Daily NCSC-FI news followup 2021-09-12

Windows MSHTML zero-day exploits shared on hacking forums

www.bleepingcomputer.com/news/microsoft/windows-mshtml-zero-day-exploits-shared-on-hacking-forums/ Threat actors are sharing Windows MSHTML zero-day (CVE-2021-40444) tutorials and exploits on hacking forums, allowing other hackers to start exploiting the new vulnerability in their own attacks. Last Tuesday, Microsoft disclosed a new zero-day vulnerability in Windows MSHTML that allows threat actors to create malicious documents, including Office and RTF docs, to execute commands on a victim’s computer remotely. Even though there are no security updates available for the CVE-2021-40444 vulnerability, as it was discovered used in active attacks by EXPMOM and Mandiant, Microsoft decided to disclose the vulnerability and provide mitigations to help prevent its exploitation. These mitigations work by blocking ActiveX controls and Word/RTF document previews in Windows Explorer. However, researchers have been able to modify the exploit not to use ActiveX, effectively bypassing Microsoft’s mitigations.

What Is Zero Trust? It Depends What You Want to Hear

www.wired.com/story/what-is-zero-trust/ For years a concept known as “zero trust” has been a go-to cybersecurity catchphrase, so much so that even the notoriously dilatory federal IT apparatus is going all in. But a crucial barrier to widespread adoption of this next-generation security model is mass confusion over what the term actually means. With cyberattacks like phishing, ransomware, and business email compromise at all time highs, though, something’s gotta change, and soon. At its core, zero trust relates to a shift in how organizations conceive of their networks and IT infrastructure. Under the old model, all the computers, servers, and other devices physically in an office building were on the same network and trusted each other. Your work computer could connect to the printer on your floor, or find team documents on a shared server. Tools like firewalls and antivirus were set up to view anything outside the organization as bad; everything inside the network didn’t merit much scrutiny.

Is Facebook Secretly’ Spying On Your WhatsApp Messages?

www.forbes.com/sites/zakdoffman/2021/09/12/is-facebook-spying-on-whatsapp-messages-on-iphone-android-mac-windows-10/ A nasty new surprise is doing the rounds on social media this week, claiming Facebook’s privacy breaches extend to WhatsApp. That was the fear behind the data backlash earlier this year, and this new warning that it is reading encrypted WhatsApp messages, “undermining privacy protections for its 2 billion users.”. Initially there was confusion about WhatsApp’s encryption being breached, that its end-to-end encryption is not as private as we all think. This shows the level of misunderstanding about what end-to-end encryption is, and what it is not. There is no encryption breach here, and thankfully ProPublica clarified the misunderstanding.

You might be interested in …

Daily NCSC-FI news followup 2019-12-18

MPY:n runkoverkkoon iski vakava häiriö ja suuri osa tietoliikenneyhteyksistä meni poikki “Liian pitkä katkos, palaverin paikka” lansi-savo.fi/uutiset/lahella/412aad43-f61a-4456-a342-9e98bd254d16 MPY tiedotti iltapäivällä vakavasta häiriöstä runkoverkossaan ja kertoi suuren osan yhteyksistä olevan poikki. Yhteys korjaantui seitsemän jälkeen illalla. . Myyntijohtaja Juha Putkonen kertoo, että asia havaittiin kahden maissa iltapäivällä eli katkos kesti noin viisi tuntia.. Myös: blogi.mpy.fi/kuluttajat/hairiotiedotteet/vakava-hairio-mpyn-runkoverkossa-suuri-osa-yhteyksista-poikki Seven […]

Read More

Daily NCSC-FI news followup 2020-06-14

Privnotes.com Is Phishing Bitcoin from Users of Private Messaging Service Privnote.com krebsonsecurity.com/2020/06/privnotes-com-is-phishing-bitcoin-from-users-of-private-messaging-service-privnote-com/ For the past year, a site called Privnotes.com has been impersonating Privnote.com, a legitimate, free service that offers private, encrypted messages which self-destruct automatically after they are read. Until recently, I couldn’t quite work out what Privnotes was up to, but today it […]

Read More

Daily NCSC-FI news followup 2021-01-16

BugTraq Shutdown www.securityfocus.com/archive/1/542247 At this time, resources for the BugTraq mailing list have not been prioritized, and this will be the last message to the list. The archive will be shut down January 31st, 2021. Also: www.zdnet.com/article/iconic-bugtraq-security-mailing-list-shuts-down-after-27-years/ Massive stolen credit card shop Joker’s Stash shuts down www.bleepingcomputer.com/news/security/massive-stolen-credit-card-shop-jokers-stash-shuts-down/ The administrator of Joker’s Stash, one of the […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.