Daily NCSC-FI news followup 2021-02-18

Microsoft Internal Solorigate Investigation Final Update

msrc-blog.microsoft.com/2021/02/18/microsoft-internal-solorigate-investigation-final-update/ We have now completed our internal investigation into the activity of the actor and want to share our findings, which confirm that we found no evidence of access to production services or customer data. The investigation also found no indications that our systems at Microsoft were used to attack others.. For a small number of repositories, there was additional access, including in some cases, downloading component source code. These repositories contained code for:. a small subset of Azure components (subsets of service, security, identity). a small subset of Intune components. a small subset of Exchange components

SolarWinds attack hit 100 companies and took months of planning, says White House

www.zdnet.com/article/solarwinds-attack-hit-100-companies-and-took-months-of-planning-says-white-house/ The White House warns SolarWinds attack was more than espionage because the private sector targets could lead to follow-up attacks.

Exploit Details Emerge for Unpatched Microsoft Bug

threatpost.com/exploit-details-unpatched-microsoft-bug/164083/ A malicious website or malicious ad can trigger an exploit for the IE zero-day bug, opening the door for data theft and code execution, new analysis notes.

Windows and Linux servers targeted by new WatchDog botnet for almost two years

www.zdnet.com/article/windows-and-linux-servers-targeted-by-new-watchdog-botnet-for-almost-two-years/ WatchDog botnet uses exploits to take over servers and mine cryptocurrency.

RIPE NCC Internet Registry discloses SSO credential stuffing attack

www.bleepingcomputer.com/news/security/ripe-ncc-internet-registry-discloses-sso-credential-stuffing-attack/ RIPE NCC is warning members that they suffered a credential stuffing attack attempting to gain access to single sign-on (SSO) accounts.

SHAREit Flaw Could Lead to Remote Code Execution

www.trendmicro.com/en_us/research/21/b/shareit-flaw-could-lead-to-remote-code-execution.html We discovered several vulnerabilities in the application named SHAREit. The vulnerabilities can be abused to leak a users sensitive data and execute arbitrary code with SHAREit permissions by using a malicious code or app. They can also potentially lead to Remote Code Execution (RCE).

Ninja Forms WordPress Plugin Bug Opens Websites to Hacks

threatpost.com/ninja-forms-wordpress-plugin-hacks/164042/ The popular plugin is installed on more than 1 million websites, and has four flaws that allow various kinds of serious attacks, including site takeover and email hijacking.

Hackers Leak Gigabytes Of Data Stolen From International Law Firm Jones Day

www.forbes.com/sites/leemathews/2021/02/18/hackers-leak-gigabytes-of-data-stolen-from-international-law-firm-jones-day/ Last month hackers infiltrated a server used by Jones Day, one of the largest and most successful law firms in the world. After failed attempts to extort payment from the firm, the hackers have now uploaded gigabytes of of highly sensitive data that were stolen in the attack.

Estonian Foreign Intelligence Service public report 2021

valisluureamet.ee/en.html The Estonian Foreign Intelligence Service has published a report covering the security situation in the Baltic Sea region.. Full report


Nurserycam horror show: ‘Secure’ daycare video monitoring product beamed DVR admin creds to all users

www.theregister.com/2021/02/18/nurserycam_security_problems_footfallcam_ltd/ Company has a habit of reacting badly to vuln disclosures

You might be interested in …

Daily NCSC-FI news followup 2019-12-25

Toistasataa kiinalaista pidätettiin Nepalissa epäiltynä kyberhuijauksesta yle.fi/uutiset/3-11134577 Ratsiassa takavarikoitiin yli 700 puhelinta ja 400 tietokonetta. Staying Cyber-Safe This Holiday Season www.fortinet.com/blog/industry-trends/staying-cyber-safe-this-holiday-season.html Look-alike websites, fake shipping notifications, e-cards, emergency scams, phony charities, free gift cards etc. These are the most common forms of holiday scams. Signs of Phishing: Protecting Yourself During the Holidays www.tripwire.com/state-of-security/featured/signs-of-phishing-protecting-yourself-during-the-holidays/ Some things […]

Read More

Daily NCSC-FI news followup 2019-11-08

Sure, we made your Wi-Fi routers phone home with telemetry, says Ubiquiti. What of it? www.theregister.co.uk/2019/11/07/ubiquiti_networks_phone_home/ Ubiquiti Networks is fending off customer complaints after emitting a firmware update that caused its UniFi wireless routers to quietly phone HQ with telemetry.. It all kicked off when the US-based manufacturer confirmed that a software update released this […]

Read More

Daily NCSC-FI news followup 2020-06-01

Postin nimissä käynnissä kolme huijausta, yksi on erityisen häijy – numerostasi lähetetään viestejä www.is.fi/digitoday/tietoturva/art-2000006523529.html Oikeissa Postin viesteissä ei pääsääntöisesti ole linkkejä. Jos seuraat linkkiä verkkosivulle, tarkista sen osoite osoiteriviltä. Väärien sivujen osoitteet eivät usein muistuta juuri lainkaan aitoa osoitetta. Suhtaudu varauksella kaikkiin viesteihin, joissa sinulta pyydetään maksua tai sinun halutaan kirjautuvan jonnekin pankkitunnuksillasi. Katso myös: […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.