Daily NCSC-FI news followup 2021-07-02

Microsoft shares mitigations for Windows PrintNightmare zero-day bug

www.bleepingcomputer.com/news/security/microsoft-shares-mitigations-for-windows-printnightmare-zero-day-bug/ Microsoft has provided mitigation guidance to block attacks on systems vulnerable to exploits targeting the Windows Print Spooler zero-day vulnerability known as PrintNightmare. Lisäksi:

www.fortinet.com/blog/threat-research/fortinet-releases-ips-signature-microsoft-printnightmare-vulnerability. Lisäksi:

www.theregister.com/2021/07/01/printnightmare_windows_fix/. Lisäksi:

us-cert.cisa.gov/ncas/current-activity/2021/06/30/printnightmare-critical-windows-print-spooler-vulnerability

Microsoft warns of critical PowerShell 7 code execution vulnerability

www.bleepingcomputer.com/news/security/microsoft-warns-of-critical-powershell-7-code-execution-vulnerability/ Microsoft warns of a critical.NET Core remote code execution vulnerability in PowerShell 7 caused by how text encoding is performed in.NET 5 and.NET Core.

Mongolian Certificate Authority Hacked to Distribute Backdoored CA Software

thehackernews.com/2021/07/mongolian-certificate-authority-hacked.html In yet another instance of software supply chain attack, unidentified hackers breached the website of MonPass, one of Mongolia’s major certificate authorities, to backdoor its installer software with Cobalt Strike binaries.

Traficom laajentaa Tietoturvamerkin käyttöä puhelimille sitä tuskin myönnetään (MAKSUMUURI)

www.tivi.fi/uutiset/tv/103601a5-8ec3-49ff-b273-764a1c72bda8 Suomalaisten tietoisuus siitä, että älylaitteet saattavat jakaa käyttäjän tietoja luvatta ulkopuolisille on kasvussa. Turvallisia ostopäätöksiä edistetään laajentamalla Tietoturvamerkin käyttöä.

Why Healthcare Keeps Falling Prey to Ransomware and Other Cyberattacks

threatpost.com/healthcare-prey-ransomware-cyberattacks/167525/ Nate Warfield, CTO of Prevailion and former Microsoft security researcher, discusses the many security challenges and failings plaguing this industry. A long-running problem in the healthcare industry is the use of outdated and/or unpatched systems and devices. This is a problem that can largely be attributed to budgetary pressures, both in terms of the cost of equipment and for fielding a well-equipped IT security operation.

Hacked Data for 69K LimeVPN Users Up for Sale on Dark Web

threatpost.com/hacked-data-limevpn-dark-web/167492/ LimeVPN has confirmed a data incident, and meanwhile its website has been knocked offline. The VPN provider known as LimeVPN has been hit with a hack affecting 69, 400 user records, according to researchers. A hacker claims to have stolen the company’s entire customer database before knocking its website offline (Threatpost confirmed that as of press time, the website was down).

US insurance giant AJG reports data breach after ransomware attack

www.bleepingcomputer.com/news/security/us-insurance-giant-ajg-reports-data-breach-after-ransomware-attack/ Arthur J. Gallagher (AJG), a US-based global insurance brokerage and risk management firm, is mailing breach notification letters to potentially impacted individuals following a ransomware attack that hit its systems in late September.

Babuk ransomware is back, uses new version on corporate networks

www.bleepingcomputer.com/news/security/babuk-ransomware-is-back-uses-new-version-on-corporate-networks/ After announcing their exit from the ransomware business in favor of data theft extortion, the Babuk gang appears to have slipped back into their old habit of encrypting corporate networks.

New Mirai-Inspired Botnet Could Be Using Your KGUARD DVRs in Cyber Attacks

thehackernews.com/2021/07/new-mirai-inspired-botnet-could-be.html Cybersecurity researchers on Thursday revealed details about a new Mirai-inspired botnet called “mirai_ptea” that leverages an undisclosed vulnerability in digital video recorders (DVR) provided by KGUARD to propagate and carry out distributed denial-of-service (DDoS) attacks.

Thinking about selling your Echo Dotor any IoT device? Read this first

arstechnica.com/gadgets/2021/07/passwords-in-amazon-echo-dots-live-on-even-after-you-factory-reset-them/ Deleting data from Echo Dotsand other IoT devices from Amazon and elsewhereis hard. Like most Internet-of-things (IoT) devices these days, Amazon’s Echo Dot gives users a way to perform a factory reset so, as the corporate behemoth says, users can “remove any… personal content from the applicable device(s)” before selling or discarding them. But researchers have recently found that the digital bits that remain on these reset devices can be reassembled to retrieve a wealth of sensitive data, including passwords, locations, authentication tokens, and other sensitive data.

You might be interested in …

Daily NCSC-FI news followup 2021-10-05

Understanding How Facebook Disappeared from the Internet blog.cloudflare.com/october-2021-facebook-outage/ The Internet is literally a network of networks, and it’s bound together by BGP. BGP allows one network (say Facebook) to advertise its presence to other networks that form the Internet. As we write Facebook is not advertising its presence, ISPs and other networks can’t find Facebook’s […]

Read More

Daily NCSC-FI news followup 2019-08-07

SWAPGS Vulnerability in Modern CPUs Fixed in Windows, Linux, ChromeOS www.bleepingcomputer.com/news/security/swapgs-vulnerability-in-modern-cpus-fixed-in-windows-linux-chromeos/ At BlackHat today, Bitdefender disclosed a new variant of the Spectre 1 speculative execution side channel vulnerabilities that could allow a malicious program to access and read the contents of privileged memory in an operating system.. In a statement from Intel, BleepingComputer was told […]

Read More

Daily NCSC-FI news followup 2021-02-19

Apple Offers Its Closest Look Yet at iOS and MacOS Security www.wired.com/story/apple-platform-security-guide-researchers/ In its latest Platform Security Guide, Cupertino raised the curtain on the critical features that protect against hackers. Lisäksi: support.apple.com/guide/security/welcome/web. Lisäksi: www.darkreading.com/endpoint/apple-offers-closer-look-at-its-platform-security-technologies-features/d/d-id/1340198 Mysterious Silver Sparrow Malware Found Nesting on 30K Macs threatpost.com/silver-sparrow-malware-30k-macs/164121/ A second malware that targets Macs with Apple’s in-house M1 chip […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.