Daily NCSC-FI news followup 2021-07-24

Internet Futures

www.ofcom.org.uk/__data/assets/pdf_file/0013/222205/internet-futures.pdf This report should not be seen as an exhaustive list of every innovative technology being developed. Indeed, it can be no more than a sample of the high-quality ongoing research work being conducted in industry and academia. Further, the omission or inclusion of any technology shouldnt be taken as a signal of our view of its importance. Nor are these our predictions for the future: this report . is a summary of the technologies that have been flagged to us by worldwide experts.

Google is finally doing something about Google Drive spam

arstechnica.com/gadgets/2021/07/google-is-finally-doing-something-about-google-drive-spam/ As with regular email spam, some people get tons of it and some get very little, depending on who has your email address. For people who have been hit by Google Drive spammers, it has been very frustrating to have almost no way to stop it. This feature will give at least some control.

Active Directory Certificate Services (ADCS – PKI) domain admin vulnerability

isc.sans.edu/diary/rss/27668 “Phew, this was a really bad week for Microsoft (and a lot of reading for all of us). And just when we thought that the fiasco with the SAM hive was over, a new vulnerability popped up, which is much, much more dangerous unfortunately it allows a user to completely take over a Windows domain that has the ADCS service running. And those are probably running in majority of enterprises.”. “So, depending on how your enterprise uses ADCS, you could disable NTLM authentication on the IIS server and this particular attack will not be possible any more. Of course, if you do not need this particular service (web based certificate enroll) remove it completely!”. Also

www.bleepingcomputer.com/news/microsoft/new-petitpotam-attack-allows-take-over-of-windows-domains/. Also

www.specterops.io/assets/resources/Certified_Pre-Owned.pdf

Tech support scams remain a threat globally and in Asia Pacific despite drop in encounters: Microsoft survey

news.microsoft.com/apac/2021/07/22/tech-support-scams-remain-a-threat-globally-and-in-asia-pacific-despite-drop-in-encounters-microsoft-survey/ Globally, three out of five consumers encountered a tech support scam in the last 12 months, a five-point drop since 2018. Gen Zers and Millennials most likely to continue interactions when targeted with tech support scams

Malware increasingly targets Discord for abuse

news.sophos.com/en-us/2021/07/22/malware-increasingly-targets-discord-for-abuse/ Discord operates its own content delivery network, or CDN, where users can upload files to share with others. The service also publishes an API, enabling developers to create new ways to interact with Discord other than through its client application. We observed significant volumes of malware hosted in Discords own CDN, as well as malware interacting with Discord APIs to send and receive data.

You might be interested in …

Daily NCSC-FI news followup 2020-01-21

Infiltrating Networks: Easier Than Ever Due to Evil Markets www.bleepingcomputer.com/news/security/infiltrating-networks-easier-than-ever-due-to-evil-markets/ Attackers don’t always need to breach the networks of their victims themselves to plant malware as there are plenty of professional intruders offering their services on underground markets.. Various levels of access are offered for prices starting $1,000 and increasing depending on how deep the […]

Read More

Daily NCSC-FI news followup 2020-10-15

Introducing a new phishing technique for compromising Office 365 accounts o365blog.com/post/phishing/ Multiple members of QQAAZZ, a multinational cybercriminal group, were charged today in the US, Portugal, Spain, and the UK for providing money-laundering services to several high-profile malware operations including Dridex, Trickbot, and GozNym. www.bleepingcomputer.com/news/security/qqaazz-group-charged-for-laundering-money-stolen-by-malware-gangs/ U.S. Bookstore giant Barnes & Noble has disclosed that they […]

Read More

Daily NCSC-FI news followup 2021-11-05

Malware found in coa and rc, two npm packages with 23M weekly downloads therecord.media/malware-found-in-coa-and-rc-two-npm-packages-with-23m-weekly-downloads/ The security team of the npm JavaScript package manager has warned users that two of its most popular packages had been hijacked by a threat actor who released new versions laced with what appeared to be password-stealing malware. Both packages were […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.