Daily NCSC-FI news followup 2021-02-27

Amazon Dismisses Claims Alexa Skills Can Bypass Security Vetting Process

threatpost.com/amazon-dismisses-claims-alexa-skills-can-bypass-security-vetting/164316/ Our analysis shows that while Amazon restricts access to user data for skills and has put forth a number of rules, there is still room for malicious actors to exploit or circumvent some of these rules, said researchers this week. This can enable an attacker to exploit the trust they have built with the system.

The state of stalkerware in 2020

securelist.com/the-state-of-stalkerware-in-2020/100875/ Kasperskys data shows that the scale of the stalkerware issue has not improved much in 2020 compared to the last year:. The number of people affected is still high. In total, 53,870 of our mobile users were affected globally by stalkerware in 2020. Keeping in mind the big picture, these numbers only include Kaspersky users, and the total global numbers will be higher.

Former SolarWinds CEO blames intern for ‘solarwinds123’ password leak

edition.cnn.com/2021/02/26/politics/solarwinds123-password-intern/ The researcher who discovered the leaked password, Vinoth Kumar, previously told CNN that before the company corrected the issue in November 2019, the password had been accessible online since at least June 2018.. Emails between Kumar and SolarWinds showed that the leaked password allowed Kumar to log in and successfully deposit files on the company’s server. Using that tactic, Kumar warned the company, any hacker could upload malicious programs to SolarWinds.

An Exploration of JSON Interoperability Vulnerabilities

labs.bishopfox.com/tech-blog/an-exploration-of-json-interoperability-vulnerabilities As we’ve seen through attacks like HTTP request smuggling, discrepancies across parsers combined with multi-stage request processing can introduce serious vulnerabilities. In this research, I conducted a survey of 49 JSON parsers, cataloged their quirks, and present a variety of attack scenarios and Docker Compose labs to highlight their risks. Through our payment processing and user management . examples, we will explore how JSON parsing inconsistencies can mask serious business logic vulnerabilities in otherwise benign code.

Why You Should Stop Sending Texts From Your Android Messages App

www.forbes.com/sites/zakdoffman/2021/02/27/google-android-messages-update-apple-iphone-ipad-imessage-security-versus-sms-rcs-and-whatsapp-encryption/ Until Googles RCS offers end-to-end encryption by default and can provide that level of security for groups as well as 1:1 messaging, then its as much of a no-no as Facebook Messenger. And Samsungs alternative is exactly the same.

www.forbes.com/sites/thomasbrewster/2021/02/25/exclusive-hackers-break-into-biochemical-systems-at-oxford-uni-lab-studying-covid-19/ Oxford University confirmed on Thursday it had detected and isolated an incident at the Division of Structural Biology (known as Strubi) after Forbes disclosed that hackers were showing off access to a number of systems. These included machines used to prepare biochemical samples, though the university said it couldnt comment further on the scale of the breach. It has contacted the . National Cyber Security Center (NCSC), a branch of the British intelligence agency GCHQ, which will now investigate the attack.. The crew, according to [Hold Security’s Alex] Holden, is highly sophisticated and has been privately selling stolen data from a number of its victims, and has previously sold to advanced persistent threat groups, a term for nation-state-backed hackers. He noted that the hackers spoke Portuguese. Some of the groups other victims include Brazilian universities, Holden added, and they also . use ransomware to extort some victims.

Microsoft fixes Windows 10 drive corruption bug what you need to know

www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-10-drive-corruption-bug-what-you-need-to-know/ With this week’s release of Windows 10 Insider build 21322, Microsoft has included an undocumented fix that prevents the path from being accessed.

Google shares PoC exploit for critical Windows 10 Graphics RCE bug

www.bleepingcomputer.com/news/security/google-shares-poc-exploit-for-critical-windows-10-graphics-rce-bug/ Project Zero, Google’s 0day bug-hunting team, shared technical details and proof-of-concept (PoC) exploit code for a critical remote code execution (RCE) bug affecting a Windows graphics component.. They reported the bug to the Microsoft Security Response Center in November. The company released security updates to address it on all vulnerable platforms on February 9, during this month’s Patch Tuesday.

You might be interested in …

Daily NCSC-FI news followup 2020-02-14

U.S. Charges Huawei with Stealing Trade Secrets from 6 Companies thehackernews.com/2020/02/united-states-china-huawei.html The US Department of Justice (DoJ) and the Federal Bureau of Investigation (FBI) charged Huawei with racketeering and conspiring to steal trade secrets from six US firms, in a significant escalation of a lawsuit against the Chinese telecom giant that began last year. North […]

Read More

Daily NCSC-FI news followup 2021-09-29

Russia arrests top cybersecurity executive in treason case www.reuters.com/technology/moscow-office-group-ib-cybersecurity-firm-searched-by-police-company-2021-09-29/ Ilya Sachkov, 35, who founded Group IB, one of Russia’s most prominent cyber security firms, was arrested on Tuesday, the RTVI TV channel reported as law enforcement officers carried out searches at the Moscow offices of the firm. DarkHalo after SolarWinds: the Tomiris connection securelist.com/darkhalo-after-solarwinds-the-tomiris-connection/104311/ Tomiris […]

Read More

Daily NCSC-FI news followup 2020-02-28

RSAC 2020: Ransomware a National Crisis, CISA Says, Ramps ICS Focus threatpost.com/ransomware-national-crisis-cisa-ics/153322/ Industrial control systems (ICS) and critical infrastructure will be a main focus for the Department of Homeland Securitys Cybersecurity and Infrastructure Security Agency (CISA) this year especially as ransomware looms as a main threat to the sector going forward.. Thats according to Christopher […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.