Daily NCSC-FI news followup 2021-02-18

Microsoft Internal Solorigate Investigation Final Update

msrc-blog.microsoft.com/2021/02/18/microsoft-internal-solorigate-investigation-final-update/ We have now completed our internal investigation into the activity of the actor and want to share our findings, which confirm that we found no evidence of access to production services or customer data. The investigation also found no indications that our systems at Microsoft were used to attack others.. For a small number of repositories, there was additional access, including in some cases, downloading component source code. These repositories contained code for:. a small subset of Azure components (subsets of service, security, identity). a small subset of Intune components. a small subset of Exchange components

SolarWinds attack hit 100 companies and took months of planning, says White House

www.zdnet.com/article/solarwinds-attack-hit-100-companies-and-took-months-of-planning-says-white-house/ The White House warns SolarWinds attack was more than espionage because the private sector targets could lead to follow-up attacks.

Exploit Details Emerge for Unpatched Microsoft Bug

threatpost.com/exploit-details-unpatched-microsoft-bug/164083/ A malicious website or malicious ad can trigger an exploit for the IE zero-day bug, opening the door for data theft and code execution, new analysis notes.

Windows and Linux servers targeted by new WatchDog botnet for almost two years

www.zdnet.com/article/windows-and-linux-servers-targeted-by-new-watchdog-botnet-for-almost-two-years/ WatchDog botnet uses exploits to take over servers and mine cryptocurrency.

RIPE NCC Internet Registry discloses SSO credential stuffing attack

www.bleepingcomputer.com/news/security/ripe-ncc-internet-registry-discloses-sso-credential-stuffing-attack/ RIPE NCC is warning members that they suffered a credential stuffing attack attempting to gain access to single sign-on (SSO) accounts.

SHAREit Flaw Could Lead to Remote Code Execution

www.trendmicro.com/en_us/research/21/b/shareit-flaw-could-lead-to-remote-code-execution.html We discovered several vulnerabilities in the application named SHAREit. The vulnerabilities can be abused to leak a users sensitive data and execute arbitrary code with SHAREit permissions by using a malicious code or app. They can also potentially lead to Remote Code Execution (RCE).

Ninja Forms WordPress Plugin Bug Opens Websites to Hacks

threatpost.com/ninja-forms-wordpress-plugin-hacks/164042/ The popular plugin is installed on more than 1 million websites, and has four flaws that allow various kinds of serious attacks, including site takeover and email hijacking.

Hackers Leak Gigabytes Of Data Stolen From International Law Firm Jones Day

www.forbes.com/sites/leemathews/2021/02/18/hackers-leak-gigabytes-of-data-stolen-from-international-law-firm-jones-day/ Last month hackers infiltrated a server used by Jones Day, one of the largest and most successful law firms in the world. After failed attempts to extort payment from the firm, the hackers have now uploaded gigabytes of of highly sensitive data that were stolen in the attack.

Estonian Foreign Intelligence Service public report 2021

valisluureamet.ee/en.html The Estonian Foreign Intelligence Service has published a report covering the security situation in the Baltic Sea region.. Full report


Nurserycam horror show: ‘Secure’ daycare video monitoring product beamed DVR admin creds to all users

www.theregister.com/2021/02/18/nurserycam_security_problems_footfallcam_ltd/ Company has a habit of reacting badly to vuln disclosures

You might be interested in …

Daily NCSC-FI news followup 2020-05-08

Techniques: Current Use of Virtual Machine Detection Methods www.gdatasoftware.com/blog/2020/05/36068-current-use-of-virtual-machine-detection-methods A common approach to analyse potentially malicious software is dynamic analysis in a virtual machine. Therefore, malware authors use techniques to alter the malware’s behavior when being run in a VM. But how do they actually do it? Meant to Combat ID Theft, Unemployment Benefits Letter […]

Read More

Daily NCSC-FI news followup 2019-12-16

Inside Evil Corp, a $100M Cybercrime Menace krebsonsecurity.com/2019/12/inside-evil-corp-a-100m-cybercrime-menace/ The U.S. Justice Department this month offered a $5 million bounty for information leading to the arrest and conviction of a Russian man indicted for allegedly orchestrating a vast, international cybercrime network that called itself Evil Corp and stole roughly $100 million from businesses and consumers. As […]

Read More

Daily NCSC-FI news followup 2020-08-16

Elisalla poikkeuksellinen häiriötilanne: Viihde-palvelun ongelmat kestäneet jo päiviä www.is.fi/digitoday/art-2000006603504.html Elisan Viihde-palvelun häiriöt alkoivat torstaina. Vielä lauantai-iltana vian korjaustoimenpiteet olivat kesken. TikTok ei riitä Trumpille Onko tässä kieltolistan seuraava kohde? www.tivi.fi/uutiset/tv/cda7545a-24e5-4504-85c8-3d39b00977b5 Trumpin kieltoaikeet eivät tökänneet TikTokiin. Harkinnassa on useita kieltoja, joiden joukossa on myös Alibaba. Use A Smart Lock? Get In The Sea, 73% Of Security […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.