Daily NCSC-FI news followup 2019-07-26

Stock Trading Service Robinhood Admits To Storing Some Passwords in Cleartext

www.zdnet.com/article/robinhood-admits-to-storing-some-passwords-in-cleartext/ “On Monday night, we discovered that some user credentials were stored in a readable format within our internal system,” the company said.. “We resolved the issue, and after thorough review, found no evidence that this information was accessed by anyone outside our response team.”

Researchers Find 23 Million Stolen Cards For Sale

www.infosecurity-magazine.com/news/researchers-find-23-million-stolen/ Nearly two out of every three stolen cards on the sites trawled by Sixgill were issued in the US, amounting to more than 15 million. The next biggest hit country was the UK, which accounted for over 7%.

Android Spyware Has Ties to Election Interference

www.darkreading.com/endpoint/android-spyware-has-ties-to-election-interference/d/d-id/1335351 Recently revealed surveillance-ware comes from a consultant with close ties to Russia’s GRU who was sanctioned by the US for election-tampering.

Data breach cost rises to $4 million per incident; U.S. victims hit even harder

www.scmagazine.com/home/security-news/data-breach/data-breach-cost-rises-to-4-million-per-incident-u-s-victims-hit-even-harder/ The incurred cost of being hit with a data breach for small and large corporations rose by double digits over the last five years to almost $4 million per breach.. U.S.-based data breach victims suffered a much higher loss rate: $8.2 million per event. See also:


EvilGnome Linux malware aimed at your laptop, not your servers

nakedsecurity.sophos.com/2019/07/25/evilgnome-linux-malware-aimed-at-your-laptop-not-your-servers/ EvilGnome is a recent malware sample thats made a few headlines, and although we havent seen any examples of it actually popping up in the wild, we thought wed answer the question anyway.

What Every Security Team Should Know About Internet Threats

www.darkreading.com/edge/theedge/what-every-security-team-should-know-about-internet-threats/b/d-id/1335180 Security teams are laser-focused on protecting the crown jewels. And while they are pretty good at evaluating the security within their own environments, the outside world can be tougher, with new and emerging threats from the broader Internet born every day.. Of particular interest for cybercriminals is the Domain Name System (DNS), which plays a central role in orchestrating all Internet and application traffic. Threats and attacks against it are growing in frequency, with a recent example being the attack on secure, cloud-based messaging app Telegram.

Cyberlaw wonks squint at NotPetya insurance smackdown: Should ‘war exclusion’ clauses apply to network hacks?

www.theregister.co.uk/2019/07/26/do_insurance_war_exclusion_clauses_apply_to_cyberattacks/ In January, Zurich rejected the claim, simply referring to a single policy exclusion which does not cover “hostile or warlike action in time of peace or war” by “government or sovereign power; the military, naval, or air force; or agent or authority”.. Zurich’s use of this sort of exclusion in a cybersecurity policy could be a game-changer, with the obvious question being: was NotPetya an act of war, or just another incidence of ransomware?

Zegost from Within New Campaign Targeting Internal Interests

www.fortinet.com/blog/threat-research/zegost-campaign-targets-internal-interests.html FortiGuard SE Group has come across a recent spearphishing email campaign containing the Zegost (also known as Zusy/Kris) info stealer malware.. While this latest campaign is not necessarily interesting by any means, or new, the targeted victim is because it is a governmental entity in China that provides statistical collection efforts centering around the nations economy, population, and various other metrics that are collected for record keeping.. And interestingly, Zegost has been historically attributed to Chinese cybercriminals

The cost of cybercrime: $45 billion

www.pandasecurity.com/mediacenter/security/costs-cybercrime/ The costs of cybercrime are extremely high these days. This year weve seen how a church lost $1.75 million in a BEC scam; two cities in Florida paid ransoms totaling over a million dollars after ransomware attacks; and British Airways had to pay a fine of £183 million.. Though we will have to wait some time to discover the total costs of cybercrime in 2019, we now have a figure that demonstrates the economic damage that it caused in 2018.. On July 9, the Internet Societys Online Trust Alliance (OTA) published its report 2018 Cyber Incident & Breach Trends Report. According to its calculations, the worldwide economic impact of cybercrime was at least $45 billion (37.4 billion) in 2018.

GitHub starts blocking developers in countries facing US trade sanctions

www.zdnet.com/article/github-starts-blocking-developers-in-countries-facing-us-trade-sanctions/ If you use GitHub’s online services in a country facing US sanctions, you could be about to be kicked off all but the most basic offerings.

Gamers Are Easy Prey for Credential Thieves

threatpost.com/gamers-are-easy-prey-for-credential-thieves/146700/ “A 14-year-old kids gaming credentials are worth more than you think,” said Mike Wilson, CTO at Enzoic. He said credentials tied to Fortnite, Minecraft and RuneScape are particularly prime targets right now, earning a hacker as much as $40 per active username and password.

Examining the Link Between TLD Prices and Abuse

securingtomorrow.mcafee.com/other-blogs/mcafee-labs/examining-the-link-between-tld-prices-and-abuse/ Over the years, McAfee researchers have observed that certain new top-level Domains (TLDs) are more likely to be abused by cyber criminals for malicious activities than others. Our investigations reveal a negative relationship between the likelihood for abuse and registration price of some TLDs, as reported by the McAfee URL and email intelligence team. This means that new TLDs are more likely to be picked up by cyber criminals if their registration prices

Notorious MyDoom Worm Still on AutoPilot After 15 Years

www.bleepingcomputer.com/news/security/notorious-mydoom-worm-still-on-autopilot-after-15-years/ MyDoom holds the record for the fastest spreading email worm, which it achieved in 2004. MyDoom holds the record for the most costly virus, inflicting an impressive $38.5 billion in damages. At its apex, MyDoom generated 16-25% of all emails sent worldwide. Between 2015 and 2018, MyDoom was found within 1.1% percent of all malicious emails detected by security outfit Palo Alto Networks, reaching “an average of 21.4 percent for all individual malware attachments seen through malicious emails.

S-Pankin varjolla leviävä huijaus vetoaa uuteen pankkidirektiiviin uskottavuuden lisäämiseksi.

www.is.fi/digitoday/tietoturva/art-2000006185333.html?ref=rss Suomalaisilta ongitaan verkkopankkitunnuksia alati kehittyvin keinoin. S-Pankin nimissä lähetetyssä viestissä huomautetaan uudesta “pankkidirektiivistä”, jolla viitataan viime vuonna voimaan astuneeseen maksupalveludirektiivi PSD2:een.. – Uusi Eurooppalainen pankkidirektiivi uudistaa verkkopalveluiden käytön, direktiivi velvoittaa luopumaan tunnuslukulistoista ja korteista vuoden 2020 alkuun mennessä. Asiakaamme on tehtävä alustava päivitys ennen direktiivin voimaantuloa, viestissä sanotaan.

You might be interested in …

Daily NCSC-FI news followup 2020-07-05

CVE-2020-5902 F5 BIG-IP Exploitation Attempt isc.sans.edu/diary/CVE-2020-5902+F5+BIG-IP+Exploitation+Attempt/26310 A quick heads-up: we are seeing scans for F5 BIG-IP’s vulnerability CVE-2020-5902. Apple iOS 14 Alerts Reveal Reddit App Is Reading User Clipboard Data www.forbes.com/sites/daveywinder/2020/07/05/reddit-latest-to-get-caught-by-apple-ios-14-clipboard-data-copying-alerts-iphone-privacy/ Yesterday it was LinkedIn that was making the news after being exposed by Apple’s iOS 14 new privacy notification feature. The same developer that […]

Read More

Daily NCSC-FI news followup 2019-07-31

Poliisi: Edistyneet kiristyshyökkäykset jatkuvat www.poliisi.fi/tietoa_poliisista/tiedotteet/1/1/edistyneet_kiristyshyokkaykset_jatkuvat_82917?language=fi Koulujen alkaessa kuullaan usein varoitteluja uusista tienkäyttäjistä. Tällä kertaa poliisi varoittaa jälleen tietoverkoissa liikkuvia ja tietoverkkojen ylläpitäjiä. Taustalla on Kokemäellä tapahtunut tietomurto.. Lounais-Suomen poliisilaitoksen kyberrikostutkintaryhmä tutkii tapausta yhteistyössä Keskusrikospoliisin ja Traficom Liikenne- ja Viestintäviraston Kyberturvallisuuskeskuksen kanssa. Tutkintanimikkeenä on törkeä datavahingonteko. On varsin todennäköistä, että muitakin rikosnimikkeitä tulee tutkinnan edetessä kyseeseen.. […]

Read More

Daily NCSC-FI news followup 2020-04-19

www.wired.com/story/apple-google-social-distancing-maps-privacy/ www.zdnet.com/article/hackers-steal-25-million-worth-of-cryptocurrency-from-uniswap-and-lendf-me/ www.zdnet.com/article/hacker-leaks-23-million-usernames-and-passwords-from-webkinz-childrens-game/ www.zdnet.com/article/phishing-kit-prices-skyrocketed-in-2019-by-149/ www.bloomberg.com/news/articles/2020-04-17/data-breach-shows-iranians-use-chat-apps-to-spy-researchers-say www.bleepingcomputer.com/news/security/coronavirus-dark-web-scams-from-infected-blood-to-ventilators/

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.