Daily NCSC-FI news followup 2021-09-24

SonicWall warns users to patch critical vulnerability as soon as possible

blog.malwarebytes.com/exploits-and-vulnerabilities/2021/09/sonicwall-warns-users-to-patch-critical-vulnerability-as-soon-as-possible/ SonicWall has issued a security notice about its SMA 100 series of appliances. The vulnerability could potentially allow a remote unauthenticated attacker the ability to delete arbitrary files from a SMA 100 series appliance and gain administrator access to the device.

Uusi pankkihuijaus haluaa tunnukset 8 tunnissa erottaisitko itse tämän sivun aidosta?

www.is.fi/digitoday/tietoturva/art-2000008286937.html SÄHKÖPOSTITSE levitetään parhaillaan Nordean nimissä huijausta, jossa käyttäjälle esitetään vaatimus tunnistautua uudelleen kahdeksan tunnin kuluessa sähköpostin saamisesta lukien.

Uudenlainen huijaus: Varo maksu­pyyntöä MobilePayssa Kelan nimissä

www.is.fi/digitoday/tietoturva/art-2000008287326.html KELA varoittaa nimissään MobilePay-rahansiirtosovelluksessa tehtävästä huijauksesta. Maksupyyntö on naamioitu etuisuuden takaisinmaksupyynnöksi.. katso myös


Major European call center provider goes down in ransomware attack

therecord.media/major-european-call-center-provider-goes-down-in-ransomware-attack/ GSS, the Spanish and Latin America division of Covisian, one of Europes largest customer care and call center providers, has suffered a debilitating ransomware attack that froze a large part of its IT systems and crippled call centers across its Spanish-speaking customerbase.

German Election: Phishing Attacks and Disinformation Campaigns Target Parliament Members


EU officially blames Russia for ‘Ghostwriter’ hacking activities

www.bleepingcomputer.com/news/security/eu-officially-blames-russia-for-ghostwriter-hacking-activities/ The European Union has officially linked Russia to a hacking operation known as Ghostwriter that targets high-profile EU officials, journalists, and the general public.. “These malicious cyber activities are targeting numerous members of Parliaments, government officials, politicians, and members of the press and civil society in the EU by accessing computer systems and personal accounts and stealing data,” European Council officials said in a press release today.. see also


 Researcher drops three iOS zero-days that Apple refused to fix

www.bleepingcomputer.com/news/security/researcher-drops-three-ios-zero-days-that-apple-refused-to-fix/ Proof-of-concept exploit code for three iOS zero-day vulnerabilities (and a fourth one patched in July) was published on GitHub after Apple delayed patching and failed to credit the researcher.

Emergency Google Chrome update fixes zero-day exploited in the wild

www.bleepingcomputer.com/news/security/emergency-google-chrome-update-fixes-zero-day-exploited-in-the-wild/ Google has released Chrome 94.0.4606.61 for Windows, Mac, and Linux, an emergency update addressing a high-severity zero-day vulnerability exploited in the wild.

Bug in macOS Finder allows remote code execution

www.welivesecurity.com/2021/09/23/bug-macos-finder-remote-code-execution/ While Apple did issue a patch for the vulnerability, it seems that the fix can be easily circumvented

Microsoft rushes to register Autodiscover domains leaking credentials

www.bleepingcomputer.com/news/microsoft/microsoft-rushes-to-register-autodiscover-domains-leaking-credentials/ Microsoft is rushing to register Internet domains used to steal Windows credentials sent from faulty implementations of the Microsoft Exchange Autodiscover protocol.

State-sponsored hacking group targets Port of Houston using Zoho zero-day

therecord.media/state-sponsored-hacking-group-targets-port-of-houston-using-zoho-zero-day/ A suspected state-sponsored hacking group has attempted to breach the network of the Port of Houston, one of the largest port authorities in the US, using a zero-day vulnerability in a Zoho user authentication appliance, CISA officials said in a Senate hearing today.

Exploits imminent for critical VMware vCenter CVE-2021-22005 bug

www.bleepingcomputer.com/news/security/exploits-imminent-for-critical-vmware-vcenter-cve-2021-22005-bug/ Exploit code that could be used to achieve remote code execution on VMware vCenter Server vulnerable to CVE-2021-22005 is currently spreading online.

You might be interested in …

Daily NCSC-FI news followup 2021-12-09

SonicWall Urges Customers to Immediately Patch Critical SMA 100 Flaws thehackernews.com/2021/12/sonicwall-urges-customers-to.html Network security vendor SonicWall is urging customers to update their SMA 100 series appliances to the latest version following the discovery of multiple security vulnerabilities that could be abused by a remote attacker to take complete control of an affected system. The flaws impact […]

Read More

Daily NCSC-FI news followup 2020-12-30

DHS orders federal agencies to update SolarWinds Orion platform www.bleepingcomputer.com/news/security/dhs-orders-federal-agencies-to-update-solarwinds-orion-platform/ The Cybersecurity and Infrastructure Security Agency (CISA) has ordered all US federal agencies to update the SolarWinds Orion platform to the latest version by the end of business hours on December 31, 2020. Microsoft: SolarWinds hackers’ goal was the victims’ cloud data www.bleepingcomputer.com/news/security/microsoft-solarwinds-hackers-goal-was-the-victims-cloud-data/ Microsoft says […]

Read More

Daily NCSC-FI news followup 2021-11-01

Trojan Source’ Bug Threatens the Security of All Code krebsonsecurity.com/2021/11/trojan-source-bug-threatens-the-security-of-all-code/ Virtually all compilers programs that transform human-readable source code into computer-executable machine code are vulnerable to an insidious attack in which an adversary can introduce targeted vulnerabilities into any software without being detected, new research released today warns. The vulnerability disclosure was coordinated with multiple […]

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.