[NCSC-NL] Let’s Encrypt revokes 3 million certificates

Let’s Encrypt communicated on March 2 2020 that they will revoke a part of their certificates [1]. CAUTION: the certificates will be revoked from March 4 2020 0:00 UTC onwards. The certificates that will be revoked have been issued BEFORE February 29 2020 03:10 UTC. According to Let’s Encrypt about 3 million certificates will be […]

Read More

[NCSC-NL] Let’s Encrypt revokes 3 million certificates

Let’s Encrypt communicated on March 2 2020 that they will revoke a part of their certificates [1]. CAUTION: the certificates will be revoked from March 4 2020 0:00 UTC onwards. The certificates that will be revoked have been issued BEFORE February 29 2020 03:10 UTC. According to Let’s Encrypt about 3 million certificates will be […]

Read More

Daily NCSC-FI news followup 2020-03-02

Active Scans for Apache Tomcat Ghostcat Vulnerability Detected, Patch Now www.bleepingcomputer.com/news/security/active-scans-for-apache-tomcat-ghostcat-vulnerability-detected-patch-now/ Ongoing scans for Apache Tomcat servers unpatched against the Ghostcat vulnerability that allows potential attackers to take over servers have been detected over the weekend.. As cyber threat intelligence firm Bad Packets said on Saturday, “mass scanning activity targeting this vulnerability has already begun. […]

Read More

Daily NCSC-FI news followup 2020-03-01

Switzerland files criminal complaint over Crypto spying scandal www.reuters.com/article/us-swiss-spying-crypto/switzerland-files-criminal-complaint-over-crypto-spying-scandal-idUSKBN20O1VD The Swiss government has filed a criminal complaint over the U.S. Central Intelligence Agencys alleged use of a cryptography company as a front to spy on various governments secret communications, the Swiss attorney generals office said on Sunday.. The complaint against persons unknown for alleged breaches […]

Read More

Daily NCSC-FI news followup 2020-02-29

TRICKBOT DELIVERY METHOD GETS A NEW UPGRADE FOCUSING ON WINDOWS 10 blog.morphisec.com/trickbot-delivery-method-gets-a-new-upgrade-focusing-on-windows Over the past few weeks, Morphisec Labs researchers identified a couple dozen documents that execute the OSTAP javascript downloader.. This time we have identified the use of the latest version of the remote desktop activeX control class that was introduced for Windows 10. […]

Read More

Daily NCSC-FI news followup 2020-02-28

RSAC 2020: Ransomware a National Crisis, CISA Says, Ramps ICS Focus threatpost.com/ransomware-national-crisis-cisa-ics/153322/ Industrial control systems (ICS) and critical infrastructure will be a main focus for the Department of Homeland Securitys Cybersecurity and Infrastructure Security Agency (CISA) this year especially as ransomware looms as a main threat to the sector going forward.. Thats according to Christopher […]

Read More

Daily NCSC-FI news followup 2020-02-27

Zyxel storage, firewall, VPN, security boxes have a give-anyone-on-the-internet-root hole: Patch right now www.theregister.co.uk/2020/02/26/zyxel_security_hole/ Wi-Fi of more than a billion PCs, phones, gadgets can be snooped on. But you’re using HTTPS, SSH, VPNs… right? www.theregister.co.uk/2020/02/27/wifi_chip_bug_eset/ Encryption keys forced to zero by chip-level KrØØk flaw Credit Card Skimmer Uses Fake CDNs To Evade Detection www.bleepingcomputer.com/news/security/credit-card-skimmer-uses-fake-cdns-to-evade-detection/ Threat […]

Read More

Daily NCSC-FI news followup 2020-02-26

Iranian APT Targets Govs With New Malware threatpost.com/iranian-apt-targets-govs-with-new-malware/153162/ A new campaign is targeting governments with the ForeLord malware, which steals credentials.. A never before seen credential-stealing malware, dubbed ForeLord, has been uncovered in recent spear phishing emails. Researchers have attributed the campaign to a known Iranian advanced persistence threat (APT) group. Internal Docs Show Why […]

Read More

Daily NCSC-FI news followup 2020-02-25

Mobile malware evolution 2019 securelist.com/mobile-malware-evolution-2019/96280/ Ransomware Against the Machine: How Adversaries are Learning to Disrupt Industrial Production by Targeting IT and OT www.fireeye.com/blog/threat-research/2020/02/ransomware-against-machine-learning-to-disrupt-industrial-production.html Firefox enables DNS-over-HTTPS by default (with Cloudflare) for all U.S. users thehackernews.com/2020/02/firefox-dns-over-https.html Install Latest Chrome Update to Patch 0-Day Bug Under Active Attacks thehackernews.com/2020/02/google-chrome-zero-day.html New OpenSMTPD RCE Flaw Affects Linux and OpenBSD […]

Read More

Daily NCSC-FI news followup 2020-02-24

Operation DRBControl www.trendmicro.com/vinfo/us/security/news/cyber-attacks/operation-drbcontrol-uncovering-a-cyberespionage-campaign-targeting-gambling-companies-in-southeast-asia Uncovering a Cyberespionage Campaign Targeting Gambling Companies in Southeast Asia. The DRBControl campaign attacks its targets using a variety of malware and techniques that coincide with those used in other known cyberespionage campaigns. EU Commission to staff: Switch to Signal messaging app www.politico.eu/pro/eu-commission-to-staff-switch-to-signal-messaging-app/ The European Commission has told its staff to start […]

Read More