Daily NCSC-FI news followup 2020-06-04

Cisco’s warning: Critical flaw in IOS routers allows ‘complete system compromise’

www.zdnet.com/article/ciscos-warning-critical-flaw-in-ios-routers-allows-complete-system-compromise/ Most severe vulns are remote code execution by unauthenticated attackers.

French CERT (ANSSI) releases Active Directory Security Assessment Checklist

www.cert.ssi.gouv.fr/uploads/guide-ad.html

U.S. Nuclear Contractor Hit with Maze Ransomware, Data Leaked

threatpost.com/nuclear-contractor-maze-ransomware-data-leaked/156289/ A U.S. military contractor involved in the maintenance of the country’s Minuteman III nuclear arsenal has been hit by the Maze ransomware, according to reports – with the hackers making off with reams of sensitive information.

Zoom says free users won’t get end-to-end encryption so FBI and police can access calls

www.theverge.com/2020/6/3/21279355/zoom-end-encryption-calls-fbi-police-free-users

Anti-racism sites hit by wave of cyber-attacks

www.bbc.com/news/technology-52912881 Cloudflare, which blocks attacks designed to knock websites offline, says advocacy groups in general saw attacks increase 1, 120-fold. That equates to an extra 110, 000 blocked requests every second, it said. The problem was particularly acute for certain types of organisations. One single website belonging to an unnamed advocacy group dealt with 20, 000 requests a second.

Email from HaveIBeenPwned wipes helpdesk tickets

www.itnews.com.au/news/email-from-haveibeenpwned-wipes-helpdesk-tickets-548916 A software development house got more than it bargained for after an alert email from the HaveIBeenPwned (HIBP) data breach monitoring site wiped all its helpdesk support tickets.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.