Daily NCSC-FI news followup 2020-06-04

Cisco’s warning: Critical flaw in IOS routers allows ‘complete system compromise’

www.zdnet.com/article/ciscos-warning-critical-flaw-in-ios-routers-allows-complete-system-compromise/ Most severe vulns are remote code execution by unauthenticated attackers.

French CERT (ANSSI) releases Active Directory Security Assessment Checklist

www.cert.ssi.gouv.fr/uploads/guide-ad.html

U.S. Nuclear Contractor Hit with Maze Ransomware, Data Leaked

threatpost.com/nuclear-contractor-maze-ransomware-data-leaked/156289/ A U.S. military contractor involved in the maintenance of the country’s Minuteman III nuclear arsenal has been hit by the Maze ransomware, according to reports – with the hackers making off with reams of sensitive information.

Zoom says free users won’t get end-to-end encryption so FBI and police can access calls

www.theverge.com/2020/6/3/21279355/zoom-end-encryption-calls-fbi-police-free-users

Anti-racism sites hit by wave of cyber-attacks

www.bbc.com/news/technology-52912881 Cloudflare, which blocks attacks designed to knock websites offline, says advocacy groups in general saw attacks increase 1, 120-fold. That equates to an extra 110, 000 blocked requests every second, it said. The problem was particularly acute for certain types of organisations. One single website belonging to an unnamed advocacy group dealt with 20, 000 requests a second.

Email from HaveIBeenPwned wipes helpdesk tickets

www.itnews.com.au/news/email-from-haveibeenpwned-wipes-helpdesk-tickets-548916 A software development house got more than it bargained for after an alert email from the HaveIBeenPwned (HIBP) data breach monitoring site wiped all its helpdesk support tickets.

Daily NCSC-FI news followup 2021-03-10

Introducing sigstore: Easy Code Signing & Verification for Supply Chain Integrity security.googleblog.com/2021/03/introducing-sigstore-easy-code-signing.html One of the fundamental security issues with open source is that its difficult to know where the software comes from or how it was built, making it susceptible to supply chain attacks. A few recent examples of this include dependency confusion attack and […]

Daily NCSC-FI news followup 2020-12-06

Running in Circles – Uncovering the Clients of Cyberespionage Firm Circles citizenlab.ca/2020/12/running-in-circles-uncovering-the-clients-of-cyberespionage-firm-circles/ The public discussion around surveillance and tracking largely focuses on well known technical means, such as targeted hacking and network interception. However, other forms of surveillance are regularly and extensively used by governments and third parties to engage in cross-border surveillance and monitoring. […]

Daily NCSC-FI news followup 2021-07-14

Web shells: How can we get rid of them and why law enforcement is not really the answer www.gdatasoftware.com/blog/webshells Microsoft recorded a total of 144,000 web shell attacks between August 2020 and January 2021. Web shells are very light programmes (scripts) that hackers install to either attack affected websites or web-facing services or prepare a […]