Daily NCSC-FI news followup 2021-06-05

Attackers are scanning for vulnerable VMware servers, patch now!

www.bleepingcomputer.com/news/security/attackers-are-scanning-for-vulnerable-vmware-servers-patch-now/ Threat actors are actively scanning for Internet-exposed VMware vCenter servers unpatched against a critical remote code execution (RCE) vulnerability impacting all vCenter deployments and patched by VMware ten days ago. The ongoing scanning activity was spotted by threat intelligence company Bad Packets yesterday and confirmed earlier today by cybersecurity expert Kevin Beaumont. Lisäksi:

us-cert.cisa.gov/ncas/current-activity/2021/06/04/unpatched-vmware-vcenter-software. Lisäksi:

thehackernews.com/2021/06/alert-critical-rce-bug-in-vmware.html. Lisäki:

arstechnica.com/gadgets/2021/06/under-exploit-vmware-vulnerability-with-severity-rating-of-9-8-out-of-10/

GitHub Updates Policy to Remove Exploit Code When Used in Active Attacks

thehackernews.com/2021/06/github-updates-policy-to-remove-exploit.html Code-hosting platform GitHub Friday officially announced a series of updates to the site’s policies that delve into how the company deals with malware and exploit code uploaded to its service. Lisäksi:

www.bleepingcomputer.com/news/security/githubs-new-policies-allow-removal-of-poc-exploits-used-in-attacks/

US arrests Latvian woman who worked on Trickbot malware source code

therecord.media/us-arrests-latvian-woman-who-worked-on-trickbot-malware-source-code/ The US Department of Justice has arraigned in court today a Latvian woman who was part of the Trickbot malware crew, where she served as a programmer and wrote code for controlling the malware and deploying ransomware on infected computers.

Chrome, Safari, Firefox and Edge join forces to improve browser extensions

www.cnet.com/news/chrome-safari-firefox-and-edge-join-forces-to-improve-browser-extensions/ The teams behind the Google Chrome, Apple Safari, Mozilla Firefox and Microsoft Edge browsers have banded together to improve extensions, the add-ons you can download to customize the software. That should mean your extensions will work better and come with a better security foundation to protect you from malware.

You might be interested in …

Daily NCSC-FI news followup 2021-03-04

Selecting a Protective DNS Service media.defense.gov/2021/Mar/03/2002593055/-1/-1/0/CSI_PROTECTIVE%20DNS_UOO117652-21.PDF Due to the centrality of DNS for cybersecurity, the Department of Defense (DoD) included DNS filtering as a requirement in its Cybersecurity Maturity Model Certification (CMMC) standard (SC.3.192). Three Top Russian Cybercrime Forums Hacked krebsonsecurity.com/2021/03/three-top-russian-cybercrime-forums-hacked/ Over the past few weeks, three of the longest running and most venerated Russian-language […]

Read More

Daily NCSC-FI news followup 2019-06-21

Iranian Hackers Launch a New US-Targeted Campaign as Tensions Mount www.wired.com/story/iran-hackers-us-phishing-tensions/ WHEN TWO COUNTRIES begin to threaten war in 2019, it’s a safe bet that they’ve already been hacking each other’s networks. Right on schedule, three different cybersecurity firms now say they’ve watched Iran’s hackers try to gain access to a wide array of US […]

Read More

Daily NCSC-FI news followup 2020-06-08

German Task Force for COVID-19 Medical Equipment Targeted in Ongoing Phishing Campaign securityintelligence.com/posts/german-task-force-for-covid-19-medical-equipment-targeted-in-ongoing-phishing-campaign/ During the course of ongoing research on coronavirus-related cyber activity, IBM X-Force Incident Response and Intelligence Services (IRIS) uncovered a COVID-19 related phishing campaign targeting a German multinational corporation (MNC), associated with a German government-private sector task force to procure personal protective […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.