Daily NCSC-FI news followup 2021-02-25

Attackers scan for vulnerable VMware servers after PoC exploit release

www.bleepingcomputer.com/news/security/attackers-scan-for-vulnerable-vmware-servers-after-poc-exploit-release/ After security researchers have developed and published proof-of-concept (PoC) exploit code targeting a critical vCenter remote code execution (RCE) vulnerability, attackers are now actively scanning for vulnerable Internet-exposed VMware servers. Lisäksi:

www.zdnet.com/article/more-than-6700-vmware-servers-exposed-online-and-vulnerable-to-major-new-bug

Health Website Leaks 8 Million COVID-19 Test Results

threatpost.com/health-website-leaks-covid-19-test/164274/ A teenaged ethical hacker discovered a flawed endpoint associated with a health-department website in the state of Bengal, which exposed personally identifiable information related to test results.

Dutch Research Council (NWO) confirms ransomware attack, data leak

www.bleepingcomputer.com/news/security/dutch-research-council-nwo-confirms-ransomware-attack-data-leak/ The recent cyberattack that forced the Dutch Research Council (NWO) to take its servers offline and suspend grant allocation processes was caused by the DoppelPaymer ransomware gang.

Överbelastningsattack mot Bank-ID orsakade stora störningar

tekniksmart.se/overbelastningsattack-mot-bank-id-orsakade-stora-storningar/ En överbelastningsattack mot Bank-ID under tisdagskvällen gjorde att tjänsten delvis låg nere eller var mycket långsam för användarna. Attacken och störningarna bekräftades av Finansiell ID-Teknik till bland annat SVT Nyheter och TT.

North Korean hackers target defense industry with custom malware

www.bleepingcomputer.com/news/security/north-korean-hackers-target-defense-industry-with-custom-malware/ A North Korean-backed hacking group has targeted the defense industry with custom backdoor malware dubbed ThreatNeedle since early 2020 with the end goal of collecting highly sensitive information.

Malicious Mozilla Firefox Extension Allows Gmail Takeover

threatpost.com/malicious-mozilla-firefox-gmail/164263/ A newly uncovered cyberattack is taking control of victims’ Gmail accounts, by using a customized, malicious Mozilla Firefox browser extension called FriarFox. Lisäksi:

www.zdnet.com/article/chinese-cyberspies-targeted-tibetans-with-a-malicious-firefox-add-on/. Lisäksi:

thehackernews.com/2021/02/chinese-hackers-using-firefox-extension.html

Google’s Password Checkup tool rolling out to Android devices

www.welivesecurity.com/2021/02/24/google-password-checkup-android-devices Google is extending its Password Checkup feature to Android in a bid to help people make their online accounts more secure. Originally introduced as an extension for the Google Chrome web browser two years ago, the tool was later integrated into Chrome for desktop before making its way into the browser’s versions for Android and iOS.

Samsung Investigation Part 1: TEEs, TrustZone and TEEGRIS

www.riscure.com/blog/samsung-investigation-part1 The goal of our investigation was to assess how strong Samsung’s TEE OS is and whether it can be compromised to obtain runtime control and extract all protected assets, allowing, e.g. decryption of user data. We did not consider a full exploit chain and instead focused on the TEE only, assuming an attacker already in control of the Android environment.

You might be interested in …

Daily NCSC-FI news followup 2020-03-26

Coronavirus as a hook www.kaspersky.com/blog/coronavirus-corporate-phishing/34445/ We tell how the coronavirus scare is being exploited by phishers to attack companies and install malware. E-mails imitating business correspondence with malicious attachments are nothing new. Weve been observing them in junk traffic for the last three years at least. The more precise the fake, the higher the likelihood […]

Read More

Daily NCSC-FI news followup 2019-08-20

Guccifer Rising? Months-Long Phishing Campaign on ProtonMail Targets Dozens of Russia-Focused Journalists and NGOs www.bellingcat.com/news/uk-and-europe/2019/08/10/guccifer-rising-months-long-phishing-campaign-on-protonmail-targets-dozens-of-russia-focused-journalists-and-ngos/ A sophisticated phishing campaign targeting Bellingcat and other Russia-focused journalists has been much larger in scope than previously thought, and has lasted at least several months. Bellingcat has identified dozens of targeted individuals across Europe and the US, with the […]

Read More

Daily NCSC-FI news followup 2020-03-24

Fortinet Security Researcher Discovers Multiple Critical Vulnerabilities in Adobe Photoshop www.fortinet.com/blog/threat-research/fortinet-security-researcher-discovers-multiple-critical-vulnerabilities-in-adobe-photoshop.html This past January, I discovered and reported multiple critical zero-day vulnerabilities in Adobe Photoshop CC 2020. This past Tuesday (Mar 17, 2020), Adobe released several out-of-band security patches that addressed those vulnerabilities. They are identified as CVE-2020-3783, CVE-2020-3784, CVE-2020-3785, CVE-2020-3786, CVE-2020-3787, CVE-2020-3788 and CVE-2020-3789. […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.