Daily NCSC-FI news followup 2020-12-31

Adobe Flash Player is officially dead tomorrow

www.bleepingcomputer.com/news/security/adobe-flash-player-is-officially-dead-tomorrow/ Flash Player will reach its end of life (EOL) on January 1, 2021, after always being a security risk to those who have used it over the years. Lisäksi

www.bleepingcomputer.com/news/software/adobe-now-shows-alerts-in-windows-10-to-uninstall-flash-player/

What’s Next for Ransomware in 2021?

threatpost.com/ransomware-getting-ahead-inevitable-attack/162655/ Ransomware response demands a whole-of-business plan before the next attack, according to our roundtable of experts. Ransomware works. That’s the simplest way to explain why incidents of ransomware attacks have sharply increased over the last year with no end in sight. Lisäksi:

www.wired.com/story/ransomware-2020-headed-down-dire-path/

Ticketmaster fined $10 million for breaking into rival’s systems

www.bleepingcomputer.com/news/security/ticketmaster-fined-10-million-for-breaking-into-rival-s-systems/ Ticketmaster, a Live Nation subsidiary and a leading ticket distribution and sales company, was fined $10 million for illegally accessing the systems of competitor CrowdSurge using the credentials of one of its former employees.

Microsoft Internal Solorigate Investigation Update

msrc-blog.microsoft.com/2020/12/31/microsoft-internal-solorigate-investigation-update/ Our investigation into our own environment has found no evidence of access to production services or customer data. The investigation, which is ongoing, has also found no indications that our systems were used to attack others. We detected unusual activity with a small number of internal accounts and upon review, we discovered one account had been used to view source code in a number of source code repositories. The account did not have permissions to modify any code or engineering systems and our investigation further confirmed no changes were made. These accounts were investigated and remediated. Lisäksi

www.bleepingcomputer.com/news/security/microsoft-solarwinds-hackers-accessed-our-source-code/

You might be interested in …

Daily NCSC-FI news followup 2019-11-12

BlueKeep freakout had little to no impact on patching, say experts www.theregister.co.uk/2019/11/11/bluekeep_didnt_boost_patching/ According to SANS, those reports did not do much to get people motivated. The security institute says that the rate of BlueKeep-vulnerable boxes it tracks on Shodan has been on a pretty steady downward slope since May, and the media’s rush to sound […]

Read More

Daily NCSC-FI news followup 2020-08-13

Alert (AA20-225A) – Malicious Cyber Actor Spoofing COVID-19 Loan Relief Webpage via Phishing Emails us-cert.cisa.gov/ncas/alerts/aa20-225a The Cybersecurity and Infrastructure Security Agency (CISA) is currently tracking an unknown malicious cyber actor who is spoofing the Small Business Administration (SBA) COVID-19 loan relief webpage via phishing emails. These emails include a malicious link to the spoofed SBA […]

Read More

Daily NCSC-FI news followup 2020-11-11

Play Store identified as main distribution vector for most Android malware www.zdnet.com/article/play-store-identified-as-main-distribution-vector-for-most-android-malware The official Google Play Store has been identified as the primary source of malware installs on Android devices in a recent academic study considered the largest one of its kind carried out to date. Lisäksi: arxiv.org/pdf/2010.10088.pdf Facebook link preview feature used as a […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.