Changes

From Security Weekly Wiki
Jump to navigationJump to search
797 bytes added ,  17:36, 10 December 2019
no edit summary
#[https://www.securityweek.com/new-office-365-feature-provides-detailed-information-email-attack-campaigns New Office 365 Feature Provides Detailed Information on Email Attack Campaigns] - Cool stuff: ''The capabilities will provide security teams with summary details about the campaign, including point of origin, pattern and timeline, size, and the number of victims. Additionally, it shows a list of IP addresses and senders, and data on messages that were blocked, ZAPped, sent to junk or quarantine, or allowed into the inbox. Campaign views will also include data on the URLs used in the attack. This information, Microsoft says, should help organizations more easily secure affected or vulnerable users, improve their security posture by eliminating configuration flaws, investigate related campaigns, and hunt and track threats that use the same indicators of compromise (IOC).''
#[https://nakedsecurity.sophos.com/2019/12/10/snatch-ransomware-pwns-security-using-sneaky-safe-mode-reboot/ Snatch ransomware pwns security using sneaky safe mode reboot] - We covered this technique on [https://wiki.securityweekly.com/Episode482#Interview:_Kobi_and_Doron_Naim.2C_Cyberark_Labs_-_7:00-7:30_PM Paul's Security Weekly Episode 482] with researchers from Cyberark Labs in September 2016.
#[https://www.forbes.com/sites/daveywinder/2019/12/07/google-confirms-critical-android-8-9-and-10-permanent-denial-of-service-threat/ Google Confirms Critical Android 8, 9 And 10 Permanent Denial Of Service Threat]- ''CVE-2019-2232 has been rated as the most severe of three critical vulnerabilities addressed in the December Android Security Bulletin. The official NIST National Vulnerability Database description of the vulnerability says that improper input validation in the "handleRun of TextLine.java" could create a "possible application crash." In other words, a maliciously-crafted message could cause a denial of service to your Android device. A permanent denial of service attack that could effectively kibosh your smartphone. "User interaction is not needed for exploitation," the description continues, and the remote denial of service attack needs "no additional execution privileges," for good measure. The vulnerability applies to Android 8.0, Android 8.1, Android 9 and Android 10 versions.''
6,509

edits

Navigation menu