Daily NCSC-FI news followup 2020-09-07

Windows 10 low-effort zero-day in Hyper-V / Windows Sandbox enabled computers

www.bleepingcomputer.com/news/security/windows-10-sandbox-activation-enables-zero-day-vulnerability/ A reverse engineer discovered a new zero-day vulnerability in most Windows 10 editions, which allows creating files in restricted areas of the operating system – e.g. under system32. The researcher told BleepingComputer that the vulnerable component is ‘storvsp.sys’ (Storage VSP – Virtualization Service Provider), a server-side Hyper-V component.

Chilean bank shuts down all branches following ransomware attack

www.zdnet.com/article/chilean-bank-shuts-down-all-branches-following-ransomware-attack/ All BancoEstado branches will remain closed on Monday, September 7, and possibly more days. Details about the attack have not been made public, but a source close to the investigation told ZDNet that the bank’s internal network was infected with the REvil (Sodinokibi) ransomware.

Money from bank hacks rarely gets laundered through cryptocurrencies

www.zdnet.com/article/money-from-bank-hacks-rarely-gets-laundered-through-cryptocurrencies/ Despite being considered a cybercrime haven, cryptocurrencies play a very small role in laundering funds obtained from bank hacks; the SWIFT financial organization said in a report last week. These funds are usually laundered using an assortment of techniques, such as money mules, front companies, cash businesses, cryptocurrencies, and investments back into other forms of crime. Some groups might rely on one technique, while others may combine multiple.

New PIN Verification Bypass Flaw Affects Visa Contactless Payments

thehackernews.com/2020/09/emv-payment-card-pin-hacking.html The research, published by a group of academics from the ETH Zurich, is a PIN bypass attack that allows the adversaries to leverage a victim’s stolen or lost credit card for making high-value purchases without knowledge of the card’s PIN, and even trick a point of sale (PoS) terminal into accepting an unauthentic offline card transaction. This, however, doesn’t impact Mastercard, American Express, and JCB. Research: emvrace.github.io/

FCC estimates it’ll cost $1.8B to remove Huawei, ZTE equipment from US networks

www.cnet.com/news/fcc-estimates-itll-cost-1-8b-to-remove-huawei-zte-equipment-from-us-networks/ The two Chinese tech giants have been designated national security threats.

Samsung scores $6.6bn for 5G at Verizon

www.theregister.com/2020/09/07/samsung_wins_verizon_5g/ Samsung Electronics has won a $6.6bn contract to supply 5G infrastructure to Verizon in the US, beating out more established and traditional telco suppliers Nokia and Ericsson.

You might be interested in …

Daily NCSC-FI news followup 2020-11-29

Hacker Lexicon: What Is the Signal Encryption Protocol? www.wired.com/story/signal-encryption-protocol-hacker-lexicon/ LAST WEEK, WITH little fanfare, Google announced a change that could soon make its 2 billion Android users worldwide far harder to surveil: The tech giant says it’s rolling out a beta version of its Android messaging app that will now use end-to-end encryption by default. […]

Read More

Daily NCSC-FI news followup 2020-04-22

Google Sees State-Sponsored Hackers Ramping Up Coronavirus Attacks www.wired.com/story/google-state-sponsored-hackers-coronavirus-phishing-malware/ More than 12 government-backed groups are using the pandemic as cover for digital reconnaissance and espionage, according to a new report. Report: blog.google/technology/safety-security/threat-analysis-group/findings-covid-19-and-online-security-threats/ Chinese Agents Helped Spread Messages That Sowed Virus Panic in U.S., Officials Say www.nytimes.com/2020/04/22/us/politics/coronavirus-china-disinformation.html American officials were alarmed by fake text messages and […]

Read More

Daily NCSC-FI news followup 2020-09-12

IT staffing firm Artech says ransomware attack led to data breach www.bleepingcomputer.com/news/security/it-staffing-firm-artech-says-ransomware-attack-led-to-data-breach/ Artech Information Systems, one of the largest US IT staffing companies, has disclosed a data breach caused by a ransomware attack that affected some of its systems during early January 2020. Its No Giggle: Managing Expectations for Vulnerability Disclosure threatpost.com/giggle-managing-expectations-vulnerability-disclosure/159039/ Vulnerability-disclosure policies (VDPs), […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.