Daily NCSC-FI news followup 2020-09-08

Microsoft September 2020 Patch Tuesday fixes 129 vulnerabilities

www.zdnet.com/article/microsoft-september-2020-patch-tuesday-fixes-129-vulnerabilities/ Twenty critical remote code execution bugs have been patched this month, including in Windows and SharePoint enterprise servers. See also: isc.sans.edu/diary/rss/26544

Critical Adobe Flaws Allow Attackers to Run JavaScript in Browsers

threatpost.com/critical-adobe-flaws-attackers-javascript-browsers/159026/ Adobe patched 11 bugs overall in its Experience Manager; five of those are rated critical severity, and the rest are “important” severity. The critical flaws are all XSS glitches

Intel fixes critical flaw in corporate remote management platform

www.bleepingcomputer.com/news/security/intel-fixes-critical-flaw-in-corporate-remote-management-platform/ Intel today addressed nine security vulnerabilities with the release of the September 2020 Platform Update, one of them being a critical flaw impacting the Active Management Technology (AMT) and Intel Standard Manageability (ISM) platforms. See also:

www.intel.com/content/www/us/en/security-center/default.html

Researcher reveals Google Maps XSS bug, patch bypass

www.zdnet.com/article/researcher-reveals-google-maps-xss-bug-patch-bypass/ The bounty was doubled after the bug bounty hunter realized the original fix had failed.

France, Japan, New Zealand warn of sudden spike in Emotet attacks

www.zdnet.com/article/france-japan-new-zealand-warn-of-sudden-spike-in-emotet-attacks/ N.B. In addition to the countries mentioned in the article Finland and Norway have also released warnings about Emotet activity in recent weeks. NCSC-FI:

www.kyberturvallisuuskeskus.fi/en/emotet-malware-actively-spread-finland. NorCERT:

nsm.no/fagomrader/digital-sikkerhet/nasjonalt-cybersikkerhetssenter/varsler-fra-ncsc/varsel-om-pagaende-emotet-kampanje

DoppelPaymer ransomware hits Newcastle University, leaks data

www.bleepingcomputer.com/news/security/doppelpaymer-ransomware-hits-newcastle-university-leaks-data/

Cryptobugs Found in Numerous Google Play Store Apps

threatpost.com/cryptobugs-found-in-numerous-google-play-store-apps/159013/ A new dynamic tool developed by Columbia University researchers flagged cryptography mistakes made in more than 300 popular Android apps. Academics from Columbia University developed a custom tool, CRYLOGGER, that analyzes Android applications for unsafe use of cryptographic code according to 26 basic cryptography rules. Those rules include avoiding the use of: broken hash functions, bad passwords, reusing passwords multiple times, HTTP URL connections or a “badly-derived” key for encryption.