Daily NCSC-FI news followup 2020-09-20

Hackers leak details of 1,000 high-ranking Belarus police officers

www.zdnet.com/article/hackers-leak-details-of-1000-high-ranking-belarus-police-officers/ A group of hackers has leaked on Saturday the names and personal details of more than 1,000 high-ranking Belarusian police officers in response to violent police crackdowns against anti-government demonstrations. The leaked data included names, dates of birth, and the officers’ departments and job titles.

Google App Engine feature abused to create unlimited phishing pages

www.bleepingcomputer.com/news/security/google-app-engine-feature-abused-to-create-unlimited-phishing-pages/ A newly discovered technique by a researcher shows how Google’s App Engine domains can be abused to deliver phishing and malware while remaining undetected by leading enterprise security products. Google App Engine is a cloud-based service platform for developing and hosting web apps on Google’s servers. While reports of phishing campaigns leveraging enterprise cloud domains are nothing new, what makes Google App Engine infrastructure risky in how the subdomains get generated and paths are routed.

The Cybersecurity Threat No One Talks About Is A Simple Code

www.forbes.com/sites/louiscolumbus/2020/09/20/the-cybersecurity-threat-no-one-talks-about-is-a-simple-code/ QR codes are going through a renaissance today. All businesses are focusing on how they can protect employees, customers and suppliers during the pandemic by adopting touchless transactions and services to provide a safer, more streamlined buying experience. Fraudsters are quick to capitalize on the opportunity QR codes soaring popularity present too. Combining social engineering with QR codes that can be created in a second, fraudsters are using them to open victims bank accounts and drain it within seconds, install malware, penetrate entire corporate networks and more.

Analysis of a Salesforce Phishing Emails

isc.sans.edu/forums/diary/Analysis+of+a+Salesforce+Phishing+Emails/26582/ Over the past week, I have noticed several phishing emails linked to Salesforce asking to confirm the recipients email address.

You might be interested in …

Daily NCSC-FI news followup 2019-10-15

Linux SUDO Bug Lets You Run Commands as Root, Most Installs Unaffected www.bleepingcomputer.com/news/linux/linux-sudo-bug-lets-you-run-commands-as-root-most-installs-unaffected/ A vulnerability in the Linux sudo command has been discovered that could allow unprivileged users to execute commands as root. Thankfully, this vulnerability only works in non-standard configurations and most Linux servers are unaffected. Building China’s Comac C919 airplane involved a lot […]

Read More

Daily NCSC-FI news followup 2020-03-31

Trends in Internet Exposure blog.shodan.io/trends-in-internet-exposure/ More companies are going remote due to COVID-19 and as a result there’s been a lot of speculation around how this impacts the exposure of companies and the Internet as a whole (in terms of publicly-accessible services). I was actually already working on creating trends for various services due to […]

Read More

Daily NCSC-FI news followup 2019-09-06

Critical Exim TLS Flaw Lets Attackers Remotely Execute Commands as Root www.bleepingcomputer.com/news/security/critical-exim-tls-flaw-lets-attackers-remotely-execute-commands-as-root/ The bug allows local or unauthenticated remote attackers to execute programs with root privileges on servers that accept TLS connections. Metasploit team releases BlueKeep exploit www.zdnet.com/article/metasploit-team-releases-bluekeep-exploit/ Metasploit BlueKeep module can achieve code execution, is easy to use.. BlueKeep, also known as CVE-2019-0708, is […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.