Daily NCSC-FI news followup 2019-07-05

Google Chrome to Unload Heavy Ads With Intensive Resource Usage

www.bleepingcomputer.com/news/google/google-chrome-to-unload-heavy-ads-with-intensive-resource-usage/ Google is currently working on adding a new feature to the Chrome web browser designed to automatically unload ads which use an outrageous amount of system resources in an effort to shrink the browser’s CPU and network footprint.

Samsung Update App with 10M+ Installs Charges for Free Firmware

www.bleepingcomputer.com/news/security/samsung-update-app-with-10m-installs-charges-for-free-firmware/ An Android app with over 10 million installations on Google Play attempts to trick Samsung phone users into paying for their firmware updates, which are available free of charge from the vendor.

Automated Magecart Campaign Hits Over 960 Breached Stores

www.bleepingcomputer.com/news/security/automated-magecart-campaign-hits-over-960-breached-stores/ A large-scale payment card skimming campaign that successfully breached 962 e-commerce stores was discovered today by Magento security research company Sanguine Security.

Over $800,000 Stolen by Scammers in Atlanta Area City BEC Fraud

www.bleepingcomputer.com/news/security/over-800-000-stolen-by-scammers-in-atlanta-area-city-bec-fraud/ Over $800,000 were stolen from the City of Griffin, Georgia, by scammers in a BEC (Business Email Compromise) attack by redirecting two transactions to their own bank accounts according to local media sources.

The Week in Ransomware – July 5th 2019 – Shadiness in the Sunshine State

www.bleepingcomputer.com/news/security/the-week-in-ransomware-july-5th-2019-shadiness-in-the-sunshine-state/ This week is a double edition covering the ransomware news between June 22nd and July 5th.

Maryland Govt Agency Breach Exposes Names, SSNs of 78K People

www.bleepingcomputer.com/news/security/maryland-govt-agency-breach-exposes-names-ssns-of-78k-people/ The Maryland Department of Labor (Maryland DoL) published a press release today explaining that sensitive information of roughly 78,000 customers including names and social security numbers was accessed by an unauthorized party.

7-Eleven Japanese customers lose $500,000 due to mobile app flaw

www.zdnet.com/google-amp/article/7-eleven-japanese-customers-lose-500000-due-to-mobile-app-flaw/ Hackers exploit 7-Eleven’s poorly designed password reset function to make unwanted charges on 900 customers’ accounts.. However, in a mind-boggling turn of events, the app contained a password reset function that was incredibly poorly designed. It allowed anyone to request a password reset for other people’s accounts, but have the password reset link sent to their email address, instead of the legitimate account owner.

Croatian government targeted by mysterious hackers

www.zdnet.com/article/croatian-government-targeted-by-mysterious-hackers/ Government agencies targeted with never before seen malware payload named SilentTrinity.

UK’s largest police forensics lab paid ransom demand to recover locked data

www.zdnet.com/article/uks-largest-police-forensics-lab-paid-ransom-demand-to-recover-locked-data/ Eurofins Scientific has already recovered from the incident. Didn’t say how much it paid hackers.

You might be interested in …

Daily NCSC-FI news followup 2020-07-01

Experts: COVID Multiplying Risks To Critical Infrastructure www.forbes.com/sites/paulfroberts/2020/07/01/experts-covid-multiplying-risks-to-critical-infrastructure/ Former DHS Secretary Michael Chertoff warned on Tuesday that changes wrought by the COVID global pandemic are exacerbating vulnerabilities in the global economy, including the risk of crippling cyber attacks on critical infrastructure like the electric grid. China’s Software Stalked Uighurs Earlier and More Widely, Researchers Learn […]

Read More

Daily NCSC-FI news followup 2020-05-26

New Zealand introduces Bill to block violent extremist content www.zdnet.com/article/new-zealand-introduces-bill-to-block-violent-extremist-content/ It would make livestreaming of objectionable content a criminal offence, censorship calls will be made immediately, and take-down notices will be backed by law. YK: kyberiskuissa roimaa kasvua supervalta boikotoi kokousta www.tivi.fi/uutiset/tv/b9faeb00-ec81-42a1-ba54-18f88164034f YK varoitti perjantaina kyberrikosten olevan kasvussa koronapandemian aikana. YK:n epävirallisessa turvallisuusneuvoston kokouksessa perjantaina […]

Read More

Daily NCSC-FI news followup 2019-09-05

FunkyBot: A New Android Malware Family Targeting Japan www.fortinet.com/blog/threat-research/funkybot-malware-targets-japan.html Last year, FortiGuard Labs identified a malware campaign targeting Japanese users. The campaign impersonated a logistics company and deployed an Android malware called FakeSpy. We have been monitoring these actors and the phishing websites they created, and recently we noticed that they have started deploying a […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.