Daily NCSC-FI news followup 2019-07-12

Buhtrap group uses zeroday in latest espionage campaigns

www.welivesecurity.com/2019/07/11/buhtrap-zero-day-espionage-campaigns/ ESET research reveals notorious crime group also conducting espionage campaigns for the past five years

Over 17,000 Domains Infected with Code that Steals Card Data

www.bleepingcomputer.com/news/security/over-17-000-domains-infected-with-code-that-steals-card-data/ Cybercriminals running Magecart operations have added payment card skimming code to more than 17,000 domains with JavaScript files in misconfigured Amazon S3 buckets.

Microsoft Adds Automatic Phishing Detection to Microsoft Forms

www.bleepingcomputer.com/news/security/microsoft-adds-automatic-phishing-detection-to-microsoft-forms/ “In order to make Forms a more secure service, we are going to enable automatic phishing detection to prevent our customers from losing sensitive data via phishing forms,” says an update to the Microsoft 365 Roadmap.

Unusual Linux Ransomware Targets NAS Servers

threatpost.com/linux-ransomware-nas-servers/146441/ A rare instance of ransomware targeting Linux-based file storage systems (network-attached storage servers, specifically) has been spotted, spreading via 15 separate but related campaigns. The adversaries behind the effort are continuing their depredations on an ongoing basis, according to researchers, so targets are expected to proliferate.

Train maker’s coder goes loco, choo-choo-chooses to flee to China with top-secret code allegedly

www.theregister.co.uk/2019/07/12/train_software_theft/ The case is one of a number involving allegations of US-based developers and engineers fleeing to China while in possession or trade secrets. In March, a former Tesla engineer was sued for lifting trade secrets from the Musk-y auto outfit with the intent of taking them to a Chinese rival, and last year a trio of Micron engineers were charged with stealing confidential docs from the chipmaker on behalf of two China-based outfits. ®

You might be interested in …

Daily NCSC-FI news followup 2020-05-14

Spam campaign: Netwire RAT via paste.ee and MS Excel to German users www.gdatasoftware.com/blog/netwire-rat-via-pasteee-and-ms-excel G DATA discovered an email spam campaign in Germany that delivers NetWire RAT via PowerShell in Excel documents. The emails mimick the German courier, parcel and express mail service DHL. Sodinokibi drops greatest hits collection, and crime is the secret ingredient blog.malwarebytes.com/cybercrime/2020/05/sodinokibi-drops-greatest-hits-collection-and-crime-is-the-secret-ingredient/ […]

Read More

Daily NCSC-FI news followup 2020-06-04

Cisco’s warning: Critical flaw in IOS routers allows ‘complete system compromise’ www.zdnet.com/article/ciscos-warning-critical-flaw-in-ios-routers-allows-complete-system-compromise/ Most severe vulns are remote code execution by unauthenticated attackers. French CERT (ANSSI) releases Active Directory Security Assessment Checklist www.cert.ssi.gouv.fr/uploads/guide-ad.html U.S. Nuclear Contractor Hit with Maze Ransomware, Data Leaked threatpost.com/nuclear-contractor-maze-ransomware-data-leaked/156289/ A U.S. military contractor involved in the maintenance of the country’s Minuteman III […]

Read More

Daily NCSC-FI news followup 2020-02-07

Backing up is no panacea when blackmailers publish stolen data www.kaspersky.com/blog/ransomware-data-disclosure/32410/ Backing up data has been one of the most effective, though labor-intensive, safeguards against encrypting ransomware so far. Now, malefactors seem to have caught up with those who rely on backups. The creators of several ransomware programs, confronted with victims refusing to pay the […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.