Daily NCSC-FI news followup 2020-12-24

Windows zero-day with bad patch gets new public exploit code

www.bleepingcomputer.com/news/security/windows-zero-day-with-bad-patch-gets-new-public-exploit-code/ Back in June, Microsoft released a fix for a vulnerability in the Windows operating system that enabled attackers to increase their permissions to kernel level on a compromised machine. The patch did not stick.. The issue, which advanced hackers exploited as a zero-day in May, is still exploitable but by a different method as security researchers demonstrate with publicly available proof-of-concept code.

Threat Advisory – DTLS Amplification Distributed Denial of Service Attack on Citrix ADC

support.citrix.com/article/CTX289674 Citrix is aware of a DDoS attack pattern impacting Citrix ADCs. As part of this attack, an attacker or bots can overwhelm the Citrix ADC DTLS network throughput, potentially leading to outbound bandwidth exhaustion. The effect of this attack appears to be more prominent on connections with limited bandwidth. . see also


FBI: Iran behind pro-Trump enemies of the people doxing site

www.bleepingcomputer.com/news/security/fbi-iran-behind-pro-trump-enemies-of-the-people-doxing-site/ Iranian cyber actors are likely behind a campaign that encouraged deadly violence against U.S. state officials certifying the 2020 election results.. Part of the operation was the creation of a website revealing personal information and photos of government officials and individuals in the private sector involved in the Presidential election.

Cyber Security Trends in 2021: Espionage Activities Increasingly Threatening

quointelligence.eu/2020/12/cyber-security-trends-in-2021/ The Cyber Threat Intelligence landscape in 2020 was defined by the COVID-19 pandemic, the continuing threat of ransomware attacks, as well as highly sophisticated espionage campaigns.

FreePBX developer Sangoma hit with Conti ransomware attack

www.bleepingcomputer.com/news/security/freepbx-developer-sangoma-hit-with-conti-ransomware-attack/ Sangoma disclosed a data breach after files were stolen during a recent Conti ransomware attack and published online.

Why The Russian Breach Of The Government Affects You

www.forbes.com/sites/waynerash/2020/12/24/why-the-russian-breach-of-the-government-affects-you/ By now you know that the US Government had their networks and data systems breached in a massive attack by a Russian intelligence services group calling itself Cozy Bear.

Paljastuiko paketista uusi puhelin? Aloita tekemällä nämä asiat

www.is.fi/digitoday/mobiili/art-2000007702331.html Etenkin Android-puhelinten tietoturva on syytä pitää ajan tasalla. Käyttäjän mahdollisuudet tähän ovat rajalliset, mutta heti käyttöönoton yhteydessä tarkistaa, onko puhelimeen saatavilla heti kättelyssä tietoturvapäivitystä.

You might be interested in …

Daily NCSC-FI news followup 2019-09-23

Dear network operators, please use the existing tools to fix security www.zdnet.com/article/dear-network-operators-please-use-the-existing-tools-to-fix-security/ Internet routing may well be a screaming car wreck, but a deployathon by the Asia Pacific Network Information Centre (APNIC) has shown how short, focused efforts can make a difference.. Routers use the Border Gateway Protocol (BGP) to tell each other the current […]

Read More

Daily NCSC-FI news followup 2019-12-16

Inside Evil Corp, a $100M Cybercrime Menace krebsonsecurity.com/2019/12/inside-evil-corp-a-100m-cybercrime-menace/ The U.S. Justice Department this month offered a $5 million bounty for information leading to the arrest and conviction of a Russian man indicted for allegedly orchestrating a vast, international cybercrime network that called itself Evil Corp and stole roughly $100 million from businesses and consumers. As […]

Read More

Daily NCSC-FI news followup 2020-06-03

Critical SAP ASE Flaws Allow Complete Control of Databases threatpost.com/critical-sap-ase-flaws-complete-control-databases/156239/ If exploited, the most severe flaws could give unprivileged users complete control of databases and in some cases even underlying operating systems – The most severe vulnerability, CVE-2020-6248, has a CVSS score of 9.1 out of 10. See also: wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=545396222. And also: www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/system-takeover-through-new-sap-ase-vulnerabilities/ Vulnerability Spotlight: […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.