Daily NCSC-FI news followup 2020-07-29

www.zdnet.com/article/hacker-gang-behind-garmin-attack-doesnt-have-a-history-of-stealing-user-data

‘BootHole’ attack impacts Windows and Linux systems using GRUB2 and Secure Boot

www.zdnet.com/article/boothole-attack-impacts-windows-and-linux-systems-using-grub2-and-secure-boot The vulnerability, codenamed BootHole, allows attackers to tamper with the boot-loading process that precedes starting up the actual operating system (OS). Lisäksi: kb.cert.org/vuls/id/174059 ja

www.openwall.com/lists/oss-security/2020/07/29/3. Lisäksi:

www.bleepingcomputer.com/news/security/boothole-grub-bootloader-bug-lets-hackers-hide-malware-in-linux-windows/ ja www.theregister.com/2020/07/29/grub2_code_exec_flaw/ ja

eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/

APT reports – APT trends report Q2 2020

securelist.com/apt-trends-report-q2-2020/97937/ For more than three years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They are designed to highlight the significant events and findings that we feel people should be aware of.

Cisco fixes severe flaws in data center management solution

www.bleepingcomputer.com/news/security/cisco-fixes-severe-flaws-in-data-center-management-solution/ Cisco today has released several security updates to address three critical authentication bypass, buffer overflow, and authorization bypass vulnerabilities found to affect Cisco Data Center Network Manager (DCNM) and multiple Cisco SD-WAN software products.

Critical Security Flaw in WordPress Plugin Allows RCE

threatpost.com/critical-rce-flaw-wordpress-plugin-on-70k-sites/157824/ Researchers are warning of a critical vulnerability in a WordPress plugin called Comments wpDiscuz, which is installed on more than 70, 000 websites. The flaw gives unauthenticated attackers the ability to upload arbitrary files (including PHP files) and ultimately execute remote code on vulnerable website servers. Lisäksi

www.bleepingcomputer.com/news/security/critical-wordpress-plugin-bug-lets-hackers-take-over-hosting-account/

Klassinen sähköpostimoka paljasti ison läjän tunnettujen teknologiavaikuttajien sähköposteja mukana myös Jeff Bezos

www.tivi.fi/uutiset/tv/d30ee2bf-2130-4801-89a4-27637e78e57e Uutiskirjepalvelu Substackilla kävi klassinen moka, kun yli 500 palvelun käyttäjän sähköpostiosoitteet paljastuivat, kirjoittaa Gizmodo. Mukana oli monia teknologiamaailmassa tunnettuja henkilöitä. Lisäksi

gizmodo.com/substack-just-accidentally-revealed-email-addresses-of-1844538889

Microsoft to remove all SHA-1 Windows downloads next week

www.zdnet.com/article/microsoft-to-remove-all-sha-1-windows-downloads-next-week Microsoft announced this week plans to remove all Windows-related file downloads from the Microsoft Download Center that are cryptographically signed with the Secure Hash Algorithm 1 (SHA-1). The files will be removed next Monday, on August 3, the company said on Tuesday. Lisäksi

www.bleepingcomputer.com/news/microsoft/microsoft-to-remove-all-windows-downloads-signed-with-sha-1/

Today’s mega’ data breaches now cost companies $392 million to recover from

www.zdnet.com/article/todays-mega-data-breaches-now-cost-companies-392-million-in-damages-lawsuits The average cost of a “mega” data breach has risen astronomically over the past year and enterprise players impacted by such a security incident can expect to pay up to $392 million.

You might be interested in …

Daily NCSC-FI news followup 2020-09-15

Windows Exploit Released For Microsoft Zerologon Flaw threatpost.com/windows-exploit-microsoft-zerologon-flaw/159254/ Security researchers and U.S. government authorities alike are urging admins to address Microsofts critical privilege escalation flaw.. Proof-of-concept (PoC) exploit code has been released for a Windows flaw, which could allow attackers to infiltrate enterprises by gaining administrative privileges, giving them access to companies Active Directory domain […]

Read More

Daily NCSC-FI news followup 2019-07-26

Stock Trading Service Robinhood Admits To Storing Some Passwords in Cleartext www.zdnet.com/article/robinhood-admits-to-storing-some-passwords-in-cleartext/ “On Monday night, we discovered that some user credentials were stored in a readable format within our internal system,” the company said.. “We resolved the issue, and after thorough review, found no evidence that this information was accessed by anyone outside our response […]

Read More

Daily NCSC-FI news followup 2021-06-10

Ministeri Harakka: Panostus kriittisten toimialojen tietoturvaan ja tietosuojaan on investointi tulevaisuuteen www.lvm.fi/-/ministeri-harakka-panostus-kriittisten-toimialojen-tietoturvaan-ja-tietosuojaan-on-investointi-tulevaisuuteen-1376154 Valtioneuvosto vahvisti 10. kesäkuuta 2021 periaatepäätöksen, jolla linjataan toimia yhteiskunnan kriittisten toimialojen tietoturvan ja tietosuojan tason parantamiseksi. Periaatepäätöksen linjaukset perustuvat asiaa selvittäneen poikkihallinnollisen työryhmän ehdotuksiin. Jättimäinen huijausaalto pyyhkii Suomea Varo tekstiviestejä! www.iltalehti.fi/tietoturva/a/ffdd91fc-4435-4ce8-ab6a-6a47d69bc1d4 Nyt Kyberturvallisuuskeskus varoittaa uusista huijausviesteistä, jotka liittyvät todennäköisesti samaan haittaohjelmaan. Kotimaisista […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.