Daily NCSC-FI news followup 2021-01-16

BugTraq Shutdown

www.securityfocus.com/archive/1/542247 At this time, resources for the BugTraq mailing list have not been prioritized, and this will be the last message to the list. The archive will be shut down January 31st, 2021. Also:

www.zdnet.com/article/iconic-bugtraq-security-mailing-list-shuts-down-after-27-years/

Massive stolen credit card shop Joker’s Stash shuts down

www.bleepingcomputer.com/news/security/massive-stolen-credit-card-shop-jokers-stash-shuts-down/ The administrator of Joker’s Stash, one of the longest-running marketplace for stolen credit cards, announced on Friday that they would permanently shut down the operation next month. The company says that Joker’s Stash added more than 40 million new card records over the past year, most of them from physical transactions at a point-of-sale. Gemini Advisory estimates that Joker’s Stash made more than $1 billion from selling stolen credit card data.

NSA Releases Guidance on Encrypted DNS in Enterprise Environments

us-cert.cisa.gov/ncas/current-activity/2021/01/15/nsa-releases-guidance-encrypted-dns-enterprise-environments The National Security Agency (NSA) has released an information sheet with guidance on adopting encrypted Domain Name System (DNS) over Hypertext Transfer Protocol over Transport Layer Security (HTTPS), referred to as DNS over HTTPS (DoH). When configured appropriately, strong enterprise DNS controls can help prevent many initial access, command and control, and exfiltration techniques used by threat actors. PDF:

media.defense.gov/2021/Jan/14/2002564889/-1/-1/0/CSI_ADOPTING_ENCRYPTED_DNS_U_OO_102904_21.PDF

Daily NCSC-FI news followup 2019-08-13

Attackers could use this coding bug to turn BIG-IP load balancers against organizations blog.f-secure.com/command-injection-in-f5-irules/ During a routine security assessment, F-Secure Senior Security Consultant Christoffer Jerkeby discovered that an obscure coding bug could allow attackers to exploit F5 Networks popular BIG-IP load balancer. Further research found that, following a successful exploit, an adversary could turn the […]

Daily NCSC-FI news followup 2021-05-06

Syväteknologiaa kehittävä Unikie kyberturvallisuusjärjestö FISCin jäseneksi: “Kaiken internet (IoE) ilman salattua tietoliikennettä on vastuuton” www.epressi.com/tiedotteet/ohjelmistoteollisuus/syvateknologiaa-kehittava-unikie-kyberturvallisuusjarjesto-fiscin-jaseneksi-kaiken-internet-ioe-ilman-salattua-tietoliikennetta-on-vastuuton.html tsuNAME – New DNS bug allows attackers to DDoS authoritative DNS servers www.bleepingcomputer.com/news/security/new-tsuname-dns-bug-allows-attackers-to-ddos-authoritative-dns-servers/ “What makes TsuNAME particularly dangerous is that it can be exploited to carry out DDoS attacks against critical DNS infrastructure like large TLDs or ccTLDs, potentially affecting […]

Daily NCSC-FI news followup 2020-05-31

Nettipetoksia tehnyt vangittiin www.poliisi.fi/tietoa_poliisista/tiedotteet/1/1/nettipetoksia_tehnyt_vangittiin_90541?language=fi Petokset ovat olleet enimmäkseen tyypillisiä nettipetoksia, joissa myydään olematonta tavaraa hyväuskoisille ihmisille lähinnä Tori.fi-sivustolla. Hacker leaks database of dark web hosting provider www.zdnet.com/article/hacker-leaks-database-of-dark-web-hosting-provider/ “This information could substantially help law enforcement track the individuals running or taking part in illegal activities on these darknet sites, ” Under the Breach told ZDNet. The […]