Daily NCSC-FI news followup 2021-04-25

VPN Hacks Are a Slow-Motion Disaster

www.wired.com/story/vpn-hacks-pulse-secure-espionage/ Recent spying attacks against Pulse Secure VPN are just the latest example of a long-simmering cybersecurity meltdown.

Hacking campaign targets FileZen file-sharing network appliances

therecord.media/hacking-campaign-targets-filezen-file-sharing-network-appliances/ Threat actors are using two vulnerabilities in a popular file-sharing server to breach corporate and government systems and steal sensitive data as part of a global hacking campaign that has already hit a major target in the Japanese Prime Minister’s Cabinet Office.

Emotet malware nukes itself today from all infected computers worldwide

www.bleepingcomputer.com/news/security/emotet-malware-nukes-itself-today-from-all-infected-computers-worldwide/ Emotet, one of the most dangerous email spam botnets in recent history, is being uninstalled today from all infected devices with the help of a malware module delivered in January by law enforcement.

Computer security world in mourning over death of Dan Kaminsky, aged 42

www.theregister.com/2021/04/25/dan_kaminsky_obituary/ DEF CON hails ‘an icon in all the positive ways’

You might be interested in …

Daily NCSC-FI news followup 2019-08-16

New Bluetooth KNOB Attack Lets Attackers Manipulate Traffic www.bleepingcomputer.com/news/security/new-bluetooth-knob-attack-lets-attackers-manipulate-traffic/ A new Bluetooth vulnerability named “Key Negotiation Of Bluetooth attack” or “KNOB” has been disclosed that allow attackers to more easily brute force the encryption key used during pairing to monitor or manipulate the data transferred between two paired devices.. see also knobattack.com/ Ammottava aukko päästi […]

Read More

Daily NCSC-FI news followup 2021-01-23

Exclusive: SonicWall Hacked Using 0-Day Bugs In Its Own VPN Product thehackernews.com/2021/01/exclusive-sonicwall-hacked-using-0-day.html SonicWall, a popular internet security provider of firewall and VPN products, on late Friday disclosed that it fell victim to a coordinated attack on its internal systems. “Recently, SonicWall identified a coordinated attack on its internal systems by highly sophisticated threat actors exploiting […]

Read More

Daily NCSC-FI news followup 2020-04-01

Holy water: ongoing targeted water-holing attack in Asia securelist.com/holy-water-ongoing-targeted-water-holing-attack-in-asia/96311/ The threat actors unsophisticated but creative toolset has been evolving a lot since the inception date, may still be in development, and leverages Sojson obfuscation, NSIS installer, Python, open-source code, GitHub distribution, Go language, as well as Google Drive-based C2 channels. Zoom Client Leaks Windows Login […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.