Daily NCSC-FI news followup 2021-01-17

BugTraq Will Continue: Strong internal and community feedback cancels termination

www.securityfocus.com/archive/1/542248

CISA Publishes 2020 Chemical Security Presentations

www.cisa.gov/chemical-security-summit Topic include: cyber and physical security in manufacturing, cybersecurity evaluation tool and others.

Researchers Disclose Undocumented Chinese Malware Used in Recent Attacks

thehackernews.com/2021/01/researchers-disclose-undocumented.html Cybersecurity researchers have disclosed a series of attacks by a threat actor of Chinese origin that has targeted organizations in Russia and Hong Kong with malware including a previously undocumented backdoor. Attributing the campaign to Winnti (or APT41), Positive Technologies dated the first attack to May 12, 2020, when the APT used LNK shortcuts to extract and run the malware payload. A second attack detected on May 30 used a malicious RAR archive file consisting of shortcuts to two bait PDF documents claimed to be a curriculum vitae and an IELTS certificate.

Apple Kills MacOS Feature Allowing Apps to Bypass Firewalls

threatpost.com/apple-kills-macos-feature-allowing-apps-to-bypass-firewalls/163099/ The feature, first uncovered in November in a beta release of the macOS Big Sur feature, was called “ContentFilterExclusionList” and included a list of at least 50 Apple apps including Maps, Music, FaceTime, the App Store and its software update service. It has been recently removed in macOS Big Sur versions 11.2, Apple experts pointed out this week.

Windows Finger command abused by phishing to download malware

www.bleepingcomputer.com/news/security/windows-finger-command-abused-by-phishing-to-download-malware/ In September, we reported that security researchers discovered a way to use Finger as a way to download malware from a remote computer or exfiltrate data. This week, security researcher Kirk Sayre found a phishing campaign utilizing the Finger command to download the MineBridge backdoor malware.

A security researcher commandeered a Congo’s expired top-level domain nameserver’s domain to save it from hackers

techcrunch.com/2021/01/15/congo-comandeered/ In the end, the Congolese government didn’t bother asking for the domain back. It spun up an entirely new but similarly named domain scpt-network.net to replace the one now in Almroth’s possession.. The domain – scpt-network.com – was one of two nameservers for the.cd country code top-level domain, assigned to the Democratic Republic of Congo. If it fell into the wrong hands, an attacker could redirect millions of unknowing internet users to rogue websites of their choosing

You might be interested in …

Daily NCSC-FI news followup 2019-12-11

How we turned 5G into 5k medium.com/sensorfu/how-we-turned-5g-into-5k-a8636b549248 Hacking is a good way to learn and hackathons are a great place to learn with other like-minded people. And that was exactly what we had in mind when we invited our friends and signed in as a team to the first 5G hackathon in the world. We […]

Read More

Daily NCSC-FI news followup 2020-08-03

EU imposes the first ever sanctions against cyber-attacks www.consilium.europa.eu/en/press/press-releases/2020/07/30/eu-imposes-the-first-ever-sanctions-against-cyber-attacks/ The Council today decided to impose restrictive measures against six individuals and three entities responsible for or involved in various cyber-attacks. These include the attempted cyber-attack against the OPCW (Organisation for the Prohibition of Chemical Weapons) and those publicly known as ‘WannaCry’, ‘NotPetya’, and ‘Operation Cloud […]

Read More

Daily NCSC-FI news followup 2020-03-07

New AMD Side Channel Attacks Discovered, Impacts Zen Architecture www.tomshardware.com/news/new-amd-side-channel-attacks-discovered-impacts-zen-architecture A new paper released by the Graz University of Technology details two new “Take A Way” attacks, Collide+Probe and Load+Reload, that can leak secret data from AMD processors by manipulating the L1D cache predictor. The researchers claim that the vulnerability impacts all AMD processors from […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.