Daily NCSC-FI news followup 2019-06-05

The EU Found Out That Its Embassy In Moscow Had Been Hacked But Kept
It A Secret
www.buzzfeednews.com/article/albertonardelli/eu-embassy-moscow-hack-russia
A sophisticated cyber espionage event began in February 2017. Russian
entities are believed to be behind the hack, a source told BuzzFeed
News.

The Most Expensive Lesson Of My Life: Details of SIM port hack
medium.com/coinmonks/the-most-expensive-lesson-of-my-life-details-of-sim-port-hack-35de11517124
I lost north of $100,000 last Wednesday. It evaporated over a 24-hour
time span in a SIM port attack that drained my Coinbase account.

Twitterbots: Anatomy of a Propaganda Campaign
www.symantec.com/blogs/threat-intelligence/twitterbots-propaganda-disinformation
Internet Research Agency archive reveals a vast, coordinated campaign
that was incredibly successful at pushing out and amplifying its
messages.. The operation was carefully planned, with accounts often
registered months before they were used and well in advance of the
2016 U.S. presidential election. The average time between account
creation and first tweet was 177 days.. In October 2018, Twitter
released a massive dataset of content posted on its service by the
Internet Research Agency (IRA), a Russian company responsible for the
largest propaganda campaign directed against the U.S.

UK Hasn’t Made Sufficient Progress for National Security Strategy
www.infosecurity-magazine.com/news/uk-hasnt-made-progress-security/
The National Cyber Security Centre (NCSC) has dealt with over 1,100
cybersecurity incidents since it was established in October 2016. CSC
chair Meg Hillier says that the UK will need to protect itself against
risks created by more and more services going online, but there is
concern that consumers do not know how well they are protected: “We
welcome the National Cyber Security Strategy but are concerned that
the program designed to deliver it is insufficien

440 Million Android Users Plagued By Extremely Obnoxious Pop-Ups
threatpost.com/android-completely-obnoxious-pop-ups/145390/
The mobile ad plugin, found in hundreds of Google Play apps, uses
well-honed techniques from malware development to hide itself.. Over
440 million Android phones have been exposed to an obnoxious
advertising plugin hidden within hundreds of popular applications
available via Google Play, which ultimately can render phones almost
unusable.

Infosecurity Europe: Easing the Clash Between IT and OT
threatpost.com/infosecurity-europe-easing-the-clash-between-it-and-ot/145334/
Experts at Infosecurity Europe shed light on how IT and operational
technology teams can better collaborate as industrial IoT takes hold.

Crime doesn’t pay? Crime doesn’t do secure coding, either: Akamai
bug-hunters find hijack hole in bank phishing kit
www.theregister.co.uk/2019/06/05/akamai_phishing_kit_vuln/
Phishing kits used by miscreants to build webpages that steal
victims’ personal information and money by masquerading as legit
websites harbor vulnerabilities that can be exploited by other
miscreants to pilfer freshly stolen data.

Apple bans ads, third-party tracking in apps meant for kids
nakedsecurity.sophos.com/2019/06/05/apple-bans-ads-third-party-tracking-in-apps-meant-for-kids/
On Monday, Apple updated the Kids category in its App Store developer
guidelines to include a new ban on third-party advertising or
analytics (which are ostensibly used for tracking) in content aimed at
younger audiences.. Previously, the guidelines only restricted
behavioral advertising tracking e.g., advertisers werent allowed to
serve ads based on kids activity, plus ads had to be appropriate for
young audiences.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.