet.com/article/microsoft-adds-protection-against-reply-all-email-storms-in-office-365/ Microsoft rolled out this week a new feature to Office 365 customers to help their IT staff detect and stop “Reply-All email storms.”. The term refers to situations when employees use the Reply-All option in mass-mailed emails, such as company-wide notifications.

Sodinokibi ransomware can now encrypt open and locked files

www.bleepingcomputer.com/news/security/sodinokibi-ransomware-can-now-encrypt-open-and-locked-files/ The Sodinokibi (REvil) ransomware has added a new feature that allows it to encrypt more of a victim’s files, even those that are opened and locked by another process. Some applications, such as database or mail servers, will lock files that they have open so that other programs cannot modify them. These file locks prevent the data from being corrupted by two processes writing to a file at the same time.

5 common password mistakes you should avoid

www.welivesecurity.com/2020/05/07/5-common-password-mistakes-you-should-avoid/ Typing in a password to access one of the tens or hundreds of services that we use has become such an everyday part of our lives that we rarely give it a second thought. Quite often we try to keep our passwords simple and easy to remember so we can move quickly past logging in and get on with what matters. That is just one of the many mistakes we make when it comes to something that we rely on to secure a part of our digital identity.

Hackers Turned Virginia Government Websites Into Elaborate eBooks Scam Pages

www.vice.com/en_us/article/88947x/hackers-virginia-government-websites-ebooks-scam Hackers hijacked and took over control of two subdomains on the official website of the Virginia state government. For some reason, they then turned the two sites into some sort of eBook scam. The two subdomains, vwn.virginia.gov and crc.virginia.gov had the same content, a list of eBook titles and genres, which redirect to a messy page filled with links to download PDFs.

ChatBooks discloses data breach after data sold on dark web

www.bleepingcomputer.com/news/security/chatbooks-discloses-data-breach-after-data-sold-on-dark-web/ ChatBooks photo print service has informed its customers that user information was stolen from their systems following a cyber attack. Data consisting of 15 million user records is now being offered for sale on the dark web. This breach is part of a spree of leaks from a group of hackers that is now selling over 73 million user records from 11 companies.

Nmap Basics – The Security Practitioner’s Swiss Army Knife

isc.sans.edu/forums/diary/Nmap+Basics+The+Security+Practitioners+Swiss+Army+Knife/26104/ To elaborate on Xavier’s and Bojan’s excellent nmap diaries over the last few days, I thought that today might be a good day to go back to basics on nmap and demonstrate why nmap really is a security practitioners swiss army knife and should be in each of our testing toolkits.

You might be interested in …

Daily NCSC-FI news followup 2021-06-23

Suomalaiset menettäneet 13, 5 miljoonaa huijareille lue poliisin ohjeet www.is.fi/digitoday/tietoturva/art-2000008078041.html Verkkohuijarit ovat vieneet suomalaisilta tänä vuonna 13, 5 miljoonaa euroa, joista lähes 5 miljoonaa pankkihuijauksin. Huawei sai kylmää vettä niskaan Ruotsissa – Ericsson pelkää kostoa www.tivi.fi/uutiset/tv/a3301f54-967e-482f-addf-6f3698eda710 Ruotsin turvallisuuspoliisin esittämät uhkakuvat vakuuttivat hallinto-oikeuden Huawein muodostamasta riskistä. MITRE releases D3FEND, defensive measures complimentary to its ATT&CK framework […]

Read More

Daily NCSC-FI news followup 2020-06-16

T-Mobile confirms nationwide outage impacting millions of customers abc13.com/tmobile-outage-is-out-t-mobile-down/6248980/ T-Mobile customers are dealing with a nationwide outage of its voice and data network. The phone carrier’s president of technology, Neville Ray, confirmed the outage Monday afternoon. “Our engineers are working to resolve a voice and data issue that has been affecting customers around the country. […]

Read More

Daily NCSC-FI news followup 2019-07-07

Libra Cryptocurrency Scams Already Active Ahead Of 2020 Launch www.bleepingcomputer.com/news/security/libra-cryptocurrency-scams-already-active-ahead-of-2020-launch/ No sooner had Facebook announced Libra cryptocurrency and the matching digital Calibra wallet that cybercriminals tried to get a head start on a new phishing theme. Europe Built a System to Fight Russian Meddling. Its Struggling. www.nytimes.com/2019/07/06/world/europe/europe-russian-disinformation-propaganda-elections.html TWITTER’S DISINFORMATION DATA DUMPS ARE HELPFULTO A POINT […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.