Daily NCSC-FI news followup 2021-02-06

Google fixes Chrome zero-day actively exploited in the wild

www.bleepingcomputer.com/news/security/google-fixes-chrome-zero-day-actively-exploited-in-the-wild/ Google has addressed an actively exploited zero-day security vulnerability in the Chrome 88.0.4324.150 version released today, February 4th, 2020, to the Stable desktop channel for Windows, Mac, and Linux users.

Eletrobras, Copel energy companies hit by ransomware attacks

www.bleepingcomputer.com/news/security/eletrobras-copel-energy-companies-hit-by-ransomware-attacks/ Centrais Eletricas Brasileiras (Eletrobras) and Companhia Paranaense de Energia (Copel), two major electric utilities companies in Brazil have announced that they suffered ransomware attacks over the past week.

Microsoft warns of increasing OAuth Office 365 phishing attacks

www.bleepingcomputer.com/news/security/microsoft-warns-of-increasing-oauth-office-365-phishing-attacks/ Microsoft has warned of an increasing number of consent phishing (aka OAuth phishing) attacks targeting remote workers during recent months, BleepingComputer has learned.

SitePoint discloses data breach after stolen info used in attacks

www.bleepingcomputer.com/news/security/sitepoint-discloses-data-breach-after-stolen-info-used-in-attacks/ The SitePoint web professional community has disclosed a data breach after their user database was sold and eventually leaked for free on a hacker forum.

Launching OSV – Better vulnerability triage for open source

security.googleblog.com/2021/02/launching-osv-better-vulnerability.html We are excited to launch OSV (Open Source Vulnerabilities), our first step towards improving vulnerability triage for developers and consumers of open source software. The goal of OSV is to provide precise data on where a vulnerability was introduced and where it got fixed, thereby helping consumers of open source software accurately identify if they are impacted and then make security fixes as . quickly as possible.

Näin toimii Suomessa nähty kiero verkkopankkihuijaus tunnusluvulla suojautuminen ei auta, uhri hyväksyy itse rahasiirron

www.is.fi/digitoday/tietoturva/art-2000007784669.html Mies välissä- eli väliintulohyökkäyksellä pankkitili voidaan tyhjentää, vaikka käytössä on tunnuslukulaite tai -sovellus.

The Great Suspender Chrome extension’s fall from grace

www.bleepingcomputer.com/news/software/the-great-suspender-chrome-extensions-fall-from-grace/ Google has forcibly uninstalled the immensely popular ‘The Great Suspender’ extension from Google Chrome and classified it as malware.

Mozilla fixes Windows 10 NTFS corruption bug in Firefox

www.bleepingcomputer.com/news/software/mozilla-fixes-windows-10-ntfs-corruption-bug-in-firefox/ Mozilla has released Firefox 85.0.1 and includes a fix that prevents a Windows 10 NTFS corruption bug from being triggered from the browser.

Hackers post detailed patient medical records from two hospitals to the dark web

www.nbcnews.com/tech/security/hackers-post-detailed-patient-medical-records-two-hospitals-dark-web-n1256887 The files, which number in at least the tens of thousands, includes patients personal identifying information.

They Stormed the Capitol. Their Apps Tracked Them.

www.nytimes.com/2021/02/05/opinion/capitol-attack-cellphone-data.html Times Opinion was able to identify individuals from a trove of leaked smartphone location data.

Microsoft delays disabling Basic Authentication for several Exchange Online protocols ‘until further notice’

www.theregister.com/2021/02/05/exchange_online_basic_authentication/ Insists ‘We’re not backtracking’ as tenants given longer to move to something more secure. Microsoft has shifted gears on plans to disable Basic Authentication for five Exchange Online protocols this year, provided your tenant is actually using them.

Spotify Suffers Second Credential-Stuffing Cyberattack in 3 Months

threatpost.com/spotify-credential-stuffing-cyberattack/163672/ As many as 100,000 of the music streaming services customers could face account takeover.. Spotify streaming music aficionados are in the crosshairs of yet another credential-stuffing cyberattack, just three months after the last one. The service has forced password resets for impacted users.

Industrial Networks See Sharp Uptick in Hackable Security Holes

threatpost.com/industrial-networks-hackable-security-holes/163708/ Claroty reports that adversaries, CISOs and researchers have all turned their attention to finding critical security bugs in ICS networks.. The report analyzed all publicly disclosed vulnerabilities in ICS networks in the second half of 2020 and found a nearly 33 percent increase in ICS disclosures over 2018, both from organizations like Claroty and from independent researchers.. Report:


NCIJTF Releases Ransomware Factsheet

us-cert.cisa.gov/ncas/current-activity/2021/02/05/ncijtf-releases-ransomware-factsheet The National Cyber Investigative Joint Task Force (NCIJTF) has released a joint-sealed ransomware factsheet to address current ransomware threats and provide information on prevention and mitigation techniques.

You might be interested in …

Daily NCSC-FI news followup 2020-08-27

Confessions of an ID Theft Kingpin, Part II krebsonsecurity.com/2020/08/confessions-of-an-id-theft-kingpin-part-ii/ Yesterdays piece told the tale of Hieu Minh Ngo, a hacker the U.S. Secret Service described as someone who caused more material financial harm to more Americans than any other convicted cybercriminal. Ngo was recently deported back to his home country after serving more than seven […]

Read More

Daily NCSC-FI news followup 2019-12-03

An Update on Android TLS Adoption security.googleblog.com/2019/12/an-update-on-android-tls-adoption.html Today, were happy to announce that 80% of Android apps are encrypting traffic by default. The percentage is even greater for apps targeting Android 9 and higher, with 90% of them encrypting traffic by default. Critical Android Flaw Leads to Permanent DoS threatpost.com/google-critical-android-permanent-dos-flaw/150764/ The December security update stomped […]

Read More

Daily NCSC-FI news followup 2019-08-29

Critical Cisco VM Bug Allows Remote Takeover of Routers threatpost.com/critical-cisco-bug-remote-takeover-routers/147826/ Five More Hackers Become Millionaires on HackerOne www.bleepingcomputer.com/news/security/five-more-hackers-become-millionaires-on-hackerone/ Google adds all Android apps with +100m installs to its bug bounty program www.zdnet.com/article/google-adds-all-android-apps-with-100m-installs-to-its-bug-bounty-program/ Google Targets Data-Abusing Apps with Bug Bounty Launch threatpost.com/google-targets-data-abusing-apps-bug-bounty/147825/ Bug Bounties Continue to Rise, but Market Has Its Own 1% Problem www.darkreading.com/vulnerabilities—threats/vulnerability-management/bug-bounties-continue-to-rise-but-market-has-its-own-1–problem/d/d-id/1335689 The […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.