Daily NCSC-FI news followup 2019-07-12

Buhtrap group uses zeroday in latest espionage campaigns

www.welivesecurity.com/2019/07/11/buhtrap-zero-day-espionage-campaigns/ ESET research reveals notorious crime group also conducting espionage campaigns for the past five years

Over 17,000 Domains Infected with Code that Steals Card Data

www.bleepingcomputer.com/news/security/over-17-000-domains-infected-with-code-that-steals-card-data/ Cybercriminals running Magecart operations have added payment card skimming code to more than 17,000 domains with JavaScript files in misconfigured Amazon S3 buckets.

Microsoft Adds Automatic Phishing Detection to Microsoft Forms

www.bleepingcomputer.com/news/security/microsoft-adds-automatic-phishing-detection-to-microsoft-forms/ “In order to make Forms a more secure service, we are going to enable automatic phishing detection to prevent our customers from losing sensitive data via phishing forms,” says an update to the Microsoft 365 Roadmap.

Unusual Linux Ransomware Targets NAS Servers

threatpost.com/linux-ransomware-nas-servers/146441/ A rare instance of ransomware targeting Linux-based file storage systems (network-attached storage servers, specifically) has been spotted, spreading via 15 separate but related campaigns. The adversaries behind the effort are continuing their depredations on an ongoing basis, according to researchers, so targets are expected to proliferate.

Train maker’s coder goes loco, choo-choo-chooses to flee to China with top-secret code allegedly

www.theregister.co.uk/2019/07/12/train_software_theft/ The case is one of a number involving allegations of US-based developers and engineers fleeing to China while in possession or trade secrets. In March, a former Tesla engineer was sued for lifting trade secrets from the Musk-y auto outfit with the intent of taking them to a Chinese rival, and last year a trio of Micron engineers were charged with stealing confidential docs from the chipmaker on behalf of two China-based outfits. ®

You might be interested in …

Daily NCSC-FI news followup 2021-06-23

Suomalaiset menettäneet 13, 5 miljoonaa huijareille lue poliisin ohjeet www.is.fi/digitoday/tietoturva/art-2000008078041.html Verkkohuijarit ovat vieneet suomalaisilta tänä vuonna 13, 5 miljoonaa euroa, joista lähes 5 miljoonaa pankkihuijauksin. Huawei sai kylmää vettä niskaan Ruotsissa – Ericsson pelkää kostoa www.tivi.fi/uutiset/tv/a3301f54-967e-482f-addf-6f3698eda710 Ruotsin turvallisuuspoliisin esittämät uhkakuvat vakuuttivat hallinto-oikeuden Huawein muodostamasta riskistä. MITRE releases D3FEND, defensive measures complimentary to its ATT&CK framework […]

Read More

Daily NCSC-FI news followup 2021-06-15

Ransomware attacks continue to Surge, hitting a 93% increase year over year blog.checkpoint.com/2021/06/14/ransomware-attacks-continue-to-surge-hitting-a-93-increase-year-over-year/ Number of organizations impacted by ransomware has risen to 1210 in June 2021. Check Point Research sees a 41% increase in attacks since the beginning of 2021 and a 93% increase year over year. Latin America and Europe saw the largest increase […]

Read More

Daily NCSC-FI news followup 2019-10-29

Industrial equipment to come under fire at the world’s largest hacking contest www.zdnet.com/article/industrial-equipment-to-come-under-fire-at-the-worlds-largest-hacking-contest/ Pwn2Own hacking contest to feature ICS SCADA targets for the first time. The next Pwn2Own contest is set to take place at the S4 ICS security conference that will be held in Miami South Beach on January 21-23, 2020. Microsoft: Russian hackers […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.