Latest News Articles


--- TLP:WHITE ---
(https://first.org/tlp/)

########################################################
#### CSIRT-IE End of Week Report ####
########################################################

Date   : Friday 06-09-2019 10:00 ; Friday 13-09-2019 10:00

=====================================
= News =
=====================================

− Public BlueKeep Exploit Module Released by MetaSploit
A public exploit module for the BlueKeep Windows vulnerability has been
added today to the open-source Metasploit penetration testing
framework, developed by Rapid7 in collaboration with the open-source
community. [...]

https://www.bleepingcomputer.com/news/security/public-bluekeep-exploit-
module-released-by-metasploit/


− Fake PayPal Site Spreads Nemty Ransomware
A web page pretending to offer an official application from PayPal is
currently spreading Nemty ransomware to unsuspecting users. [...]

https://www.bleepingcomputer.com/news/security/fake-paypal-site-spreads-
nemty-ransomware/

− Google Calendar Spam Got You Down? A Fix Is on The Way
Google is working on a solution to stop spammers from abusing a Google
Calendar feature designed to automatically add event invitations to its
users' calendars after receiving countless reports about spam events
over the last few months. [...]

https://www.bleepingcomputer.com/news/security/google-calendar-spam-got
-you-down-a-fix-is-on-the-way/

− 'A major policy issue' - Government invested €340m to tackle cyber
crime, Justice Minister says - Independent.ie
Speaking this morning at the Secure Computing Forum cyber security
conference at Dublin's RDS, the Minister stressed that Ireland needs to
stay ahead of the growing number of cyber-criminals. “Cyber security is
a major policy issue for government and any business,” he said.

https://www.independent.ie/business/irish/a-major-policy-issue-government
-invested-340m-to-tackle-cyber-crime-justice-minister-says-38491553.html


− Cyber Attack against Hungarian Government Organization - Hungary
Today
The Hungarian Development Center (MFK) is forced to reorganize its
administration from scratch after a hacker attack destroyed its entire
digital database in mid-July, news site 24.hu reports . Allegedly, the
attack most likely came from North Korea. The Ministry of Foreign
Affairs later confirmed....

https://hungarytoday.hu/cyber-attack-against-hungarian-government-
organization/

− Iran-Linked Hackers Again Target Universities
Iran-linked threat actor COBALT DICKENS has launched a new phishing
campaign targeting universities around the world, similar to an
operation launched in August 2018 , Secureworks reveals. read more

https://www.securityweek.com/iran-linked-hackers-again-target-universities


− Chinese APT Group Continues to Remain Undeterred Even After Symantec
Exposure - Techsprouts
According to recent reports by U.S. Cybersecurity giant, Symantec,
during the past year, the Chinese cyber-espionage group, Thrip has
attacked companies in the military, telecom and satellite sector. Even
though Symantec has publicly exposed the China-based APT, Thrip
continues on to be a major threat for Southeast Asian entities.

https://techsprouts.com/chinese-apt-group-thrip-continues-to-remain-
undeterred-even-after-symantec-exposure/


=====================================
= Vulnerabilities =
=====================================
− New SIM Card Flaw Lets Hackers Hijack Any Phone Just By Sending SMS
Cybersecurity researchers today revealed the existence of a new and
previously undetected critical vulnerability in SIM cards that could
allow remote attackers to compromise targeted mobile phones and spy on
victims just by sending an SMS. Dubbed "SimJacker," the vulnerability
resides in a particular piece of software, called the S@T Browser (a
dynamic SIM toolkit), embedded on most SIM cards

https://thehackernews.com/2019/09/simjacker-mobile-hacking.html

   
− Google Releases Security Updates for Chrome
Original release date: September 10, 2019 Google has released Chrome
version 77.0.3865.75 for Windows, Mac, and Linux. This version
addresses multiple vulnerabilities that an attacker could exploit to
take control of an affected system. The Cybersecurity and
Infrastructure Security Agency (CISA) encourages users and
administrators to review the Chrome Release and apply the necessary
updates. This product is provided subject to this Notification and this
Privacy & Use policy.

https://www.us-cert.gov/ncas/current-activity/2019/09/10/google-releases
-security-updates-chrome


− Microsoft Fixes 79 Vulnerabilities Including Two Active Zero-Days
Exploits and 4 Critical RDP Flaws
Microsoft released security updates for September that addresses 79
security vulnerabilities, out of the 17 are critical, 61 rated as
important and one classified as Moderate. The update covers two active
Elevation of Privilege Zero-Days Vulnerabilities CVE-2019-1215 &
CVE-2019-1214.

https://gbhackers.com/microsoft-fixes-79-vulnerabilities/


=====================================
= Community News =
=====================================

− "Splintering" Makes Hacking Passwords 14 Million Percent Harder
Tide Foundation Creating Marketplace Where PII Can be Safely Sold read
more

https://www.securityweek.com/splintering-makes-hacking-passwords-14-
million-percent-harder


− Lufthansa Offers Biometric Boarding at Fourth US Airport
Biometric boarding is now available to Lufthansa’s JFK passengers

https://www.infosecurity-magazine.com:443/news/lufthansa-biometric-
boarding-at-jfk/


− DNS-over-HTTPS Coming to Firefox
Mozilla this week announced plans to gradually roll-out DNS-over-HTTPS
(DoH) in Firefox starting this month, though only users in the United
States will receive it in the beginning. read more

https://www.securityweek.com/dns-over-https-coming-firefox


− Rolling in DoH: Chrome 78 to experiment with DNS-over-HTTPS – hot on
the heels of Firefox
Google promises it won't override your choice of DNS provider Only days
after Mozilla said it plans to make DNS-over-HTTPS (DoH) available by
default gradually for Firefox users in the US, Google announced its
intention to test DoH in Chrome 78, due for beta release in the next
two weeks.…

https://www.theregister.co.uk/2019/09/10/chrome_78_dnsoverhttps/


− Office 365 ATP Automated Incident Response Now Generally Available
Microsoft announced today the general availability of the Automated
Incident Response feature in Office 365 Advanced Threat Protection
(ATP) users to support the rising requirements of security teams. [...]

https://www.bleepingcomputer.com/news/microsoft/office-365-atp-automated
-incident-response-now-generally-available/


--- TLP:WHITE ---