Daily NCSC-FI news followup 2019-07-03

Facebook says its working to resolve outages across Instagram, WhatsApp, and Messenger

www.theverge.com/2019/7/3/20681050/facebook-picture-stories-outage-instagram-whatsapp-messenger Facebook has had problems loading images, videos, and other data across its apps today, leaving some people unable to load photos in the Facebook News Feed, view stories on Instagram, or send messages in WhatsApp. Facebook says it is aware of the issues and working to get things back to normal as quickly as possible.

China’s Border Guards Secretly Installing Spyware App on Tourists’ Phones

thehackernews.com/2019/07/xinjiang-fengcai-spyware.html Chinese authorities are secretly installing surveillance apps on smartphones of foreigners at border crossings in the Xinjiang region who are entering from neighboring Kyrgyzstan, an international investigation revealed.

Bangladesh Cyber Heist 2.0: Silence APT goes global

www.group-ib.com/media/silence-apt/ Group-IB, an international company that specializes in preventing cyber attacks, has established that Silence, a Russian-speaking cybercriminal group is likely to be behind the brazen attack on Dutch-Bangla Banks ATMs resulting in the theft of $3 million, the amount reported by the local media.. The actual amount of money stolen could be much higher. This is one of Silences most recent international attacks, which indicates that the gang has expanded its geography and has gone global, focusing now on APAC markets.. see also


NHS warned to act now to keep hackers at bay


US Cyber Command issues alert about hackers exploiting Outlook vulnerability

www.zdnet.com/article/us-cyber-command-issues-alert-about-hackers-exploiting-outlook-vulnerability/ US Cyber Command has issued an alert via Twitter today about threat actors abusing an Outlook vulnerability to plant malware on government networks.. Chronicle links the malware samples to Iran’s APT33 group, which previously developed the infamous Shamoon malware.

Trickbot Trojan Now Has a Separate Cookie Stealing Module

www.bleepingcomputer.com/news/security/trickbot-trojan-now-has-a-separate-cookie-stealing-module/ Trickbot trojan now comes with a separate module for stealing browser cookies, threat researchers found on Tuesday, marking new progress in the malware’s development.

This hacking gang just switched its malware attacks to a new target

www.zdnet.com/article/this-hacking-gang-just-switched-its-malware-attacks-to-a-new-target/ One of the world’s most successful cybercriminal groups has altered its tactics and is also distributing a new form of malware as part of its latest campaign, which this time targets bank and financial services employees in the US, the United Arab Emirates and Singapore.. see also


First-ever malware strain spotted abusing new DoH (DNS over HTTPS) protocol

www.zdnet.com/article/first-ever-malware-strain-spotted-abusing-new-doh-dns-over-https-protocol/ Godlua, a Linux DDoS bot, is the first-ever malware strain seen using DoH to hide its DNS traffic.. see also


Public Certificate Poisoning Can Break Some OpenPGP Implementations

www.bleepingcomputer.com/news/security/public-certificate-poisoning-can-break-some-openpgp-implementations/ OpenPGP installations can grind to a halt and fail to verify the authenticity of downloaded packages as the keyserver network has been flooded with bogus extra signatures attesting ownership of a certificate.

17-Year-Old Weakness in Firefox Let HTML File Steal Other Files From Device

thehackernews.com/2019/07/firefox-same-origin-policy-hacking.html Except for phishing and scams, downloading an HTML attachment and opening it locally on your browser was never considered as a severe threat until a security researcher today demonstrated a technique that could allow attackers to steal files stored on a victim’s computer.

Breaking & Entering with Zipato SmartHubs

blackmarble.sh/zipato-smart-hub/ During the 0DAYALLDAY Research Event three vulnerabilities were discovered in the ZipaMicro Z-Wave Controller Model #: ZM.ZWUS and the Zipabox Z-Wave Controller Model #: 2AAU7-ZBZWUS. Two vulnerabilities are in the design and implementation of the authentication mechanism in the Zipato Application Programming Interface (API). The third vulnerability is embedded SSH private key for ROOT which isn’t unique and can be extracted.

Vakava varoitus: sotilassatelliitit ovat alttiita hakkeroinnille tehokkaampaa kuin tuhoaminen

www.tivi.fi/uutiset/tv/3e9e99d4-f6cf-47a6-96b4-1a63d8449338 Tuore Iso-Britannian Royal Institute of International Affairs – -ajatushautomon selvityksen mukaan sotilassatelliitit ovat edelleen haavoittuvaisia hakkeroinneille tai muille häirinnän muodoille, kuten spoofingille, jonka turvin voidaan tuottaa esimerkiksi väärää gps-signaalia.

You might be interested in …

Daily NCSC-FI news followup 2020-04-24

New Training: on orchestration of CSIRT Tools www.enisa.europa.eu/news/enisa-news/csirt-training-tools-new-orchestration The EU agency for Cybersecurity introduces new training materials to support Member States’ CSIRTs. ENISA puts great effort into supporting the development of EU Member States’ national incident response preparedness. To that purpose, ENISA updated its CSIRT training material aimed at improving the skills of CSIRT teams. […]

Read More

Daily NCSC-FI news followup 2020-04-14

Koronan ja 5g:n yhdistävä salaliittoteoria leviää nyt tukiasemat palavat Hollannissa www.is.fi/digitoday/mobiili/art-2000006474027.html Tuhopoltoiksi epäillyt tukiasemapalot levisivät Britanniasta Hollantiin. Hackers Targeting Critical Healthcare Facilities With Ransomware During Coronavirus Pandemic thehackernews.com/2020/04/ransomware-hospitals-coronavirus.html As hospitals around the world are struggling to respond to the coronavirus crisis, cybercriminalswith no conscience and empathyare continuously targeting healthcare organizations, research facilities, and other governmental […]

Read More

Daily NCSC-FI news followup 2021-01-15

Bitcoin-kiristäjä piinaa taas suomalaisia www.kauppalehti.fi/uutiset/bitcoin-kiristaja-piinaa-taas-suomalaisia-ala-maksa-masturbointilunnaita/a65ed063-b6b7-4ae9-93a8-4a4161d70b43 Verkkohuijarit ovat taas liikkeellä pornokiristyksinä tunnettujen huijausviestien kanssa. Huijarit väittävät tartuttaneensa haittaohjelman vastaanottajan koneelle tämän vierailtua aikuisviihdesivustolla. Katso myös Kyberturvallisuuskeskuksen uutinen aiheesta: www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/kiristyshuijauksia-liikkeella-runsaasti-ala-usko-huijarien-vaitteita Signal down after getting flooded with new users www.bleepingcomputer.com/news/software/signal-down-after-getting-flooded-with-new-users/ Signal users are currently experiencing issues around the world, with users unable to send and receive messages. Ransomware […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.