Daily NCSC-FI news followup 2020-10-11

Settings That Impact The Windows OS

windowsir.blogspot.com/2020/10/settings-that-impact-windows-os.html There are a number of settings within Windows systems that can and do significantly impact the functionality of Windows, and as a result, can also impact what is available to a DFIR analyst. These settings very often manifest as modifications to Registry keys or values. These settings also make excellent targets for threat hunting, as well.

Kud I Enter Your Server? New Vulnerabilities in Microsoft Azure

www.intezer.com/blog/cloud-security/kud-i-enter-your-server-new-vulnerabilities-in-microsoft-azure/ We discovered two vulnerabilities in Microsoft Azure. They existed in a popular cloud service called Azure App Services – specifically impacting Linux servers – and should be on the radar of enterprise organizations that use cloud resources. The first vulnerability enabled an attacker with access to the server to take over the App Service’s git repository and implant phishing pages accessible through the Azure Portal. The second vulnerability allowed an attacker with an existing low-severity vulnerability on the application (SSRF) to upgrade to full code execution on the App Service and trigger the first vulnerability.

The most common malicious email attachments infecting Windows

www.bleepingcomputer.com/news/security/the-most-common-malicious-email-attachments-infecting-windows/

This week in forensics – week 41/2020

thisweekin4n6.com/2020/10/11/week-41-2020/

Sveriges Radio hackade på Twitter

www.svt.se/nyheter/inrikes/sveriges-radio-hackade-pa-twitter Flera av Sveriges Radios konton på Twitter har hackats — ett antal märkliga och obscena inlägg postades under lördagen. Nu har Twitterkontona SR Ekot och SR Politik stängts ner.

You might be interested in …

Daily NCSC-FI news followup 2019-09-10

Business Email Compromise Is a $26 Billion Scam Says the FBI www.bleepingcomputer.com/news/security/business-email-compromise-is-a-26-billion-scam-says-the-fbi/ FBI’s Internet Crime Complaint Center (IC3) says that Business Email Compromise (BEC) scams are continuing to grow every year, with a 100% increase in the identified global exposed losses between May 2018 and July 2019. 281 Arrested in Worldwide Business Email Compromise Crackdown […]

Read More

Daily NCSC-FI news followup 2019-07-07

Libra Cryptocurrency Scams Already Active Ahead Of 2020 Launch www.bleepingcomputer.com/news/security/libra-cryptocurrency-scams-already-active-ahead-of-2020-launch/ No sooner had Facebook announced Libra cryptocurrency and the matching digital Calibra wallet that cybercriminals tried to get a head start on a new phishing theme. Europe Built a System to Fight Russian Meddling. Its Struggling. www.nytimes.com/2019/07/06/world/europe/europe-russian-disinformation-propaganda-elections.html TWITTER’S DISINFORMATION DATA DUMPS ARE HELPFULTO A POINT […]

Read More

Daily NCSC-FI news followup 2020-06-05

Trump, Biden Campaign Staffers Targeted By APT Phishing Emails threatpost.com/trump-biden-campaign-apt-phishing-emails/156319/ Google TAG researchers warn that APTs are targeting campaign staffers for both Donald Trump and Joe Biden with phishing emails.. Huntley said that the Iran-linked APT targeting Bidens campaign staff was APT 31 (also known as Zirconium). According to reports, this threat actor is tied […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.