Daily NCSC-FI news followup 2019-09-25

This vBulletin vBug is vBad: Zero-day exploit lets miscreants hijack vulnerable web forums www.theregister.co.uk/2019/09/24/vbulletin_vbug_zeroday/ Hackers can inject system commands via version 5 of software, no patch available. An anonymous bug hunter has publicly disclosed a zero-day flaw in the version 5 of the popular vBulletin forum software than can be exploited over the internet to […]

Read More

Daily NCSC-FI news followup 2019-09-24

New NetWire RAT Variant Being Spread Via Phishing www.fortinet.com/blog/threat-research/new-netwire-rat-variant-spread-by-phishing.html NetWire is a Remote Access Trojan (RAT) malware that has been widely used for many years. Recently, FortiGuard Labs noticed a malware spreading via phishing email, and during the analysis on it, we discovered that it was a new variant of NetWire RAT. LookBack Forges Ahead: […]

Read More

Daily NCSC-FI news followup 2019-09-23

Dear network operators, please use the existing tools to fix security www.zdnet.com/article/dear-network-operators-please-use-the-existing-tools-to-fix-security/ Internet routing may well be a screaming car wreck, but a deployathon by the Asia Pacific Network Information Centre (APNIC) has shown how short, focused efforts can make a difference.. Routers use the Border Gateway Protocol (BGP) to tell each other the current […]

Read More

Daily NCSC-FI news followup 2019-09-22

Act Platform : Open Platform For Collection & Exchange Of Threat Intelligence Information kalilinuxtutorials.com/act-platform-semi-automated-cyber-threat-intelligence/ Semi-Automated Cyber Threat Intelligence or ACT is a research project led by mnemonic as with contributions from the University of Oslo, NTNU, Norwegian Security Authority (NSM), KraftCERT and Nordic Financial CERT.. Read also: www.first.org/resources/papers/london2019/Training-The-ACT-Threat-Intelligenve-Platform-Eian.pdf. Read also: github.com/mnemonic-no/act-platform We All Could Pay […]

Read More

Daily NCSC-FI news followup 2019-09-21

VMware Releases Security Updates for Multiple Products www.us-cert.gov/ncas/current-activity/2019/09/20/vmware-releases-security-updates-multiple-products See also: www.vmware.com/security/advisories/VMSA-2019-0014.html Meet Stop Ransomware: The Most Active Ransomware Nobody Talks About www.bleepingcomputer.com/news/security/meet-stop-ransomware-the-most-active-ransomware-nobody-talks-about/ To give you some perspective, the ransomware identification service ID Ransomware gets approximately 2,500 ransomware submissions a day. Of those, between 60-70 % are STOP ransomware submissions. Windows 7 Voting Systems to Get […]

Read More

Daily NCSC-FI news followup 2019-09-20

The Air Force Will Let Hackers Try to Hijack an Orbiting Satellite www.wired.com/story/air-force-defcon-satellite-hacking/ When the Air Force showed up at the Defcon hacker conference in Las Vegas last month, it didnt come empty-handed. It brought along an F-15 fighter-jet data systemone that security researchers thoroughly dismantled, finding serious vulnerabilities along the way. The USAF was […]

Read More

Daily NCSC-FI news followup 2019-09-19

Telecommunications Breakdown: How Russian Telco Infrastructure was Exposed www.upguard.com/breaches/mts-nokia-telecom-inventory-data-exposure UpGuard can now disclose that a storage device containing 1.7 terabytes of information detailing telecommunications installations throughout the Russian Federation has been secured, preventing any future malicious use. This data includes schematics, administrative credentials, email archives, and other materials relating to telecom infrastructure projects.. Until recently […]

Read More

Daily NCSC-FI news followup 2019-09-18

Tortoiseshell Group Targets IT Providers in Saudi Arabia in Probable Supply Chain Attacks www.symantec.com/blogs/threat-intelligence/tortoiseshell-apt-supply-chain A previously undocumented attack group is using both custom and off-the-shelf malware to target IT providers in Saudi Arabia in what appear to be supply chain attacks with the end goal of compromising the IT providers customers.. The group, which we […]

Read More

Daily NCSC-FI news followup 2019-09-17

Calling all breakers & builders: BlueHat Seattle registration is open! msrc-blog.microsoft.com/2019/09/16/calling-all-breakers-builders-bluehat-seattle-registration-is-open/ Exciting changes are coming to BlueHat Seattle 2019! If youd like to attend this premier security conference, we have good news for you: registration for BlueHat Seattle is now open and we hope you register. . Wait, isnt BlueHat invitation-only? It isbut if we […]

Read More

Daily NCSC-FI news followup 2019-09-16

Undersøgelsesrapport: Statsstøttet hackergruppe forsøger at kompromittere netværksudstyr fe-ddis.dk/cfcs/nyheder/arkiv/2019/Pages/undersoegelsesrapport-hackergruppe-forsoeger-kompromittere-netvaerksudstyr.aspx En statsstøttet aktør har forsøgt at gennemføre flere angreb på udvalgte danske myndigheder med henblik på spionage. CFCS udsendte den 18. april 2018 et offentligt varsel i forbindelse med hændelserne, og CFCS arbejdede efterfølgende videre og håndterede sagerne i samarbejde med relevante myndigheder.. [PDF] fe-ddis.dk/cfcs/publikationer/Documents/Undersoegelsesrapport-kompromittering-netvaerksudstyr.pdf Exclusive: Russia […]

Read More