Daily NCSC-FI news followup 2021-01-20

Tietoturva ei ole luksustuote

www.tivi.fi/uutiset/tv/465d7ff0-5446-4ca6-ac28-6d1850a26112 “Rahalla ei voi ostaa yrityksen sisäistä viestintää ja uskallusta myöntää virheet. Mikään määrä tietoturvatyökaluja ei pelasta, jos yrityksessä henkilöstö pelkää oman työnsä puolesta tai heitä ei oteta tosissaan virheen sattuessa kohdalle.”. “Lopulta monimutkaisiin ongelmiin ratkaisut voivat löytyä läheltä, omista työntekijöistä ja yrityksen omasta kulttuurista. Tietoturva on holistista ja sen pitäisi osallistuttaa kaikki yrityksen työntekijät ja johtoasemassa olevat henkilöt.”

Hacker leaks full database of 77 million Nitro PDF user records

www.bleepingcomputer.com/news/security/hacker-leaks-full-database-of-77-million-nitro-pdf-user-records/ Nitro is an application that helps create, edit, and sign PDFs and digital documents, an app that Nitro Software claims to have over 10, 000 business customers and roughly 1.8 million licensed users. A stolen database containing the email addresses, names, and passwords of more than 77 million records of Nitro PDF service users was leaked today for free. The 14GB leaked database contains 77, 159, 696 records with users’ email addresses, full names, bcrypt hashed passwords, titles, company names, IP addresses, and other system-related information.

Hacker posts 1.9 million Pixlr user records for free on forum

www.bleepingcomputer.com/news/security/hacker-posts-19-million-pixlr-user-records-for-free-on-forum/ Pixlr is a very popular and free online photo editing application with many of the same features found in a professional desktop photo editor like Photoshop. The alleged Pixlr database posted by ShinyHunters contains 1, 921, 141 user records consisting of email addresses, login names, SHA-512 hashed passwords, a user’s country, whether they signed up for the newsletter, and other internal information.

IObit forums hacked to spread ransomware to its members

www.bleepingcomputer.com/news/security/iobit-forums-hacked-to-spread-ransomware-to-its-members/ Windows utility developer IObit was hacked over the weekend to perform a widespread attack to distribute the strange DeroHE ransomware to its forum members.

NSA urges system administrators to replace obsolete TLS protocols

www.zdnet.com/article/nsa-urges-system-administrators-to-replace-obsolete-tls-protocols/ NSA recommends that only TLS 1.2 or TLS 1.3 be used; and that SSL 2.0, SSL 3.0, TLS 1.0, and TLS 1.1 not be used. Even if TLS 1.2 and TLS 1.3 are deployed, the NSA warns against configuring these two protocols with weak cryptographic parameters and cipher suites.

Bugs in Signal, Facebook, Google chat apps let attackers spy on users

www.bleepingcomputer.com/news/security/bugs-in-signal-facebook-google-chat-apps-let-attackers-spy-on-users/ Vulnerabilities found in multiple video conferencing mobile applications allowed attackers to listen to users’ surroundings without permission before the person on the other end picked up the calls. The logic bugs were found by Google Project Zero security researcher Natalie Silvanovich in the Signal, Google Duo, Facebook Messenger, JioChat, and Mocha messaging apps and are now all fixed.

Cisco fixes critical pre-auth bugs in SD-WAN, cloud license manager

www.bleepingcomputer.com/news/security/cisco-fixes-critical-pre-auth-bugs-in-sd-wan-cloud-license-manager/ Cisco has released security updates to address pre-auth remote code execution (RCE) vulnerabilities affecting multiple SD-WAN products and the Cisco Smart Software Manager software.

NCSC-UK: Technical report: Responsible use of the Border Gateway Protocol (BGP) for ISP interworking

www.ncsc.gov.uk/report/responsible-use-of-bgp-for-isp-interworking The guidance encourages operators to use the BGP in a predictable and rigorous way, making full use of Internet Registries such as RIPE. PDF:

www.ncsc.gov.uk/files/border-gateway-protocol-technical-paper.pdf

You might be interested in …

Daily NCSC-FI news followup 2019-08-03

Joosua sai palkkion hakkeroinnista: Menneinä vuosina ei katsottu hyvällä www.is.fi/digitoday/tietoturva/art-2000006192538.html Joosua Santasalo sai tuntuvan palkkion löytämästään tietoturva-aukosta. Bug bounty -kampanjoiden yleistyminen kertoo ohjelmistoalan asennemuutoksesta. Internet connected cars can be hacked to gridlock major cities www.hackread.com/internet-connected-cars-hacked-gridlock-cities/ Hacking Internet Connected Cars a near possibility for cybercriminals to cause major havoc. Say hello to Lord Exploit Kit blog.malwarebytes.com/threat-analysis/2019/08/say-hello-to-lord-exploit-kit/ […]

Read More

Daily NCSC-FI news followup 2020-10-28

Vastaamo-kiristäjä pysyi piilossa vaikka lunnaiden maksuaika umpeutui nyt uhkana uhrien identiteettivarkaudet yle.fi/uutiset/3-11618253 Kiristäjä ei tiettävästi julkaissut uusia henkilötietoja tai potilaskertomuksia tiistaina, kuten uhkasi. Vastaamo-kiristyksen uhrien tietoja levitetään nyt uudella tavalla asiantuntijat: Harkitse tarkkaan, mitä kirjoitat someen www.is.fi/digitoday/art-2000006702529.html Tiedetään, että idiootit pimeässä verkossa ovat jo levittäneet poliisien, kansanedustajien ja muiden julkisuuden henkilöiden potilastietoja, sanoo F-Securen tietoturvajohtaja […]

Read More

Daily NCSC-FI news followup 2020-01-11

An Empirical Study of Wireless Carrier Authentication for SIM Swaps www.issms2fasecure.com/ We examined the authentication procedures used by five prepaid wireless carriers when a customer attempts to change their SIM card, or SIM swap. We found that all five carriers use insecure authentication challenges that can easily be subverted by attackers. We found 17 websites […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.