Categories
NCSC-FI News followup

Daily NCSC-FI news followup 2020-06-06

Windows 10 SMBGhost bug gets public proof-of-concept RCE exploit

www.bleepingcomputer.com/news/security/windows-10-smbghost-bug-gets-public-proof-of-concept-rce-exploit/ Working exploit code that achieves remote code execution on Windows 10 machines is now publicly available for CVE-2020-0796, a critical vulnerability in Microsoft Server Message Block (SMB 3.1.1).. see also

www.kyberturvallisuuskeskus.fi/fi/kriittinen-haavoittuvuus-microsoftin-smbv3-toteutuksessa

US aerospace services provider breached by Maze Ransomware

www.bleepingcomputer.com/news/security/us-aerospace-services-provider-breached-by-maze-ransomware/ The Maze Ransomware gang breached and successfully encrypted the systems of VT San Antonio Aerospace, as well as stole and leaked unencrypted files from the company’s compromised devices in April 2020.

Fitness Depot hit by data breach after ISP fails to ‘activate the antivirus’

www.bleepingcomputer.com/news/security/fitness-depot-hit-by-data-breach-after-isp-fails-to-activate-the-antivirus/ Canadian retailer Fitness Depot announced customers that their personal and financial information was stolen following a breach that affected the company’s e-commerce platform last month.

Apple publishes free resources to improve password security

www.zdnet.com/article/apple-publishes-free-resources-to-improve-password-security/ The new tools are meant to help the developers of password managers and Apple hopes the tools will reduce the instances where users chose their own password rather than rely on the password manager.

Digiloikka kasvattaa kyberrikollisuuden riskiä Hakkerit ovat taitavia kansainvälisiä rikollisia

www.tivi.fi/uutiset/tv/a4a56b3f-c98f-42fa-91d0-d3772be7bfdc Korona-aika ja kesälomakausi lisäävät riskiä, uskoo MySafetyn toimitusjohtaja Niclas Fagerlund.

ZEE5 allegedly hacked by ‘Korean hackers’, customer info at risk

www.bleepingcomputer.com/news/security/zee5-allegedly-hacked-by-korean-hackers-customer-info-at-risk/ A hacker identifying themselves as “John Wick” and “Korean Hackers” claim to have breached the systems for Indian media giant ZEE5 and are threatening to sell the database on criminal markets.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.