. | BruCERT

ADVISORY ON SUPPLY CHAIN ATTACK ON SOLARWINDS ORION PLATFORM SOFTWARE (SUNBURST BACKDOOR)

FireEye has uncovered a widespread campaign, that they are tracking as UNC2452. The actors behind this campaign gained access to numerous public and private organizations around the world. They gained access to victims via trojanized updates to SolarWind’s Orion IT monitoring and management software. This incident may have begun as early as Spring 2020 and is currently ongoing. Post compromise activity following this supply chain compromise has included lateral movement and data theft.

WEB BROWSERS ATTACKED BY ADROZEK MALWARE

A new strain of Adrozek malware infects devices and modifies browser settings in order to inject ads into search results pages so that the attackers can collect fees from referral programs. The malware can also extract credentials from the browser and upload them to the attacker's servers.

ZERO-CLICK 'WORMABLE' RCE FLAW UNCOVERED IN MICROSOFT TEAMS

A Remote Code Execution vulnerability has been identified in MS Teams desktop app which can be triggered by a novel XSS (Cross-Site Scripting) injection in teams.microsoft.com. A specifically crafted chat message can be sent to any Microsoft Teams member or channel which will execute arbitrary code on a victim PC's with NO USER INTERACTION.

Security News

Critical Microsoft Defender Bug Actively Exploited; Patch Tuesday Offers 83 Fixes

Threatpost

8 hours 45 minutes ago

The first Patch Tuesday security bulletin for 2021 from Microsoft includes fixes for one bug under active attack, possibly linked to the massive SolarWinds hacks.

Tom Spring

Intel's New vPro Processors Aim to Help Defend Against Ransomware

Dark Reading

1 day 7 hours ago

The newest Intel Core vPro mobile platform gives PC hardware a direct role in detecting ransomware attacks.

Kelly Sheridan Staff Editor, Dark Reading

NSA Cybersecurity Directorate Releases 2020 Year in Review

US-CERT Activity

15 hours 8 minutes ago

Original release date: January 12, 2021
The National Security Agency (NSA) Cybersecurity Directorate has released its 2020 Year in Review, outlining key milestones and mission outcomes achieved during NSA Cybersecurity’s first full year of existence. Highlights include NSA Cybersecurity’s contributions to the 2020 elections, Operation Warp Speed, and the Department of Defense’s pandemic-influenced transition to telework.

For further details on those and other accomplishments, CISA encourages users and administrators to read the NSA Cybersecurity 2020 Year in Review.

This product is provided subject to this Notification and this Privacy & Use policy.

CISA

Post-Backlash, WhatsApp Spells Out Privacy Policy Updates

Threatpost

19 hours 59 minutes ago

WhatsApp aimed to clear the air about its updated privacy policy after reports of mandatory data sharing with Facebook drove users to Signal and Telegram in troves.

Lindsey O'Donnell

New Tool Sheds Light on AppleScript-Obfuscated Malware

Dark Reading

1 day 12 hours ago

The AEVT decompiler helped researchers analyze a cryptominer campaign that used AppleScript for obfuscation and will help reverse engineers focused on other Mac OS malware.

Robert Lemos Contributing Writer

Malware Developers Refresh Their Attack Tools

Dark Reading

4 days 11 hours ago

Cisco analyzes the latest version of the LokiBot malware for stealing credentials, finding that its developers have added more misdirection and anti-analysis features.

Robert Lemos Contributing Writer

Biden to Appoint Cybersecurity Advisor to NSC – Report

Threatpost

5 days 8 hours ago

Anne Neuberger will join the National Security Council, according to sources.

Tara Seals

MS-ISAC Releases Cybersecurity Advisory on Zyxel Firewalls and AP Controllers

US-CERT Activity

4 days 15 hours ago

Original release date: January 8, 2021
The Multi-State Information Sharing and Analysis Center (MS-ISAC) has released an advisory on a vulnerability in Zyxel firewalls and AP controllers. A remote attacker could exploit this vulnerability to take control of an affected system.

CISA encourages users and administrators to review the MS-ISAC Advisory 2021-001 and Zyxel Security Advisory for CVE-2020-29583 and apply the necessary updates and mitigation recommendations.

This product is provided subject to this Notification and this Privacy & Use policy.

CISA

State Dept. to Create New Cybersecurity & Technology Agency

Dark Reading

5 days 8 hours ago

Bureau of Cyberspace Security and Emerging Technologies (CSET) will serve as diplomatic arm for US cybersecurity interests.

Dark Reading Staff

Facebook’s Mandatory Data-Sharing Rules for WhatsApp Spark Ire

Threatpost

5 days 17 hours ago

The messaging platform will update its privacy platform on Feb. 8 to integrate further with its parent company, prompting users to cry foul over privacy issues.

Elizabeth Montalbano

ADVISORY ON SUPPLY CHAIN ATTACK ON SOLARWINDS ORION PLATFORM SOFTWARE (SUNBURST BACKDOOR)

WEB BROWSERS ATTACKED BY ADROZEK MALWARE

ZERO-CLICK 'WORMABLE' RCE FLAW UNCOVERED IN MICROSOFT TEAMS

Incident Response

Security Awareness

Security News

Critical Microsoft Defender Bug Actively Exploited; Patch Tuesday Offers 83 Fixes

Intel's New vPro Processors Aim to Help Defend Against Ransomware

NSA Cybersecurity Directorate Releases 2020 Year in Review

Post-Backlash, WhatsApp Spells Out Privacy Policy Updates

New Tool Sheds Light on AppleScript-Obfuscated Malware

Malware Developers Refresh Their Attack Tools

Biden to Appoint Cybersecurity Advisor to NSC – Report

MS-ISAC Releases Cybersecurity Advisory on Zyxel Firewalls and AP Controllers

State Dept. to Create New Cybersecurity & Technology Agency

Facebook’s Mandatory Data-Sharing Rules for WhatsApp Spark Ire

Content Regulation

Activities

Majlis Perundingan Kampong Daerah Tutong

Go Digital ASEAN

Internet Safety For Kids

Program Celik ICT Warga Emas

Report Incidents Online

Affiliates