Daily NCSC-FI news followup 2021-09-12

Windows MSHTML zero-day exploits shared on hacking forums

www.bleepingcomputer.com/news/microsoft/windows-mshtml-zero-day-exploits-shared-on-hacking-forums/ Threat actors are sharing Windows MSHTML zero-day (CVE-2021-40444) tutorials and exploits on hacking forums, allowing other hackers to start exploiting the new vulnerability in their own attacks. Last Tuesday, Microsoft disclosed a new zero-day vulnerability in Windows MSHTML that allows threat actors to create malicious documents, including Office and RTF docs, to execute commands on a victim’s computer remotely. Even though there are no security updates available for the CVE-2021-40444 vulnerability, as it was discovered used in active attacks by EXPMOM and Mandiant, Microsoft decided to disclose the vulnerability and provide mitigations to help prevent its exploitation. These mitigations work by blocking ActiveX controls and Word/RTF document previews in Windows Explorer. However, researchers have been able to modify the exploit not to use ActiveX, effectively bypassing Microsoft’s mitigations.

What Is Zero Trust? It Depends What You Want to Hear

www.wired.com/story/what-is-zero-trust/ For years a concept known as “zero trust” has been a go-to cybersecurity catchphrase, so much so that even the notoriously dilatory federal IT apparatus is going all in. But a crucial barrier to widespread adoption of this next-generation security model is mass confusion over what the term actually means. With cyberattacks like phishing, ransomware, and business email compromise at all time highs, though, something’s gotta change, and soon. At its core, zero trust relates to a shift in how organizations conceive of their networks and IT infrastructure. Under the old model, all the computers, servers, and other devices physically in an office building were on the same network and trusted each other. Your work computer could connect to the printer on your floor, or find team documents on a shared server. Tools like firewalls and antivirus were set up to view anything outside the organization as bad; everything inside the network didn’t merit much scrutiny.

Is Facebook Secretly’ Spying On Your WhatsApp Messages?

www.forbes.com/sites/zakdoffman/2021/09/12/is-facebook-spying-on-whatsapp-messages-on-iphone-android-mac-windows-10/ A nasty new surprise is doing the rounds on social media this week, claiming Facebook’s privacy breaches extend to WhatsApp. That was the fear behind the data backlash earlier this year, and this new warning that it is reading encrypted WhatsApp messages, “undermining privacy protections for its 2 billion users.”. Initially there was confusion about WhatsApp’s encryption being breached, that its end-to-end encryption is not as private as we all think. This shows the level of misunderstanding about what end-to-end encryption is, and what it is not. There is no encryption breach here, and thankfully ProPublica clarified the misunderstanding.

You might be interested in …

[NCSC-FI News] S-Pankin ja Ålands­bankenin häiriöt ohi

AAMUYHDEKSÄLTÄ alkanut S-Pankin verkkopankin ja S-mobiilin häiriö on saatu korjattua. S-Pankin viestintäjohtajan Aleksi Moision mukaan kyseessä oli verkkopankin ja S-mobiilin taustajärjestelmien häiriö, joka esti palveluihin kirjautumisen noin kello 9–11 välillä. Source: Read More (NCSC-FI daily news followup)

Read More

Daily NCSC-FI news followup 2020-09-16

Tietovuoto: Kiinalaisyrityksen urkintalistalla on 799 suomalaista, joukossa poliitikkoja ja heidän lähipiiriään Katso, miten suomalaiset on jaoteltu yle.fi/uutiset/3-11544521 Poikkeuksellinen tietovuoto kertoo, millaiset suomalaiset vaikuttajat kiinnostavat Kiinaa. Pitkään kestävä syysmyrsky huolettaa sähköyhtiöitä “Valmiudessa on moninkertainen määrä työntekijöitä” yle.fi/uutiset/3-11547019 Keski-Pohjanmaalla toimivat sähköyhtiöt ovat nostaneet selvästi varautumistaan voimakkaan ja poikkeuksellisen pitkäkestoisen syysmyrskyn varalle. Yhä useampi on huolissaan lähipiiriinsä kohdistuvista […]

Read More

[NCSC-FI News] Digital technology and the war in Ukraine

All of us who work at Microsoft are following closely the tragic, unlawful and unjustified invasion of Ukraine. This has become both a kinetic and digital war, with horrifying images from across Ukraine as well as less visible cyberattacks on computer networks and internet-based disinformation campaigns We are fielding a growing number of inquiries about […]

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.