Daily NCSC-FI news followup 2021-09-21

Marketron marketing services hit by Blackmatter ransomware www.bleepingcomputer.com/news/security/marketron-marketing-services-hit-by-blackmatter-ransomware/ BlackMatter ransomware gang over the weekend hit Marketron, a business software solutions provider that serves more than 6, 000 customers in the media industry. Marketron provides cloud-based revenue and traffic management tools for broadcast and media organizations. It specializes in revenue management and audience engagement, handling advertising […]

Read More

Daily NCSC-FI news followup 2021-09-20

Alaska discloses sophisticated’ nation-state cyberattack on health service therecord.media/alaska-discloses-sophisticated-nation-state-cyberattack-on-health-service/ A nation-state cyber-espionage group has gained access to the IT network of the Alaska Department of Health and Social Service (DHSS), the agency said last week. While the DHSS made the incident public on May 18 and published two updates in June and August, the agency […]

Read More

Daily NCSC-FI news followup 2021-09-19

An American Company Fears Its Windows Hacks Helped India Spy On China And Pakistan www.forbes.com/sites/thomasbrewster/2021/09/17/exodus-american-tech-helped-india-spy-on-china/ A U.S. company’s tech was abused by the Indian government, amidst warnings Americans are contributing to a spyware industry already under fire for being out of control. Earlier this year, researchers at Russian cybersecurity firm Kaspersky witnessed a cyberespionage campaign […]

Read More

Daily NCSC-FI news followup 2021-09-18

Researchers compile list of vulnerabilities abused by ransomware gangs www.bleepingcomputer.com/news/security/researchers-compile-list-of-vulnerabilities-abused-by-ransomware-gangs/ Security researchers are compiling an easy-to-follow list of vulnerabilities ransomware gangs and their affiliates are using as initial access to breach victims’ networks. All this started with a call to action made by Allan Liska, a member of Recorded Future’s CSIRT, on Twitter over the […]

Read More

Daily NCSC-FI news followup 2021-09-17

NSO Group iMessage Zero-Click Exploit Captured in the Wild citizenlab.ca/2021/09/forcedentry-nso-group-imessage-zero-click-exploit-captured-in-the-wild/ The Citizen Lab disclosed the vulnerability and code to Apple, which has assigned the FORCEDENTRY vulnerability CVE-2021-30860 and describes the vulnerability as “processing a maliciously crafted PDF may lead to arbitrary code execution.”. In this article, Citizen Lab analyses the exploit chain in detail. Mitigating […]

Read More

Daily NCSC-FI news followup 2021-09-16

APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus us-cert.cisa.gov/ncas/alerts/aa21-259a The FBI, CISA, and CGCYBER assess that advanced persistent threat (APT) cyber actors are likely among those exploiting the vulnerability. The exploitation of ManageEngine ADSelfService Plus poses a serious risk to critical infrastructure companies, U.S.-cleared defense contractors, academic institutions, and other entities that use […]

Read More

Daily NCSC-FI news followup 2021-09-15

Patch now! PrintNightmare over, MSHTML fixed, a new horror appears OMIGOD blog.malwarebytes.com/exploits-and-vulnerabilities/2021/09/patch-now-printnightmare-over-mshtml-fixed-a-new-horror-appears-omigod/ The September 2021 Patch Tuesday could be remembered as the final patching attempt in the PrintNightmare nightmare. The ease with which the vulnerabilities shrugged off the August patches doesn’t look to get a rerun. So far we haven’t seen any indications that this […]

Read More

Daily NCSC-FI news followup 2021-09-14

Microsoft September 2021 Patch Tuesday: Remote code execution flaws in MSHTML, OMI fixed www.zdnet.com/article/microsoft-september-2021-patch-tuesday-remote-code-execution-flaws-in-mshtml-open-management-fixed/ This month’s round of security fixes tackles critical software issues including a zero-day flaw known to be exploited in the wild. Microsoft has released over 60 security fixes and updates resolving issues including a remote code execution (RCE) flaw in MSHTML […]

Read More

Daily NCSC-FI news followup 2021-09-13

Varo Office-tiedostoja jo esi­katselu voi olla vaarallista www.is.fi/digitoday/tietoturva/art-2000008260361.html Microsoftin Office-asiakirjoissa, eli Wordilla, Excelillä ja PowerPointilla tehdyissä tiedostoissa piilee luultua suurempi vaara, kertovat muun muassa Traficomin Kyberturvallisuuskeskus sekä Kaspersky Lab. Aiemmin kerrottiin, että Windowsiin kuuluvassa MSHTML-nimisessä ohjelmistokomponentissa oleva haavoittuvuus mahdollistaa haittaohjelman ujuttamisen tietokoneelle Office-asiakirjan mukana. Tällöin uskottiin haittaohjelman aktivoitumisen edellyttävän asiakirjan avaamista ja suojausvaroituksen klikkaamista. Nyt […]

Read More

Daily NCSC-FI news followup 2021-09-12

Windows MSHTML zero-day exploits shared on hacking forums www.bleepingcomputer.com/news/microsoft/windows-mshtml-zero-day-exploits-shared-on-hacking-forums/ Threat actors are sharing Windows MSHTML zero-day (CVE-2021-40444) tutorials and exploits on hacking forums, allowing other hackers to start exploiting the new vulnerability in their own attacks. Last Tuesday, Microsoft disclosed a new zero-day vulnerability in Windows MSHTML that allows threat actors to create malicious documents, […]

Read More