Daily NCSC-FI news followup 2020-05-17

Who Controls Huawei? [PDF]

www.ui.se/globalassets/butiken/ui-paper/2020/ui-paper-no.-5-2020.pdf = EU member states should adopt a unitary interpretation of the toolbox. A complete ban on Huawei from the rollout of European 5G might not be necessary, but the EU and its member states should strive for a significant reduction in Huaweis market share.

Putin Is Well on His Way to Stealing the Next Election

www.theatlantic.com/magazine/archive/2020/06/putin-american-democracy/610570/ #democracyrip was both the hashtag and the plan. The Russians were expecting the election of Hillary Clintonand preparing to immediately declare it a fraud. The embassy in Washington had attempted to persuade American officials to allow its functionaries to act as observers in polling places. A Twitter campaign alleging voting irregularities was queued. . Russian diplomats were ready to publicly denounce the results as illegitimate. Events in 2016, of course, veered in the other direction. Yet the hashtag is worth pausing over for a moment, because, though it was never put to its intended use, it remains an apt title for a mission that is still unfolding.

The Week in Ransomware – May 15th 2020 – REvil targets Trump

www.bleepingcomputer.com/news/security/the-week-in-ransomware-may-15th-2020-revil-targets-trump/ This week, we saw some interesting news about ransomware features being added and continued attackers against high profile victims.

Scanning for Outlook Web Access (OWA) & Microsoft Exchange Control Panel (ECP)

isc.sans.edu/forums/diary/Scanning+for+Outlook+Web+Access+OWA+Microsoft+Exchange+Control+Panel+ECP/26132/ This past two weeks my honeypot captured several probe for this URL /owa/auth/logon.aspx?url=https://1/ecp/ looking for the Exchange Control Panel. In the February 2020 patch Tuesday, Microsoft released a patch for ECP (CVE-2020-0688) for a remote code execution vulnerability affecting Microsoft Exchange server. Zero Day Initiative provided more details for this vulnerability

You might be interested in …

Daily NCSC-FI news followup 2020-12-06

Running in Circles – Uncovering the Clients of Cyberespionage Firm Circles citizenlab.ca/2020/12/running-in-circles-uncovering-the-clients-of-cyberespionage-firm-circles/ The public discussion around surveillance and tracking largely focuses on well known technical means, such as targeted hacking and network interception. However, other forms of surveillance are regularly and extensively used by governments and third parties to engage in cross-border surveillance and monitoring. […]

Read More

Daily NCSC-FI news followup 2020-12-27

A New SolarWinds Flaw Likely Had Let Hackers Install SUPERNOVA Malware thehackernews.com/2020/12/a-new-solarwinds-flaw-likely-had-let.html An authentication bypass vulnerability in the SolarWinds Orion software may have been leveraged by adversaries as zero-day to deploy the SUPERNOVA malware in target environments. Koei Tecmo discloses data breach after hacker leaks stolen data www.bleepingcomputer.com/news/security/koei-tecmo-discloses-data-breach-after-hacker-leaks-stolen-data/ Japanese game developer Koei Tecmo has disclosed […]

Read More

Daily NCSC-FI news followup 2021-04-19

Lazarus APT conceals malicious code within BMP image to drop its RAT blog.malwarebytes.com/malwarebytes-news/2021/04/lazarus-apt-conceals-malicious-code-within-bmp-file-to-drop-its-rat/ Lazarus APT is one of the most sophisticated North Korean Threat Actors that has been active since at least 2009. This actor is known to target the U.S., South Korea, Japan and several other countries. In one of their most recent campaigns […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.