Daily NCSC-FI news followup 2020-12-12

Adobe releases final Flash Player update, warns of 2021 kill switch

www.bleepingcomputer.com/news/software/adobe-releases-final-flash-player-update-warns-of-2021-kill-switch/ After 24 years of fun games and abuse by threat actors, Adobe has released their final Flash Player update and thanked everyone for the fantastic content that they have released over the years. Starting in January 2021, all browser developers will remove Adobe Flash entirely from their browser or have already done so. Once it is removed, there will be no way to install Adobe Flash Player again.

Microsoft Office security updates fix critical SharePoint RCE bugs

www.bleepingcomputer.com/news/security/microsoft-office-security-updates-fix-critical-sharepoint-rce-bugs/ The highlights of this month’s Microsoft Office security updates are without a doubt the two RCE security bugs affecting Microsoft SharePoint. While the first one tracked as CVE-2020-17121 requires attackers to have basic user privileges for exploitation, the second one tracked as CVE-2020-17118 can be exploited remotely without authentication. For successfully exploiting CVE-2020-17118 in low complexity attacks, attackers are also required to trick targets into opening maliciously crafted Office files. Based on the information provided by Microsoft in the security advisory, CVE-2020-17118 proof-of-concept exploit code is also available (although probably shared privately)

Zero-day in WordPress SMTP plugin abused to reset admin account passwords

www.zdnet.com/article/zero-day-in-wordpress-smtp-plugin-abused-to-reset-admin-account-passwords/ A patch has been released earlier this week but many WordPress sites remained unpatched – as usual. The zero-day was used in attacks over the past weeks and was patched on Monday. It impacts Easy WP SMTP, a plugin that lets site owners configure the SMTP settings for their website’s outgoing emails. also:


Following FireEye Hack, Ensure These 16 Bugs Are Patched

www.bankinfosecurity.com/blogs/following-fireeye-hack-ensure-these-16-bugs-are-patched-p-2977 “The stolen tools range from simple scripts used for automating reconnaissance to entire frameworks that are similar to publicly available technologies such as Cobalt Strike and Metasploit, ” FireEye says. “Some of the tools are publicly available tools modified to evade basic security detection mechanisms. Other tools and frameworks were developed in-house for our red team.”

FBI confirms Zodiac Killer’s 340 cipher solved by trio of amateur math and software codebreakers

www.theregister.com/2020/12/12/zodiac_killers_cipher_solved/ A team of code breakers has solved a cipher attributed to the Zodiac Killer, a serial murderer known for a Northern California killing spree in the late 1960s who has still not been identified or apprehended.

You might be interested in …

Daily NCSC-FI news followup 2020-06-12

Slovak police found wiretapping devices connected to the Govnet government network securityaffairs.co/wordpress/104567/intelligence/slovak-govnet-network-wiretapping-devices.html Slovak police seized wiretapping devices connected to Govnet government network and arrested four individuals, including the head of a government agency. Power company Enel Group suffers Snake Ransomware attack www.bleepingcomputer.com/news/security/power-company-enel-group-suffers-snake-ransomware-attack/ European energy company giant Enel Group suffered a ransomware attack a few days […]

Read More

Daily NCSC-FI news followup 2019-07-11

(10.7.) Kemin tietoliikenneverkossa päällä pitkä vikatilanne ongelmia erityisesti terveyspalveluissa, kun potilastietoihin ei päästä käsiksi www.kaleva.fi/uutiset/pohjois-suomi/kemin-tietoliikenneverkossa-paalla-pitka-vikatilanne-ongelmia-erityisesti-terveyspalveluissa-kun-potilastietoihin-ei-paasta-kasiksi/823324/ Myös: www.radiopooki.fi/uutiset/lappi/a-181258 (Kemin tietoverkkoviat korjattu). Myös: www.kaleva.fi/uutiset/pohjois-suomi/kemin-kaupungin-tietoliikenneverkko-toimii-jalleen-normaalisti/823346/. Myös: www.kaleva.fi/uutiset/pohjois-suomi/kemia-riivanneen-tietoliikenneverkon-hairion-syy-saatiin-selvitettya/823367/. (Kemin kaupungin tiedote): www.kemi.fi/ajankohtaista/2019/07/11/kemin-kaupungin-tietoliikenneverkon-hairion-syy-ei-ollut-ulkopuolinen-hairinta/ Vulnerable GE anesthesia machines can be manipulated by attackers www.helpnetsecurity.com/2019/07/10/vulnerable-ge-anesthesia-machines/ A vulnerability affecting several anesthesia and respiratory devices manufactured by General Electric (GE) Healthcare could allow attackers […]

Read More

Daily NCSC-FI news followup 2020-01-11

An Empirical Study of Wireless Carrier Authentication for SIM Swaps www.issms2fasecure.com/ We examined the authentication procedures used by five prepaid wireless carriers when a customer attempts to change their SIM card, or SIM swap. We found that all five carriers use insecure authentication challenges that can easily be subverted by attackers. We found 17 websites […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.