Daily NCSC-FI news followup 2021-01-20

Tietoturva ei ole luksustuote

www.tivi.fi/uutiset/tv/465d7ff0-5446-4ca6-ac28-6d1850a26112 “Rahalla ei voi ostaa yrityksen sisäistä viestintää ja uskallusta myöntää virheet. Mikään määrä tietoturvatyökaluja ei pelasta, jos yrityksessä henkilöstö pelkää oman työnsä puolesta tai heitä ei oteta tosissaan virheen sattuessa kohdalle.”. “Lopulta monimutkaisiin ongelmiin ratkaisut voivat löytyä läheltä, omista työntekijöistä ja yrityksen omasta kulttuurista. Tietoturva on holistista ja sen pitäisi osallistuttaa kaikki yrityksen työntekijät ja johtoasemassa olevat henkilöt.”

Hacker leaks full database of 77 million Nitro PDF user records

www.bleepingcomputer.com/news/security/hacker-leaks-full-database-of-77-million-nitro-pdf-user-records/ Nitro is an application that helps create, edit, and sign PDFs and digital documents, an app that Nitro Software claims to have over 10, 000 business customers and roughly 1.8 million licensed users. A stolen database containing the email addresses, names, and passwords of more than 77 million records of Nitro PDF service users was leaked today for free. The 14GB leaked database contains 77, 159, 696 records with users’ email addresses, full names, bcrypt hashed passwords, titles, company names, IP addresses, and other system-related information.

Hacker posts 1.9 million Pixlr user records for free on forum

www.bleepingcomputer.com/news/security/hacker-posts-19-million-pixlr-user-records-for-free-on-forum/ Pixlr is a very popular and free online photo editing application with many of the same features found in a professional desktop photo editor like Photoshop. The alleged Pixlr database posted by ShinyHunters contains 1, 921, 141 user records consisting of email addresses, login names, SHA-512 hashed passwords, a user’s country, whether they signed up for the newsletter, and other internal information.

IObit forums hacked to spread ransomware to its members

www.bleepingcomputer.com/news/security/iobit-forums-hacked-to-spread-ransomware-to-its-members/ Windows utility developer IObit was hacked over the weekend to perform a widespread attack to distribute the strange DeroHE ransomware to its forum members.

NSA urges system administrators to replace obsolete TLS protocols

www.zdnet.com/article/nsa-urges-system-administrators-to-replace-obsolete-tls-protocols/ NSA recommends that only TLS 1.2 or TLS 1.3 be used; and that SSL 2.0, SSL 3.0, TLS 1.0, and TLS 1.1 not be used. Even if TLS 1.2 and TLS 1.3 are deployed, the NSA warns against configuring these two protocols with weak cryptographic parameters and cipher suites.

Bugs in Signal, Facebook, Google chat apps let attackers spy on users

www.bleepingcomputer.com/news/security/bugs-in-signal-facebook-google-chat-apps-let-attackers-spy-on-users/ Vulnerabilities found in multiple video conferencing mobile applications allowed attackers to listen to users’ surroundings without permission before the person on the other end picked up the calls. The logic bugs were found by Google Project Zero security researcher Natalie Silvanovich in the Signal, Google Duo, Facebook Messenger, JioChat, and Mocha messaging apps and are now all fixed.

Cisco fixes critical pre-auth bugs in SD-WAN, cloud license manager

www.bleepingcomputer.com/news/security/cisco-fixes-critical-pre-auth-bugs-in-sd-wan-cloud-license-manager/ Cisco has released security updates to address pre-auth remote code execution (RCE) vulnerabilities affecting multiple SD-WAN products and the Cisco Smart Software Manager software.

NCSC-UK: Technical report: Responsible use of the Border Gateway Protocol (BGP) for ISP interworking

www.ncsc.gov.uk/report/responsible-use-of-bgp-for-isp-interworking The guidance encourages operators to use the BGP in a predictable and rigorous way, making full use of Internet Registries such as RIPE. PDF:


You might be interested in …

Daily NCSC-FI news followup 2020-08-03

EU imposes the first ever sanctions against cyber-attacks www.consilium.europa.eu/en/press/press-releases/2020/07/30/eu-imposes-the-first-ever-sanctions-against-cyber-attacks/ The Council today decided to impose restrictive measures against six individuals and three entities responsible for or involved in various cyber-attacks. These include the attempted cyber-attack against the OPCW (Organisation for the Prohibition of Chemical Weapons) and those publicly known as ‘WannaCry’, ‘NotPetya’, and ‘Operation Cloud […]

Read More

Daily NCSC-FI news followup 2021-02-22

Jian The Chinese Double-edged Cyber Sword blog.checkpoint.com/2021/02/22/jian-the-chinese-double-edged-cyber-sword/ In the last few months, Check Point Research (CPR) focused on recent Windows Local Privilege Escalation (LPE) exploits attributed to Chinese actors. An LPE is used by attackers to acquire Administrator rights on a Windows machine. During this investigation, our malware and vulnerability researchers managed to unravel the […]

Read More

Daily NCSC-FI news followup 2019-08-15

Google Discloses 20-Year-Old Unpatched Flaw Affecting All Versions of Windows thehackernews.com/2019/08/ctfmon-windows-vulnerabilities.html A Google security researcher has just disclosed details of a 20-year-old unpatched high-severity vulnerability affecting all versions of Microsoft Windows, back from Windows XP to the latest Windows 10. Microsoft warns of new BlueKeeplike flaws www.welivesecurity.com/2019/08/15/microsoft-warning-wormable-flaws/ Microsoft issued fixes for four critical vulnerabilities in […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.