Daily NCSC-FI news followup 2021-01-24

Listasimme verkkohuijausten uusimmat trendit ja keinoja niiden tunnistamiseen Moni huijaus tepsii aina uudestaan sillä kollektiivinen muisti unohtaa

yle.fi/uutiset/3-11721481 Lue myös: www.kuluttajaliitto.fi/hankkeet/huijarit-kuriin/

Your Password Isn’t Safe: The Danger Of An Inactive Zombie’ Account

www.forbes.com/sites/brookecrothers/2021/01/23/your-password-isnt-safe-the-danger-of-inactive-zombie-accounts/

WhatsApp BacklashStop Using Signal Or Telegram Until You Change These 4 Critical Settings

www.forbes.com/sites/zakdoffman/2021/01/23/stop-using-signal-and-telegram-until-you-change-settings-after-whatsapp-and-imessage-privacy-backlash/

SonicWall firewall maker hacked using zero-day in its VPN device

www.bleepingcomputer.com/news/security/sonicwall-firewall-maker-hacked-using-zero-day-in-its-vpn-device/ Also:

www.sonicwall.com/support/product-notification/urgent-security-notice-netextender-vpn-client-10-x-sma-100-series-vulnerability-updated-jan-23-2021/210122173415410/

Intelligence Analysts Use U.S. Smartphone Location Data Without Warrants, Memo Says

www.nytimes.com/2021/01/22/us/politics/dia-surveillance-data.html The disclosure comes amid growing legislative scrutiny of how the government uses commercially available location records.

DDoSers are abusing Microsoft RDP to make attacks more powerful

arstechnica.com/information-technology/2021/01/ddosers-are-abusing-microsoft-rdp-to-make-attacks-more-powerful/ DDoS amplification attacks have abused all kinds of legit services. Now, it’s Windows.

Cyber criminals publish more than 4, 000 stolen Sepa files

www.bbc.co.uk/news/uk-scotland-55757884 Cyber criminals who stole thousands of digital files belonging to environmental regulator Sepa have published them on the internet. The public body had about 1.2GB of data stolen from its digital systems on Christmas Eve.

Hacker leaks data of 2.28 million dating site users

www.zdnet.com/article/hacker-leaks-data-of-2-28-million-dating-site-users/#ftag=RSSbaffb68 Data belongs to dating site MeetMindful and includes everything from real names to Facebook account tokens, and from email addresses and geo-location information.

You might be interested in …

Daily NCSC-FI news followup 2020-04-23

Twitter will remove dubious 5G tweets that could potentially cause harm’ techcrunch.com/2020/04/22/twitter-will-remove-dubious-5g-tweets-that-could-potentially-cause-harm/ “We’re prioritizing the removal of COVID-19 content when it has a call to action that could potentially cause harm, “ First version of Apple and Google’s contact tracing API should be available to developers next week techcrunch.com/2020/04/23/first-version-of-apple-and-googles-contact-tracing-api-should-be-available-to-developers-next-week/ The first version of Apple and […]

Read More

Daily NCSC-FI news followup 2020-11-11

Play Store identified as main distribution vector for most Android malware www.zdnet.com/article/play-store-identified-as-main-distribution-vector-for-most-android-malware The official Google Play Store has been identified as the primary source of malware installs on Android devices in a recent academic study considered the largest one of its kind carried out to date. Lisäksi: arxiv.org/pdf/2010.10088.pdf Facebook link preview feature used as a […]

Read More

Daily NCSC-FI news followup 2019-07-16

Commando VM: The Complete Mandiant Offensive VM isc.sans.edu/diary/Commando+VM%3A+The+Complete+Mandiant+Offensive+VM/25136 Penetration testers commonly use their own variants of Windows machines when assessing Active Directory environments. Commando VM was designed specifically to be the go-to platform for performing these internal penetration tests. The benefits of using a Windows machine include native support for Windows and Active Directory, using […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.