Daily NCSC-FI news followup 2020-11-08

Office 365 will let admins review Microsoft Forms phishing attempts

www.bleepingcomputer.com/news/security/office-365-will-let-admins-review-microsoft-forms-phishing-attempts/ Microsoft is working on adding a new Microsoft Forms phishing attempt review feature that will allow Office 365 admins to confirm and block forms that try to maliciously harvest sensitive data.

Winning hacker team pockets $744, 500 at the Tianfu Cup, China’s top hacking contest

www.zdnet.com/article/windows-10-ios-chrome-and-many-others-fall-at-chinas-top-hacking-contest Many of today’s top software programs have been hacked using new and never-before-seen exploits at this year’s edition of the Tianfu Cup China’s largest and most prestigious hacking competition.

Many websites will stop working on older Android versions in 2021

www.androidpolice.com/2020/11/07/many-websites-will-stop-working-on-older-android-versions-in-2021 It took a long time, but most of the web now uses HTTPS to securely transmit information, partially thanks to a push by Google. However, this does mean that many websites could encounter issues (or fail to load entirely) if the proper certificates aren’t installed on your device, which is exactly what will happen to older Android devices next year. Lisäksi:

www.forbes.com/sites/daveywinder/2020/11/08/android-user-alert-how-to-stop-220-million-websites-from-breaking-in-2021/

Cryptojacking Targeting WebLogic TCP/7001

isc.sans.edu/diary/rss/26768 This past week got some interesting logs targeting TCP/7001 (WebLogic CVE-2020-14882 – see previous diary) looking to download and launch a shell script to install various cryptominer on the target. The shell script target SELINUX compatible hosts likely CentOS/RedHat, Ubuntu, etc to install various cryptominer applications.

You might be interested in …

Daily NCSC-FI news followup 2020-05-25

Don’t Be Fooled by Covid-19 Contact-Tracing Scams www.wired.com/story/covid-19-contact-tracing-scams/ Fraudsters have found yet another way to take advantage of the pandemic. Fresh UK review into Huawei role in 5G networks www.bbc.com/news/business-52792587 The UK government is conducting a new review into the impact of allowing Huawei telecoms equipment to be used in British 5G networks. The National […]

Read More

Daily NCSC-FI news followup 2020-03-10

Microsoft Hijacks Necurs Botnet that Infected 9 Million PCs Worldwide thehackernews.com/2020/03/necurs-botnet-takedown.html Microsoft today announced that it has successfully disrupted the botnet network of the Necurs malware, which has infected more than 9 million computers globally, and also hijacked the majority of its infrastructure. Fingridin kumppani joutui tietomurron uhriksi Verkot ovat hyvin suojassa edelleen www.is.fi/digitoday/tietoturva/art-2000006434452.html Hyökkäys […]

Read More

Daily NCSC-FI news followup 2021-06-05

Attackers are scanning for vulnerable VMware servers, patch now! www.bleepingcomputer.com/news/security/attackers-are-scanning-for-vulnerable-vmware-servers-patch-now/ Threat actors are actively scanning for Internet-exposed VMware vCenter servers unpatched against a critical remote code execution (RCE) vulnerability impacting all vCenter deployments and patched by VMware ten days ago. The ongoing scanning activity was spotted by threat intelligence company Bad Packets yesterday and confirmed […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.