Daily NCSC-FI news followup 2020-10-11

Settings That Impact The Windows OS

windowsir.blogspot.com/2020/10/settings-that-impact-windows-os.html There are a number of settings within Windows systems that can and do significantly impact the functionality of Windows, and as a result, can also impact what is available to a DFIR analyst. These settings very often manifest as modifications to Registry keys or values. These settings also make excellent targets for threat hunting, as well.

Kud I Enter Your Server? New Vulnerabilities in Microsoft Azure

www.intezer.com/blog/cloud-security/kud-i-enter-your-server-new-vulnerabilities-in-microsoft-azure/ We discovered two vulnerabilities in Microsoft Azure. They existed in a popular cloud service called Azure App Services – specifically impacting Linux servers – and should be on the radar of enterprise organizations that use cloud resources. The first vulnerability enabled an attacker with access to the server to take over the App Service’s git repository and implant phishing pages accessible through the Azure Portal. The second vulnerability allowed an attacker with an existing low-severity vulnerability on the application (SSRF) to upgrade to full code execution on the App Service and trigger the first vulnerability.

The most common malicious email attachments infecting Windows

www.bleepingcomputer.com/news/security/the-most-common-malicious-email-attachments-infecting-windows/

This week in forensics – week 41/2020

thisweekin4n6.com/2020/10/11/week-41-2020/

Sveriges Radio hackade på Twitter

www.svt.se/nyheter/inrikes/sveriges-radio-hackade-pa-twitter Flera av Sveriges Radios konton på Twitter har hackats — ett antal märkliga och obscena inlägg postades under lördagen. Nu har Twitterkontona SR Ekot och SR Politik stängts ner.

You might be interested in …

Daily NCSC-FI news followup 2019-08-31

VLAN as an additional security layer www.kaspersky.com/blog/vlan-security/28253/ Every company has employees who handle large volumes of external e-mail. HR officers, PR managers, and salespeople are a few common examples. In addition to their regular mail, they receive a lot of spam, phishing messages, and malicious attachments. Moreover, the nature of their work requires them to […]

Read More

Daily NCSC-FI news followup 2019-11-17

Indian officials acknowledged on October 30th that a cyberattack occurred at the countrys Kudankulam nuclear power plant. thebulletin.org/2019/11/lessons-from-the-cyberattack-on-indias-largest-nuclear-power-plant/ While reactor operations at Kudankulam were reportedly unaffected, this incident should serve as yet another wake-up call that the nuclear power industry needs to take cybersecurity more seriously.. The problem of cybersecurity is not new to the […]

Read More

Daily NCSC-FI news followup 2021-04-25

VPN Hacks Are a Slow-Motion Disaster www.wired.com/story/vpn-hacks-pulse-secure-espionage/ Recent spying attacks against Pulse Secure VPN are just the latest example of a long-simmering cybersecurity meltdown. Hacking campaign targets FileZen file-sharing network appliances therecord.media/hacking-campaign-targets-filezen-file-sharing-network-appliances/ Threat actors are using two vulnerabilities in a popular file-sharing server to breach corporate and government systems and steal sensitive data as part […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.