Daily NCSC-FI news followup 2020-05-30

List of well-known web sites that port scan their visitors

www.bleepingcomputer.com/news/security/list-of-well-known-web-sites-that-port-scan-their-visitors/ Last weekend, news heavily circulated that eBay.com was port scanning visitors’ computers when they browsed their site. To see what other sites may be using this script, BleepingComputer reached out to DomainTools, a cybersecurity company specializing in web domain and DNS threat intelligence. Of the sites we tested, we saw Citibank, TD Bank, Ameriprise, Chick-fil-A, Lendup, BeachBody, Equifax IQ connect, TIAA-CREF, Sky, GumTree, and WePay port scanning our computers.

Critical ‘Sign in with Apple’ Bug Could Have Let Attackers Hijack Anyone’s Account

thehackernews.com/2020/05/sign-in-with-apple-hacking.html Bhavuk responsibly reported the issue to the Apple security team last month, and the company has now patched the vulnerability. Besides paying bug bounty to the researcher, in response, the company also confirmed that it did an investigation of their server logs and found the flaw was not exploited to compromise any account.

New Noise-Resilient Attack On Intel and AMD CPUs Makes Flush-based Attacks Effective

thehackernews.com/2020/05/noise-resilient-flush-attack.html Modern Intel and AMD processors are susceptible to a new form of side-channel attack. The new variant aims to improve the accuracy of these attacks even in a noisy multi-core system. It also works seamlessly against non-Linux Operating Systems, like macOS.

Amtrak resets user passwords after Guest Rewards data breach

www.bleepingcomputer.com/news/security/amtrak-resets-user-passwords-after-guest-rewards-data-breach/ Amtrak, a high-speed intercity passenger rail provider and an independent US government agency, operates a nationwide rail network in 46 states, the District of Columbia, and three Canadian provinces, with 30 million customers during the last nine years.

The Week in Ransomware – May 29th 2020 – Quiet before the storm?

www.bleepingcomputer.com/news/security/the-week-in-ransomware-may-29th-2020-quiet-before-the-storm/ The biggest news is the Netwalker attack on Michigan State University and a [F]Unicorn spam campaign targeting Italy.

TrickBot Updates Propagation Module

unit42.paloaltonetworks.com/goodbye-mworm-hello-nworm-trickbot-updates-propagation-module/ s early as April 2020, TrickBot updated one of its propagation modules known as “mworm” to a new module called “nworm.” Infections caused through nworm leave no artifacts on an infected DC, and they disappear after a reboot or shutdown.

Valak malware targets Microsoft Exchange servers to steal enterprise data

www.zdnet.com/article/valak-targets-microsoft-exchange-servers-to-steal-enterprise-data-in-active-campaigns/ The malware has been spotted in active campaigns mainly focused entities in the US and Germany, having previously been bundled together with Ursnif and IcedID banking Trojan payloads

You might be interested in …

Daily NCSC-FI news followup 2020-12-12

Adobe releases final Flash Player update, warns of 2021 kill switch www.bleepingcomputer.com/news/software/adobe-releases-final-flash-player-update-warns-of-2021-kill-switch/ After 24 years of fun games and abuse by threat actors, Adobe has released their final Flash Player update and thanked everyone for the fantastic content that they have released over the years. Starting in January 2021, all browser developers will remove Adobe […]

Read More

Daily NCSC-FI news followup 2019-09-15

Attack Landscape H1 2019: IoT, SMB traffic abound blog.f-secure.com/attack-landscape-h1-2019-iot-smb-traffic-abound/ To no ones surprise, internet of things (IoT) device insecurity has emerged as a top concern and top driver of internet attack traffic in the first half of 2019. According to our new report, Attack Landscape H1 2019, which details traffic measured by F-Secures global network […]

Read More

Daily NCSC-FI news followup 2021-01-16

BugTraq Shutdown www.securityfocus.com/archive/1/542247 At this time, resources for the BugTraq mailing list have not been prioritized, and this will be the last message to the list. The archive will be shut down January 31st, 2021. Also: www.zdnet.com/article/iconic-bugtraq-security-mailing-list-shuts-down-after-27-years/ Massive stolen credit card shop Joker’s Stash shuts down www.bleepingcomputer.com/news/security/massive-stolen-credit-card-shop-jokers-stash-shuts-down/ The administrator of Joker’s Stash, one of the […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.