Daily NCSC-FI news followup 2019-07-26

Stock Trading Service Robinhood Admits To Storing Some Passwords in Cleartext

www.zdnet.com/article/robinhood-admits-to-storing-some-passwords-in-cleartext/ “On Monday night, we discovered that some user credentials were stored in a readable format within our internal system,” the company said.. “We resolved the issue, and after thorough review, found no evidence that this information was accessed by anyone outside our response team.”

Researchers Find 23 Million Stolen Cards For Sale

www.infosecurity-magazine.com/news/researchers-find-23-million-stolen/ Nearly two out of every three stolen cards on the sites trawled by Sixgill were issued in the US, amounting to more than 15 million. The next biggest hit country was the UK, which accounted for over 7%.

Android Spyware Has Ties to Election Interference

www.darkreading.com/endpoint/android-spyware-has-ties-to-election-interference/d/d-id/1335351 Recently revealed surveillance-ware comes from a consultant with close ties to Russia’s GRU who was sanctioned by the US for election-tampering.

Data breach cost rises to $4 million per incident; U.S. victims hit even harder

www.scmagazine.com/home/security-news/data-breach/data-breach-cost-rises-to-4-million-per-incident-u-s-victims-hit-even-harder/ The incurred cost of being hit with a data breach for small and large corporations rose by double digits over the last five years to almost $4 million per breach.. U.S.-based data breach victims suffered a much higher loss rate: $8.2 million per event. See also:


EvilGnome Linux malware aimed at your laptop, not your servers

nakedsecurity.sophos.com/2019/07/25/evilgnome-linux-malware-aimed-at-your-laptop-not-your-servers/ EvilGnome is a recent malware sample thats made a few headlines, and although we havent seen any examples of it actually popping up in the wild, we thought wed answer the question anyway.

What Every Security Team Should Know About Internet Threats

www.darkreading.com/edge/theedge/what-every-security-team-should-know-about-internet-threats/b/d-id/1335180 Security teams are laser-focused on protecting the crown jewels. And while they are pretty good at evaluating the security within their own environments, the outside world can be tougher, with new and emerging threats from the broader Internet born every day.. Of particular interest for cybercriminals is the Domain Name System (DNS), which plays a central role in orchestrating all Internet and application traffic. Threats and attacks against it are growing in frequency, with a recent example being the attack on secure, cloud-based messaging app Telegram.

Cyberlaw wonks squint at NotPetya insurance smackdown: Should ‘war exclusion’ clauses apply to network hacks?

www.theregister.co.uk/2019/07/26/do_insurance_war_exclusion_clauses_apply_to_cyberattacks/ In January, Zurich rejected the claim, simply referring to a single policy exclusion which does not cover “hostile or warlike action in time of peace or war” by “government or sovereign power; the military, naval, or air force; or agent or authority”.. Zurich’s use of this sort of exclusion in a cybersecurity policy could be a game-changer, with the obvious question being: was NotPetya an act of war, or just another incidence of ransomware?

Zegost from Within New Campaign Targeting Internal Interests

www.fortinet.com/blog/threat-research/zegost-campaign-targets-internal-interests.html FortiGuard SE Group has come across a recent spearphishing email campaign containing the Zegost (also known as Zusy/Kris) info stealer malware.. While this latest campaign is not necessarily interesting by any means, or new, the targeted victim is because it is a governmental entity in China that provides statistical collection efforts centering around the nations economy, population, and various other metrics that are collected for record keeping.. And interestingly, Zegost has been historically attributed to Chinese cybercriminals

The cost of cybercrime: $45 billion

www.pandasecurity.com/mediacenter/security/costs-cybercrime/ The costs of cybercrime are extremely high these days. This year weve seen how a church lost $1.75 million in a BEC scam; two cities in Florida paid ransoms totaling over a million dollars after ransomware attacks; and British Airways had to pay a fine of £183 million.. Though we will have to wait some time to discover the total costs of cybercrime in 2019, we now have a figure that demonstrates the economic damage that it caused in 2018.. On July 9, the Internet Societys Online Trust Alliance (OTA) published its report 2018 Cyber Incident & Breach Trends Report. According to its calculations, the worldwide economic impact of cybercrime was at least $45 billion (37.4 billion) in 2018.

GitHub starts blocking developers in countries facing US trade sanctions

www.zdnet.com/article/github-starts-blocking-developers-in-countries-facing-us-trade-sanctions/ If you use GitHub’s online services in a country facing US sanctions, you could be about to be kicked off all but the most basic offerings.

Gamers Are Easy Prey for Credential Thieves

threatpost.com/gamers-are-easy-prey-for-credential-thieves/146700/ “A 14-year-old kids gaming credentials are worth more than you think,” said Mike Wilson, CTO at Enzoic. He said credentials tied to Fortnite, Minecraft and RuneScape are particularly prime targets right now, earning a hacker as much as $40 per active username and password.

Examining the Link Between TLD Prices and Abuse

securingtomorrow.mcafee.com/other-blogs/mcafee-labs/examining-the-link-between-tld-prices-and-abuse/ Over the years, McAfee researchers have observed that certain new top-level Domains (TLDs) are more likely to be abused by cyber criminals for malicious activities than others. Our investigations reveal a negative relationship between the likelihood for abuse and registration price of some TLDs, as reported by the McAfee URL and email intelligence team. This means that new TLDs are more likely to be picked up by cyber criminals if their registration prices

Notorious MyDoom Worm Still on AutoPilot After 15 Years

www.bleepingcomputer.com/news/security/notorious-mydoom-worm-still-on-autopilot-after-15-years/ MyDoom holds the record for the fastest spreading email worm, which it achieved in 2004. MyDoom holds the record for the most costly virus, inflicting an impressive $38.5 billion in damages. At its apex, MyDoom generated 16-25% of all emails sent worldwide. Between 2015 and 2018, MyDoom was found within 1.1% percent of all malicious emails detected by security outfit Palo Alto Networks, reaching “an average of 21.4 percent for all individual malware attachments seen through malicious emails.

S-Pankin varjolla leviävä huijaus vetoaa uuteen pankkidirektiiviin uskottavuuden lisäämiseksi.

www.is.fi/digitoday/tietoturva/art-2000006185333.html?ref=rss Suomalaisilta ongitaan verkkopankkitunnuksia alati kehittyvin keinoin. S-Pankin nimissä lähetetyssä viestissä huomautetaan uudesta “pankkidirektiivistä”, jolla viitataan viime vuonna voimaan astuneeseen maksupalveludirektiivi PSD2:een.. – Uusi Eurooppalainen pankkidirektiivi uudistaa verkkopalveluiden käytön, direktiivi velvoittaa luopumaan tunnuslukulistoista ja korteista vuoden 2020 alkuun mennessä. Asiakaamme on tehtävä alustava päivitys ennen direktiivin voimaantuloa, viestissä sanotaan.

You might be interested in …

Daily NCSC-FI news followup 2020-07-25

Will Garmin Pay $10m Ransom To End Two-Day Outage? www.forbes.com/sites/barrycollins/2020/07/25/will-garmin-pay-10m-ransom-to-end-two-day-outage/ Garmin is reportedly being asked to pay a $10 million ransom to free its systems from a cyberattack that has taken down many of its services for two days. Lisäksi yle.fi/uutiset/3-11465640 Hackers actively exploit high-severity networking vulnerabilities arstechnica.com/information-technology/2020/07/hackers-actively-exploit-high-severity-networking-vulnerabilities/ Hackers are actively exploiting two unrelated high-severity […]

Read More

Daily NCSC-FI news followup 2019-12-20

267 miljoonan Facebook-käyttäjän tiedot päätyivät nettiin – älä silti hätäile www.is.fi/digitoday/tietoturva/art-2000006350462.html Vuoto ei kuitenkaan ole hälyttävin mahdollinen, vaikka koskeekin suurta määrää käyttäjiä. Tietueessa ei esimerkiksi ole salasanoja tai maksukortin tietoja. Lisäksi tiedot ovat enimmäkseen amerikkalaisilta käyttäjiltä.. Src: www.comparitech.com/blog/information-security/267-million-phone-numbers-exposed-online/ Supo: 5g-verkkotoimijat arvioitava ja poliittinen keskustelu käytävä www.is.fi/digitoday/tietoturva/art-2000006348909.html Cisco ASA DoS Bug Attacked in Wild blogs.cisco.com/security/talos/cisco-asa-dos-bug-attacked-in-wild Cisco […]

Read More

Daily NCSC-FI news followup 2020-04-24

New Training: on orchestration of CSIRT Tools www.enisa.europa.eu/news/enisa-news/csirt-training-tools-new-orchestration The EU agency for Cybersecurity introduces new training materials to support Member States’ CSIRTs. ENISA puts great effort into supporting the development of EU Member States’ national incident response preparedness. To that purpose, ENISA updated its CSIRT training material aimed at improving the skills of CSIRT teams. […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.