Daily NCSC-FI news followup 2021-03-14

New PoC for Microsoft Exchange bugs puts attacks in reach of anyone

www.bleepingcomputer.com/news/security/new-poc-for-microsoft-exchange-bugs-puts-attacks-in-reach-of-anyone/ A security researcher has released a new proof-of-concept exploit this weekend that requires slight modification to install web shells on Microsoft Exchange servers vulnerable to the actively exploited ProxyLogon vulnerabilities. Will Dorman, a Vulnerability Analyst at the CERT/CC, tested the vulnerability on a Microsoft exchange server and told BleepingComputer that it worked with very little modification. “It’s within the reach of “script kiddie” now, ” warned Dorman in our discussion about the PoC.

Threat Assessment: DearCry Ransomware

unit42.paloaltonetworks.com/dearcry-ransomware/ Last week, Microsoft reported that attackers compromised Exchange Mail Servers with the use of four zero-day vulnerabilities. While patches have been released by Microsoft, adversaries are still attacking vulnerable versions of Microsoft Exchange Servers with malicious tools, malware and data exfiltration. Further, Microsoft has confirmed the existence of a ransomware variant leveraging these vulnerabilities, which has been dubbed “DearCry.”. It is reasonable to suspect that the ransomware authors were paying homage to an unrelated yet infamous ransomware family, “WannaCry, ” which was used as a payload within an orchestrated attack campaign leveraging known Microsoft vulnerabilities to infect victims en masse.

Microsoft Probes Whether Leak Played Role in Suspected Chinese Hack

www.wsj.com/articles/microsoft-probing-whether-leak-played-role-in-suspected-chinese-hack-11615575793 Microsoft Corp. is investigating whether the hackers behind a world-wide cyberattack may have obtained sensitive information necessary to launch the attack from private disclosures it made with some of its security partners, according to people familiar with the matter.

Huawei Listed Anew as Threat to US National Security

www.securityweek.com/huawei-listed-anew-threat-us-national-security US regulators on Friday listed Huawei among Chinese telecom gear firms deemed a threat to national security, signaling that a hoped for softening of relations is not in the cards.

Tuntuuko sinustakin, että internet on pilalla? Ylen haastattelussa Wikipedian johtaja, joka uskoo, että nyt alkaa uusi aika: “Tilinteko on todennäköinen”

yle.fi/uutiset/3-11770643 “Viestintävälineitä voidaan hyödyntää kuin aseita. Aiemmin sellainen oli mahdollista vain hallituksille”, Ryan Merkley sanoo.

You might be interested in …

Daily NCSC-FI news followup 2019-09-27

Some Voting Machines Still Have Decade-Old Vulnerabilities www.wired.com/story/voting-village-results-hacking-decade-old-bugs/ The results of the 2019 Defcon Voting Village are inand they paint an ugly picture for voting machine security.. In three short years, the Defcon Voting Village has gone from a radical hacking project to a stalwart that surfaces voting machine security issues. This afternoon, its organizers […]

Read More

Daily NCSC-FI news followup 2020-11-10

With Great Power comes Great Leakage platypusattack.com/ With PLATYPUS, we present novel software-based power side-channel attacks on Intel server, desktop and laptop CPUs. We exploit the unprivileged access to the Intel RAPL interface exposing the processor’s power consumption to infer data and extract cryptographic keys. Lisäksi: www.zdnet.com/article/new-platypus-attack-can-steal-data-from-intel-cpus. Lisäksi: arstechnica.com/information-technology/2020/11/intel-sgx-defeated-yet-again-this-time-thanks-to-on-chip-power-meter/. Lisäksi: www.theregister.com/2020/11/10/intel_sgx_side_channel/ Microsoft Releases November 2020 […]

Read More

Daily NCSC-FI news followup 2021-06-20

Norway says Chinese group APT31 is behind catastrophic 2018 government hack therecord.media/norway-says-chinese-group-apt31-is-behind-catastrophic-2018-government-hack/ Norway’s police secret service said this week that APT31, a cyber-espionage group operating on behalf of China, was responsible for a 2018 breach of the government’s IT network. According to the Norwegian Police Security Service (PST), the 2018 hack was as bad as […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.