Daily NCSC-FI news followup 2019-07-21

Russia’s Secret Intelligence Agency Hacked: ‘Largest Data Breach In Its History’

www.forbes.com/sites/zakdoffman/2019/07/20/russian-intelligence-has-been-hacked-with-social-media-and-tor-projects-exposed/#56b83da66b11 Red faces in Moscow this weekend, with the news that hackers have successfully targeted FSBRussia’s Federal Security Service. The hackers managed to steal 7.5 terabytes of data from a major contractor, exposing secret FSB projects to de-anonymize Tor browsing, scrape social media, and help the state split its internet off from the rest of the world. The data was passed to mainstream media outlets for publishing. Also:

www.bleepingcomputer.com/news/security/russian-fsb-intel-agency-contractor-hacked-secret-projects-exposed/

Hackers breach 62 US colleges by exploiting ERP vulnerability

www.zdnet.com/article/hackers-breach-62-us-colleges-by-exploiting-erp-vulnerability/ Hackers have breached the systems of 62 colleges and universities by exploiting a vulnerability in an enterprise resource planning (ERP) web app, the US Department of Education said in a security alert sent out this week. The vulnerability is in Ellucian Banner Web Tailor, a module of the Ellucian Banner ERP that lets universities customize their front-facing web applications. The vulnerability also impacts Ellucian Banner Enterprise Identity Services, a module for managing user accounts.

New ‘US State Police’ Extortion Scam Includes Contact Numbers

www.bleepingcomputer.com/news/security/new-us-state-police-extortion-scam-includes-contact-numbers/ A new extortion scam is underway that pretends to be from a US State Police detective who is willing to delete child porn evidence if you send them $2,000 in bitcoins. Pretending to be from a state police detective is a new twist, but what really stands out is that they also include a contact phone number that can be used to call the scammer. We all know, or should know, about the sextortion emails people are receiving where the sender states they have hacked the recipient’s computer and taped them doing things while on adult sites. Since then, we have seen further extortion scams that pretend to be the CIA, bomb threats, threats to ruin a website’s reputation, and even from hitmen asking you to pay them to call off a hit.

When Harry met celly: NSA hoarder thrown in the clink for 9 years after taking classified work home for decades

www.theregister.co.uk/2019/07/19/nsa_hoarder_jailed/ An ex-NSA contractor who admitted stashing some 50TB of secret US government documents and exploit code at his home was today sentenced to nine years behind bars. Harold Martin, 54, was given the nine-year term along with an additional three years of supervised release by Judge Richard Bennett in a US federal district court in Maryland.

You might be interested in …

Daily NCSC-FI news followup 2021-03-26

German Parliament targeted again by Russian state hackers www.bleepingcomputer.com/news/security/german-parliament-targeted-again-by-russian-state-hackers/ It is believed that the attackers were able to gain access to the email accounts of seven members of the German federal parliament (Bundestag) and 31 members of German regional parliaments. “The Ghostwriter campaign leverages traditional cyber threat activity and information operations tactics to promote narratives […]

Read More

Daily NCSC-FI news followup 2020-05-10

Microsoft adds protection against Reply-All email storms in Office 365 www.zdnet.com/article/microsoft-adds-protection-against-reply-all-email-storms-in-office-365/ Microsoft rolled out this week a new feature to Office 365 customers to help their IT staff detect and stop “Reply-All email storms.”. The term refers to situations when employees use the Reply-All option in mass-mailed emails, such as company-wide notifications. Sodinokibi ransomware can […]

Read More

Daily NCSC-FI news followup 2020-08-08

Small and mediumsized businesses: Big targets for ransomware attacks www.welivesecurity.com/2020/08/07/small-medium-sized-businesses-big-targets-ransomware-attacks/ Why are SMBs a target for ransomware-wielding gangs and what can they do to protect themselves against cyber-extortion?. While large enterprises may present themselves as more lucrative prey, SMBs are an attractive target due to their lack of resources to defend against such attacks. Iranians, […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.