Daily NCSC-FI news followup 2020-09-13

BLINDSIDE – A Speculative Execution Attack

www.vusec.net/projects/blindside/ BlindSide allows attackers to hack blind in the Spectre era. That is, given a simple buffer overflow in the kernel and no additional info leak vulnerability, BlindSide can mount BROP-style attacks in the speculative execution domain to repeatedly probe and derandomize the kernel address space, craft arbitrary memory read gadgets, and enable reliable exploitation.. POC video https://www.youtube.com/watch?v=m-FUIZiRN5o. whitepaper

download.vusec.net/papers/blindside_ccs20.pdf

Leaky server exposes users of dating site network

www.zdnet.com/article/leaky-server-exposes-users-of-dating-site-network/ Personal details of hundreds of thousands of dating site users were temporarily exposed online earlier this month.

How to enable DNS-over-HTTPS (DoH) on Windows

www.bleepingcomputer.com/news/microsoft/how-to-enable-dns-over-https-doh-on-windows/ DNS-over-HTTPS (DoH) allows DNS resolution to be performed via the HTTPS protocol rather than through the normal plain text DNS lookups.

You might be interested in …

Daily NCSC-FI news followup 2019-11-29

Europol Shuts Down ‘Imminent Monitor’ RAT Operations With 13 Arrests thehackernews.com/2019/11/europol-imminent-monitor-rat.html In a coordinated International law enforcement operation, Europol today announced to shut down the global organized cybercrime network behind Imminent Monitor RAT, yet another hacking tool that allows cybercriminals to gain complete control over a victim’s computer remotely.. see also www.europol.europa.eu/newsroom/news/international-crackdown-rat-spyware-which-takes-total-control-of-victims%E2%80%99-pcs The Olympics Goes […]

Read More

Daily NCSC-FI news followup 2021-01-22

Weekly Threat Report 22nd January 2021 www.ncsc.gov.uk/report/weekly-threat-report-22nd-january-2021 The NCSC’s weekly threat report is drawn from recent open source reporting. A look at the NIS 2.0 Recitals cert.at/en/blog/2021/1/nis2-recitals-feedback Cyber Criminals Leave Stolen Phishing Credentials in Plain Sight blog.checkpoint.com/2021/01/21/cyber-criminals-leave-stolen-phishing-credentials-in-plain-sight/ Check Point Research recently joined forces with Otorio to analyze and take a deep dive into a large […]

Read More

Daily NCSC-FI news followup 2020-04-04

Zoomed In: A Look into a Coinminer Bundled with Zoom Installer blog.trendmicro.com/trendlabs-security-intelligence/zoomed-in-a-look-into-a-coinminer-bundled-with-zoom-installer/ We found a Coinminer bundled with the legitimate installer of video conferencing app Zoom, luring users who want to install the software but end up unwittingly downloading a malicious file. The compromised files are not from Zooms official download center, and are assumed […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.