Daily NCSC-FI news followup 2020-08-02

Telstra DNS falls over after denial of service attack

www.zdnet.com/article/telstra-dns-falls-over-after-denial-of-service-attack/ Customers with Telstra’s default DNS settings found themselves seemingly unable to access the internet on Sunday morning, as the telco was facing a denial of service attack. The attack kicked off some time before 10:30am on the Australian east coast. Some of our Domain Name Servers (DNS) used to route your traffic online are experiencing a cyber attack, known as a Denial of Service (DoS),” Telstra said on Twitter just before noon.

Merenkulun kyberiskut räjähtävät käsiin, eikä virustorjunta auta kiristyskeinona voi olla rahtiöljyn vuodatus mereen

www.tivi.fi/uutiset/merenkulun-kyberiskut-rajahtavat-kasiin-eika-virustorjunta-auta-kiristyskeinona-voi-olla-rahtioljyn-vuodatus-mereen/59eb2925-2fb9-4fdf-bafc-da96eaca6b18 Merenkulun operatiiviset järjestelmät ovat nopeasti nousseet kyberrikollisten muotikohteiksi. Osa alan yrityksistä tuudittautuu väärän turvallisuuden tunteeseen sen sijasta, että opittaisiin suojaamaan edes oikeita kohteita. Satamissa ja varustamoissa tietoturvatapausten määrä on vuodesta 2017 lähtien kivunnut huikeat 900 prosenttia. Vuoden loppuun mennessä rikotaan taas ennätyksiä, israelilainen merialan tietoturvaan erikoistunut Naval Dome varoittaa.

Havenly discloses data breach after 1.3M accounts leaked online

www.bleepingcomputer.com/news/security/havenly-discloses-data-breach-after-13m-accounts-leaked-online/ Havenly, a US-based interior design web site, has disclosed a data breach after a hacker posted a database containing 1.3 million user records for free on a hacker forum. Havenly is an online interior design and home decoration site where users can get help designing a room in their house from certified designers. Last week, BleepingComputer reported that the ShinyHunters hacking group had leaked the databases for 18 companies on a hacker forum for free. These databases contained a combined total of 386 million user records.

Incognito Mode May Not Work the Way You Think It Does

www.wired.com/story/incognito-mode-explainer/ NO MATTER WHICH browser you preferChrome, Firefox, Edge, Safari, Opera, or any of the othersit will almost certainly offer an incognito or private mode, one which ostensibly keeps your web browsing secret. (Google Chrome still shows a hat-and-glasses icon when you go incognito, as if you’re now in disguise.). Incognito or private mode does indeed keep certain aspects of your browsing private, but it’s important to be aware of what it hides and erases from your computer or phone and what it doesn’t.

Microsoft has the highest rate of zero-days detected in the wild, but not all is as it seems

portswigger.net/daily-swig/microsoft-has-the-highest-rate-of-zero-days-detected-in-the-wild-but-not-all-is-as-it-seems When zero-day vulnerabilities are discovered, direct disclosure to vendors usually results in rapid patch development. However, not every hacker wears a white hat, and in some cases, security flaws may be actively exploited for criminal or financial gain. Alternatively, as in the case of the US National Security Agencys Eternal Blue exploit, these high-value, unpatched vulnerabilities may be reserved for government surveillance and other covert purposes.

You might be interested in …

Daily NCSC-FI news followup 2020-04-28

WordPress plugin bug lets hackers create rogue admin accounts www.bleepingcomputer.com/news/security/wordpress-plugin-bug-lets-hackers-create-rogue-admin-accounts/ WordPress owners are advised to secure their websites by updating the Real-Time Find and Replace plugin to prevent attackers from injecting malicious code into their sites and creating rogue admin accounts by exploiting a Cross-Site Request Forgery flaw. The security vulnerability is a Cross-Site Request […]

Read More

Daily NCSC-FI news followup 2019-07-20

Iran-Linked APT34 Invites Victims to LinkedIn for Fresh Malware Infections threatpost.com/iran-apt34-linkedin-malware/146575/ The group was posing as a researcher from Cambridge, and was found to have added three new malware families to its spy arsenal. A recent phishing campaign by Iran-linked threat actor APT34 made use of a savvy approach: Asking victims to join their social […]

Read More

Daily NCSC-FI news followup 2021-04-02

FBI-CISA Joint Advisory on Exploitation of Fortinet FortiOS Vulnerabilities us-cert.cisa.gov/ncas/current-activity/2021/04/02/fbi-cisa-joint-advisory-exploitation-fortinet-fortios The Federal Bureau of Investigation (FBI) and CISA have released a Joint Cybersecurity Advisory (CSA) to warn users and administrators of the likelihood that advanced persistent threat (APT) actors are actively exploiting known Fortinet FortiOS vulnerabilities CVE-2018-13379, CVE-2020-12812, and CVE-2019-5591. FBI and CISA warn of […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.