Daily NCSC-FI news followup 2020-07-29

www.zdnet.com/article/hacker-gang-behind-garmin-attack-doesnt-have-a-history-of-stealing-user-data

‘BootHole’ attack impacts Windows and Linux systems using GRUB2 and Secure Boot

www.zdnet.com/article/boothole-attack-impacts-windows-and-linux-systems-using-grub2-and-secure-boot The vulnerability, codenamed BootHole, allows attackers to tamper with the boot-loading process that precedes starting up the actual operating system (OS). Lisäksi: kb.cert.org/vuls/id/174059 ja

www.openwall.com/lists/oss-security/2020/07/29/3. Lisäksi:

www.bleepingcomputer.com/news/security/boothole-grub-bootloader-bug-lets-hackers-hide-malware-in-linux-windows/ ja www.theregister.com/2020/07/29/grub2_code_exec_flaw/ ja

eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/

APT reports – APT trends report Q2 2020

securelist.com/apt-trends-report-q2-2020/97937/ For more than three years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They are designed to highlight the significant events and findings that we feel people should be aware of.

Cisco fixes severe flaws in data center management solution

www.bleepingcomputer.com/news/security/cisco-fixes-severe-flaws-in-data-center-management-solution/ Cisco today has released several security updates to address three critical authentication bypass, buffer overflow, and authorization bypass vulnerabilities found to affect Cisco Data Center Network Manager (DCNM) and multiple Cisco SD-WAN software products.

Critical Security Flaw in WordPress Plugin Allows RCE

threatpost.com/critical-rce-flaw-wordpress-plugin-on-70k-sites/157824/ Researchers are warning of a critical vulnerability in a WordPress plugin called Comments wpDiscuz, which is installed on more than 70, 000 websites. The flaw gives unauthenticated attackers the ability to upload arbitrary files (including PHP files) and ultimately execute remote code on vulnerable website servers. Lisäksi

www.bleepingcomputer.com/news/security/critical-wordpress-plugin-bug-lets-hackers-take-over-hosting-account/

Klassinen sähköpostimoka paljasti ison läjän tunnettujen teknologiavaikuttajien sähköposteja mukana myös Jeff Bezos

www.tivi.fi/uutiset/tv/d30ee2bf-2130-4801-89a4-27637e78e57e Uutiskirjepalvelu Substackilla kävi klassinen moka, kun yli 500 palvelun käyttäjän sähköpostiosoitteet paljastuivat, kirjoittaa Gizmodo. Mukana oli monia teknologiamaailmassa tunnettuja henkilöitä. Lisäksi

gizmodo.com/substack-just-accidentally-revealed-email-addresses-of-1844538889

Microsoft to remove all SHA-1 Windows downloads next week

www.zdnet.com/article/microsoft-to-remove-all-sha-1-windows-downloads-next-week Microsoft announced this week plans to remove all Windows-related file downloads from the Microsoft Download Center that are cryptographically signed with the Secure Hash Algorithm 1 (SHA-1). The files will be removed next Monday, on August 3, the company said on Tuesday. Lisäksi

www.bleepingcomputer.com/news/microsoft/microsoft-to-remove-all-windows-downloads-signed-with-sha-1/

Today’s mega’ data breaches now cost companies $392 million to recover from

www.zdnet.com/article/todays-mega-data-breaches-now-cost-companies-392-million-in-damages-lawsuits The average cost of a “mega” data breach has risen astronomically over the past year and enterprise players impacted by such a security incident can expect to pay up to $392 million.

You might be interested in …

Daily NCSC-FI news followup 2020-09-24

#InstaHack: how researchers were able to take over the Instagram App using a malicious image blog.checkpoint.com/2020/09/24/instahack-how-researchers-were-able-to-take-over-the-instagram-app-using-a-malicious-image/ Instagram is one of the most popular social media platforms globally, with over 100+ million photos uploaded every day, and nearly 1 billion monthly active users. Individuals and companies share photos and messages about their lives and products to […]

Read More

Daily NCSC-FI news followup 2019-12-29

UK Government exposes addresses of new year honours recipients www.theguardian.com/uk-news/2019/dec/28/government-exposes-addresses-of-new-year-honours-recipients More than 1,000 celebrities, government employees and politicians recognized in the U.K.’s traditional New Year’s Honours list this year “have had their home and work addresses posted on a government website.” IoT vendor Wyze confirms server leak www.zdnet.com/article/iot-vendor-wyze-confirms-server-leak/ Wyze, a company that sells smart devices […]

Read More

Daily NCSC-FI news followup 2019-09-11

Ryuk Related Malware Steals Confidential Military, Financial Files www.bleepingcomputer.com/news/security/ryuk-related-malware-steals-confidential-military-financial-files/ A new malware with strange associations to the Ryuk Ransomware has been discovered to look for and steal confidential financial, military, and law enforcement files. Microsoft to Improve Office 365 Phishing Email Notifications www.bleepingcomputer.com/news/security/microsoft-to-improve-office-365-phishing-email-notifications/ Microsoft is currently working on enhancing the notification system for quarantined malware […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.