Daily NCSC-FI news followup 2020-12-12

Adobe releases final Flash Player update, warns of 2021 kill switch

www.bleepingcomputer.com/news/software/adobe-releases-final-flash-player-update-warns-of-2021-kill-switch/ After 24 years of fun games and abuse by threat actors, Adobe has released their final Flash Player update and thanked everyone for the fantastic content that they have released over the years. Starting in January 2021, all browser developers will remove Adobe Flash entirely from their browser or have already done so. Once it is removed, there will be no way to install Adobe Flash Player again.

Microsoft Office security updates fix critical SharePoint RCE bugs

www.bleepingcomputer.com/news/security/microsoft-office-security-updates-fix-critical-sharepoint-rce-bugs/ The highlights of this month’s Microsoft Office security updates are without a doubt the two RCE security bugs affecting Microsoft SharePoint. While the first one tracked as CVE-2020-17121 requires attackers to have basic user privileges for exploitation, the second one tracked as CVE-2020-17118 can be exploited remotely without authentication. For successfully exploiting CVE-2020-17118 in low complexity attacks, attackers are also required to trick targets into opening maliciously crafted Office files. Based on the information provided by Microsoft in the security advisory, CVE-2020-17118 proof-of-concept exploit code is also available (although probably shared privately)

Zero-day in WordPress SMTP plugin abused to reset admin account passwords

www.zdnet.com/article/zero-day-in-wordpress-smtp-plugin-abused-to-reset-admin-account-passwords/ A patch has been released earlier this week but many WordPress sites remained unpatched – as usual. The zero-day was used in attacks over the past weeks and was patched on Monday. It impacts Easy WP SMTP, a plugin that lets site owners configure the SMTP settings for their website’s outgoing emails. also:

blog.nintechnet.com/wordpress-easy-wp-smtp-plugin-fixed-zero-day-vulnerability/

Following FireEye Hack, Ensure These 16 Bugs Are Patched

www.bankinfosecurity.com/blogs/following-fireeye-hack-ensure-these-16-bugs-are-patched-p-2977 “The stolen tools range from simple scripts used for automating reconnaissance to entire frameworks that are similar to publicly available technologies such as Cobalt Strike and Metasploit, ” FireEye says. “Some of the tools are publicly available tools modified to evade basic security detection mechanisms. Other tools and frameworks were developed in-house for our red team.”

FBI confirms Zodiac Killer’s 340 cipher solved by trio of amateur math and software codebreakers

www.theregister.com/2020/12/12/zodiac_killers_cipher_solved/ A team of code breakers has solved a cipher attributed to the Zodiac Killer, a serial murderer known for a Northern California killing spree in the late 1960s who has still not been identified or apprehended.

You might be interested in …

Daily NCSC-FI news followup 2020-04-08

COVID-19 Exploited by Malicious Cyber Actors www.us-cert.gov/ncas/alerts/aa20-099a This alert provides information on exploitation by cybercriminal and advanced persistent threat (APT) groups of the current coronavirus disease 2019 (COVID-19) global pandemic. It includes a non-exhaustive list of indicators of compromise (IOCs) for detection as well as mitigation advice.. This is a joint alert from the United […]

Read More

Daily NCSC-FI news followup 2020-03-12

Critical Patch Released for ‘Wormable’ SMBv3 Vulnerability Install It ASAP! thehackernews.com/2020/03/patch-wormable-smb-vulnerability.html Microsoft today finally released an emergency software update to patch the recently disclosed very dangerous vulnerability in SMBv3 protocol that could let attackers launch wormable malware, which can propagate itself from one vulnerable computer to another automatically.. see also www.kyberturvallisuuskeskus.fi/fi/kriittinen-haavoittuvuus-microsoftin-smbv3-toteutuksessa 48K Windows Hosts Vulnerable […]

Read More

Daily NCSC-FI news followup 2019-11-08

Sure, we made your Wi-Fi routers phone home with telemetry, says Ubiquiti. What of it? www.theregister.co.uk/2019/11/07/ubiquiti_networks_phone_home/ Ubiquiti Networks is fending off customer complaints after emitting a firmware update that caused its UniFi wireless routers to quietly phone HQ with telemetry.. It all kicked off when the US-based manufacturer confirmed that a software update released this […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.