Daily NCSC-FI news followup 2019-06-15

Exim email servers are now under attack

www.zdnet.com/article/exim-email-servers-are-now-under-attack/ At least two hacker groups have been identified carrying out attacks, one operating from a public internet server, and one using a server located on the dark web. Myös:

www.cybereason.com/blog/new-pervasive-worm-exploiting-linux-exim-server-vulnerability

ThreatList: Ransomware Trojans Picking Up Steam in 2019

threatpost.com/threatlist-ransomware-trojans-picking-up-steam-in-2019/145718/ The report outlined popular trends in the malware space such as growing popularity of multimodular trojans and ransomware, and decreasing popularity of malicious cryptomining. Overall, cyberincidents grew by 11 percent from the first quarter of 2018 according to the report.

Mysterious Iranian group is hacking into DNA sequencers

www.zdnet.com/article/mysterious-iranian-group-is-hacking-into-dna-sequencers/ Web-based DNA sequencer applications are under attack from a mysterious hacker group using a still-unpatched zero-day to take control of targeted devices.

Experts: Spy used AI-generated face to connect with targets

phys.org/news/2019-06-experts-spy-ai-generated.html William Evanina, director of the U.S. National Counterintelligence and Security Center, said foreign spies routinely use fake social media profiles to home in on American targetsand accused China in particular of waging “mass scale” spying on LinkedIn.

Hacking these medical pumps is as easy as copying a booby-trapped file over the network

www.theregister.co.uk/2019/06/13/medical_workstation_vulnerabilities/ Two security vulnerabilities in medical workstations can exploited by scumbags to hijack the devices and connected infusion pumps, potentially causing harm to patients, the US government revealed today.

U.S. Escalates Online Attacks on Russias Power Grid

www.nytimes.com/2019/06/15/us/politics/trump-cyber-russia-grid.html In interviews over the past three months, the officials described the previously unreported deployment of American computer code inside Russias grid and other targets as a classified companion to more publicly discussed action directed at Moscows disinformation and hacking units around the 2018 midterm elections.

You might be interested in …

Daily NCSC-FI news followup 2019-11-09

Titanium: the Platinum group strikes again securelist.com/titanium-the-platinum-group-strikes-again/94961/ Platinum is one of the most technologically advanced APT actors with a traditional focus on the APAC region. During recent analysis we discovered Platinum using a new backdoor that we call Titanium (named after a password to one of the self-executable archives). Titanium is the final result of […]

Read More

Daily NCSC-FI news followup 2019-08-29

Critical Cisco VM Bug Allows Remote Takeover of Routers threatpost.com/critical-cisco-bug-remote-takeover-routers/147826/ Five More Hackers Become Millionaires on HackerOne www.bleepingcomputer.com/news/security/five-more-hackers-become-millionaires-on-hackerone/ Google adds all Android apps with +100m installs to its bug bounty program www.zdnet.com/article/google-adds-all-android-apps-with-100m-installs-to-its-bug-bounty-program/ Google Targets Data-Abusing Apps with Bug Bounty Launch threatpost.com/google-targets-data-abusing-apps-bug-bounty/147825/ Bug Bounties Continue to Rise, but Market Has Its Own 1% Problem www.darkreading.com/vulnerabilities—threats/vulnerability-management/bug-bounties-continue-to-rise-but-market-has-its-own-1–problem/d/d-id/1335689 The […]

Read More

Daily NCSC-FI news followup 2020-06-05

Trump, Biden Campaign Staffers Targeted By APT Phishing Emails threatpost.com/trump-biden-campaign-apt-phishing-emails/156319/ Google TAG researchers warn that APTs are targeting campaign staffers for both Donald Trump and Joe Biden with phishing emails.. Huntley said that the Iran-linked APT targeting Bidens campaign staff was APT 31 (also known as Zirconium). According to reports, this threat actor is tied […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.