Daily NCSC-FI news followup 2020-10-11

Settings That Impact The Windows OS

windowsir.blogspot.com/2020/10/settings-that-impact-windows-os.html There are a number of settings within Windows systems that can and do significantly impact the functionality of Windows, and as a result, can also impact what is available to a DFIR analyst. These settings very often manifest as modifications to Registry keys or values. These settings also make excellent targets for threat hunting, as well.

Kud I Enter Your Server? New Vulnerabilities in Microsoft Azure

www.intezer.com/blog/cloud-security/kud-i-enter-your-server-new-vulnerabilities-in-microsoft-azure/ We discovered two vulnerabilities in Microsoft Azure. They existed in a popular cloud service called Azure App Services – specifically impacting Linux servers – and should be on the radar of enterprise organizations that use cloud resources. The first vulnerability enabled an attacker with access to the server to take over the App Service’s git repository and implant phishing pages accessible through the Azure Portal. The second vulnerability allowed an attacker with an existing low-severity vulnerability on the application (SSRF) to upgrade to full code execution on the App Service and trigger the first vulnerability.

The most common malicious email attachments infecting Windows

www.bleepingcomputer.com/news/security/the-most-common-malicious-email-attachments-infecting-windows/

This week in forensics – week 41/2020

thisweekin4n6.com/2020/10/11/week-41-2020/

Sveriges Radio hackade på Twitter

www.svt.se/nyheter/inrikes/sveriges-radio-hackade-pa-twitter Flera av Sveriges Radios konton på Twitter har hackats — ett antal märkliga och obscena inlägg postades under lördagen. Nu har Twitterkontona SR Ekot och SR Politik stängts ner.

You might be interested in …

Daily NCSC-FI news followup 2020-02-24

Operation DRBControl www.trendmicro.com/vinfo/us/security/news/cyber-attacks/operation-drbcontrol-uncovering-a-cyberespionage-campaign-targeting-gambling-companies-in-southeast-asia Uncovering a Cyberespionage Campaign Targeting Gambling Companies in Southeast Asia. The DRBControl campaign attacks its targets using a variety of malware and techniques that coincide with those used in other known cyberespionage campaigns. EU Commission to staff: Switch to Signal messaging app www.politico.eu/pro/eu-commission-to-staff-switch-to-signal-messaging-app/ The European Commission has told its staff to start […]

Read More

Daily NCSC-FI news followup 2021-04-12

Israel appears to confirm it carried out cyberattack on Iran nuclear facility www.theguardian.com/world/2021/apr/11/israel-appears-confirm-cyberattack-iran-nuclear-facility Israel appeared to confirm claims that it was behind a cyber-attack on Irans main nuclear facility on Sunday, which Tehrans nuclear energy chief described as an act of terrorism that warranted a response against its perpetrators. Sisä-Suomen poliisilaitoksella on tutkittavana useita WhatsApp-sovelluksen […]

Read More

Daily NCSC-FI news followup 2020-10-16

Microsoft issues out-of-band Windows security updates for RCE bugs www.bleepingcomputer.com/news/security/microsoft-issues-out-of-band-windows-security-updates-for-rce-bugs/ Microsoft has released two out-of-band security updates designed to address remote code execution (RCE) bugs found to affect Visual Studio Code and the Microsoft Windows Codecs Library. Alert: Risk of SharePoint vulnerability to UK organisations www.ncsc.gov.uk/news/sharepoint-vulnerability-uk-organisations The NCSC is raising awareness of a new remote […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.