Daily NCSC-FI news followup 2021-02-27

Amazon Dismisses Claims Alexa Skills Can Bypass Security Vetting Process

threatpost.com/amazon-dismisses-claims-alexa-skills-can-bypass-security-vetting/164316/ Our analysis shows that while Amazon restricts access to user data for skills and has put forth a number of rules, there is still room for malicious actors to exploit or circumvent some of these rules, said researchers this week. This can enable an attacker to exploit the trust they have built with the system.

The state of stalkerware in 2020

securelist.com/the-state-of-stalkerware-in-2020/100875/ Kasperskys data shows that the scale of the stalkerware issue has not improved much in 2020 compared to the last year:. The number of people affected is still high. In total, 53,870 of our mobile users were affected globally by stalkerware in 2020. Keeping in mind the big picture, these numbers only include Kaspersky users, and the total global numbers will be higher.

Former SolarWinds CEO blames intern for ‘solarwinds123’ password leak

edition.cnn.com/2021/02/26/politics/solarwinds123-password-intern/ The researcher who discovered the leaked password, Vinoth Kumar, previously told CNN that before the company corrected the issue in November 2019, the password had been accessible online since at least June 2018.. Emails between Kumar and SolarWinds showed that the leaked password allowed Kumar to log in and successfully deposit files on the company’s server. Using that tactic, Kumar warned the company, any hacker could upload malicious programs to SolarWinds.

An Exploration of JSON Interoperability Vulnerabilities

labs.bishopfox.com/tech-blog/an-exploration-of-json-interoperability-vulnerabilities As we’ve seen through attacks like HTTP request smuggling, discrepancies across parsers combined with multi-stage request processing can introduce serious vulnerabilities. In this research, I conducted a survey of 49 JSON parsers, cataloged their quirks, and present a variety of attack scenarios and Docker Compose labs to highlight their risks. Through our payment processing and user management . examples, we will explore how JSON parsing inconsistencies can mask serious business logic vulnerabilities in otherwise benign code.

Why You Should Stop Sending Texts From Your Android Messages App

www.forbes.com/sites/zakdoffman/2021/02/27/google-android-messages-update-apple-iphone-ipad-imessage-security-versus-sms-rcs-and-whatsapp-encryption/ Until Googles RCS offers end-to-end encryption by default and can provide that level of security for groups as well as 1:1 messaging, then its as much of a no-no as Facebook Messenger. And Samsungs alternative is exactly the same.

www.forbes.com/sites/thomasbrewster/2021/02/25/exclusive-hackers-break-into-biochemical-systems-at-oxford-uni-lab-studying-covid-19/ Oxford University confirmed on Thursday it had detected and isolated an incident at the Division of Structural Biology (known as Strubi) after Forbes disclosed that hackers were showing off access to a number of systems. These included machines used to prepare biochemical samples, though the university said it couldnt comment further on the scale of the breach. It has contacted the . National Cyber Security Center (NCSC), a branch of the British intelligence agency GCHQ, which will now investigate the attack.. The crew, according to [Hold Security’s Alex] Holden, is highly sophisticated and has been privately selling stolen data from a number of its victims, and has previously sold to advanced persistent threat groups, a term for nation-state-backed hackers. He noted that the hackers spoke Portuguese. Some of the groups other victims include Brazilian universities, Holden added, and they also . use ransomware to extort some victims.

Microsoft fixes Windows 10 drive corruption bug what you need to know

www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-10-drive-corruption-bug-what-you-need-to-know/ With this week’s release of Windows 10 Insider build 21322, Microsoft has included an undocumented fix that prevents the path from being accessed.

Google shares PoC exploit for critical Windows 10 Graphics RCE bug

www.bleepingcomputer.com/news/security/google-shares-poc-exploit-for-critical-windows-10-graphics-rce-bug/ Project Zero, Google’s 0day bug-hunting team, shared technical details and proof-of-concept (PoC) exploit code for a critical remote code execution (RCE) bug affecting a Windows graphics component.. They reported the bug to the Microsoft Security Response Center in November. The company released security updates to address it on all vulnerable platforms on February 9, during this month’s Patch Tuesday.

You might be interested in …

Daily NCSC-FI news followup 2020-05-02

Scammers Using COVID-19/Coronavirus Lure to Target Medical Suppliers www.fortinet.com/blog/threat-research/scammers-using-covid-19-coronavirus-lure-to-target-medical-suppliers.html FortiGuard Labs has discovered a new malicious spearphishing campaign, once again using the COVID-19/Coronavirus pandemic as a lure. This latest email campaign targets a medical device supplier, wherein the attacker is inquiring about various materials needed to address the COVID-19 pandemic due to high demand for […]

Read More

Daily NCSC-FI news followup 2020-03-24

Fortinet Security Researcher Discovers Multiple Critical Vulnerabilities in Adobe Photoshop www.fortinet.com/blog/threat-research/fortinet-security-researcher-discovers-multiple-critical-vulnerabilities-in-adobe-photoshop.html This past January, I discovered and reported multiple critical zero-day vulnerabilities in Adobe Photoshop CC 2020. This past Tuesday (Mar 17, 2020), Adobe released several out-of-band security patches that addressed those vulnerabilities. They are identified as CVE-2020-3783, CVE-2020-3784, CVE-2020-3785, CVE-2020-3786, CVE-2020-3787, CVE-2020-3788 and CVE-2020-3789. […]

Read More

Daily NCSC-FI news followup 2019-09-17

Calling all breakers & builders: BlueHat Seattle registration is open! msrc-blog.microsoft.com/2019/09/16/calling-all-breakers-builders-bluehat-seattle-registration-is-open/ Exciting changes are coming to BlueHat Seattle 2019! If youd like to attend this premier security conference, we have good news for you: registration for BlueHat Seattle is now open and we hope you register. . Wait, isnt BlueHat invitation-only? It isbut if we […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.