Daily NCSC-FI news followup 2020-06-04

Cisco’s warning: Critical flaw in IOS routers allows ‘complete system compromise’

www.zdnet.com/article/ciscos-warning-critical-flaw-in-ios-routers-allows-complete-system-compromise/ Most severe vulns are remote code execution by unauthenticated attackers.

French CERT (ANSSI) releases Active Directory Security Assessment Checklist

www.cert.ssi.gouv.fr/uploads/guide-ad.html

U.S. Nuclear Contractor Hit with Maze Ransomware, Data Leaked

threatpost.com/nuclear-contractor-maze-ransomware-data-leaked/156289/ A U.S. military contractor involved in the maintenance of the country’s Minuteman III nuclear arsenal has been hit by the Maze ransomware, according to reports – with the hackers making off with reams of sensitive information.

Zoom says free users won’t get end-to-end encryption so FBI and police can access calls

www.theverge.com/2020/6/3/21279355/zoom-end-encryption-calls-fbi-police-free-users

Anti-racism sites hit by wave of cyber-attacks

www.bbc.com/news/technology-52912881 Cloudflare, which blocks attacks designed to knock websites offline, says advocacy groups in general saw attacks increase 1, 120-fold. That equates to an extra 110, 000 blocked requests every second, it said. The problem was particularly acute for certain types of organisations. One single website belonging to an unnamed advocacy group dealt with 20, 000 requests a second.

Email from HaveIBeenPwned wipes helpdesk tickets

www.itnews.com.au/news/email-from-haveibeenpwned-wipes-helpdesk-tickets-548916 A software development house got more than it bargained for after an alert email from the HaveIBeenPwned (HIBP) data breach monitoring site wiped all its helpdesk support tickets.

Daily NCSC-FI news followup 2020-08-17

Hackers Stole 1 Terabyte Of Data From Billion-Dollar U.S. Liquor Maker www.forbes.com/sites/leemathews/2020/08/17/brown-forman-hacked-1tb-data-stolen/ The REvil ransomware gang has struck again. This time the victim is Brown-Forman, the 150-year-old Kentucky-based company behind such brands as Jack Daniels, Finlandia vodka and Korbel champagne.. see also www.bleepingcomputer.com/news/security/us-spirits-and-wine-giant-hit-by-cyberattack-1tb-of-data-stolen/ Tea at the Ritz soured by credit card scammers www.bbc.co.uk/news/technology-53793922 Diners at […]

Daily NCSC-FI news followup 2021-02-22

Jian The Chinese Double-edged Cyber Sword blog.checkpoint.com/2021/02/22/jian-the-chinese-double-edged-cyber-sword/ In the last few months, Check Point Research (CPR) focused on recent Windows Local Privilege Escalation (LPE) exploits attributed to Chinese actors. An LPE is used by attackers to acquire Administrator rights on a Windows machine. During this investigation, our malware and vulnerability researchers managed to unravel the […]

Daily NCSC-FI news followup 2020-04-06

DarkHotel hackers use VPN zero-day to breach Chinese government agencies www.zdnet.com/article/darkhotel-hackers-use-vpn-zero-day-to-compromise-chinese-government-agencies/ Chinese security-firm Qihoo 360, which detected the intrusions, said the hackers used a zero-day vulnerability in Sangfor SSL VPN servers, used to provide remote access to enterprise and government networks. Attacks Simultaneously Exploiting Vulnerability in IE (CVE-2020-0674) and Firefox (CVE-2019-17026) blogs.jpcert.or.jp/en/2020/04/ie-firefox-0day.html On 8 January […]