Categories
NCSC-FI News followup

Daily NCSC-FI news followup 2020-09-12

IT staffing firm Artech says ransomware attack led to data breach

www.bleepingcomputer.com/news/security/it-staffing-firm-artech-says-ransomware-attack-led-to-data-breach/ Artech Information Systems, one of the largest US IT staffing companies, has disclosed a data breach caused by a ransomware attack that affected some of its systems during early January 2020.

Its No Giggle: Managing Expectations for Vulnerability Disclosure

threatpost.com/giggle-managing-expectations-vulnerability-disclosure/159039/ Vulnerability-disclosure policies (VDPs), if done right, can help provide clarity and clear guidelines to both bug-hunters and vendors when it comes to going public with security flaws.

Fairfax County schools hit by Maze ransomware, student data leaked

www.bleepingcomputer.com/news/security/fairfax-county-schools-hit-by-maze-ransomware-student-data-leaked/ Fairfax County Public Schools (FCPS), the 10th largest school division in the US, was recently hit by ransomware according to an official statement published on Friday evening.

Researcher kept a major Bitcoin bug secret for two years to prevent attacks

www.zdnet.com/article/researcher-kept-a-major-bitcoin-bug-secret-for-two-years-to-prevent-attacks/ The INVDoS bug would have allowed attackers to crash Bitcoin nodes and other similar blockchains.

Don’t pay the ransom, mate. Don’t even fix a price, say Australia’s cyber security bods

www.theregister.com/2020/09/12/follow_security_basics_and_you/ Most online attacks could be easily avoided by following basic cyber security advice, Australias national cyber security bureau has said even as it warned that the impact and severity of things like ransomware attacks are getting worse and worse.

Office 365 Phishing Attack Leverages Real-Time Active Directory Validation

threatpost.com/office-365-phishing-attack-leverages-real-time-active-directory-validation/159188/ Attackers check the victims Office 365 credentials in real time as they are typed into the phishing landing page, by using authentication APIs.

Office Documents with Embedded Objects

isc.sans.edu/forums/diary/Office+Documents+with+Embedded+Objects/26558/

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.