Daily NCSC-FI news followup 2020-10-11

Settings That Impact The Windows OS

windowsir.blogspot.com/2020/10/settings-that-impact-windows-os.html There are a number of settings within Windows systems that can and do significantly impact the functionality of Windows, and as a result, can also impact what is available to a DFIR analyst. These settings very often manifest as modifications to Registry keys or values. These settings also make excellent targets for threat hunting, as well.

Kud I Enter Your Server? New Vulnerabilities in Microsoft Azure

www.intezer.com/blog/cloud-security/kud-i-enter-your-server-new-vulnerabilities-in-microsoft-azure/ We discovered two vulnerabilities in Microsoft Azure. They existed in a popular cloud service called Azure App Services – specifically impacting Linux servers – and should be on the radar of enterprise organizations that use cloud resources. The first vulnerability enabled an attacker with access to the server to take over the App Service’s git repository and implant phishing pages accessible through the Azure Portal. The second vulnerability allowed an attacker with an existing low-severity vulnerability on the application (SSRF) to upgrade to full code execution on the App Service and trigger the first vulnerability.

The most common malicious email attachments infecting Windows

www.bleepingcomputer.com/news/security/the-most-common-malicious-email-attachments-infecting-windows/

This week in forensics – week 41/2020

thisweekin4n6.com/2020/10/11/week-41-2020/

Sveriges Radio hackade på Twitter

www.svt.se/nyheter/inrikes/sveriges-radio-hackade-pa-twitter Flera av Sveriges Radios konton på Twitter har hackats — ett antal märkliga och obscena inlägg postades under lördagen. Nu har Twitterkontona SR Ekot och SR Politik stängts ner.

You might be interested in …

Daily NCSC-FI news followup 2019-11-18

How the Iranian Government Shut Off the Internet www.wired.com/story/iran-internet-shutoff/ Amid widespread demonstrations over rising gasoline prices, Iranians began experiencing internet slowdowns over the last few days that became a near-total internet and mobile data blackout on Saturday. The government is apparently seeing to silence protestors and quell unrest. So how does a country like Iran […]

Read More

Daily NCSC-FI news followup 2020-03-10

Microsoft Hijacks Necurs Botnet that Infected 9 Million PCs Worldwide thehackernews.com/2020/03/necurs-botnet-takedown.html Microsoft today announced that it has successfully disrupted the botnet network of the Necurs malware, which has infected more than 9 million computers globally, and also hijacked the majority of its infrastructure. Fingridin kumppani joutui tietomurron uhriksi Verkot ovat hyvin suojassa edelleen www.is.fi/digitoday/tietoturva/art-2000006434452.html Hyökkäys […]

Read More

Daily NCSC-FI news followup 2020-11-29

Hacker Lexicon: What Is the Signal Encryption Protocol? www.wired.com/story/signal-encryption-protocol-hacker-lexicon/ LAST WEEK, WITH little fanfare, Google announced a change that could soon make its 2 billion Android users worldwide far harder to surveil: The tech giant says it’s rolling out a beta version of its Android messaging app that will now use end-to-end encryption by default. […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.