Daily NCSC-FI news followup 2019-08-12

Nasty New Malware Waits Until You Visit A Pornsite, Then Starts Recording

www.forbes.com/sites/zakdoffman/2019/08/11/nasty-new-malware-waits-until-you-visit-a-pornsite-then-starts-recording/#120b21d7568d At the end of last week, ESET’s security researchers disclosed the discovery of a new strain of malware that takes the trend for sextortion to a new level. Varenyky, as the malware was named by its finders, monitors the activity on infected computers, watching until a pornographic website is visited, and then starts recording the screen.

Malware Naming Hell Part 1: Taming the mess of AV detection names

www.gdatasoftware.com/blog/2019/08/35146-taming-the-mess-of-av-detection-names Everyone who deals with malware will know this: Malware names are a convoluted mess. AV scanners will show different detection names for the same file. This confusion is also reflected in media coverage. Is there a way out of this mess?

Evaluating the NSA’s Telephony Metadata Program

www.schneier.com/blog/archives/2019/08/evaluating_the_1.html The telephony metadata program which was authorized under Section 215 of the PATRIOT Act, remains one of the most controversial programs launched by the U.S. Intelligence Community (IC) in the wake of the 9/11 attacks.

Canon DSLR Cameras Can Be Hacked With Ransomware Remotely

thehackernews.com/2019/08/dslr-camera-hacking.html In its latest research, security researchers at cybersecurity firm CheckPoint demonstrated how easy it is for hackers to remotely infect a digital DSLR camera with ransomware and hold private photos and videos hostage until victims pay a ransom.

Porin opetusverkkoon kohdistetun tietomurron ongelmat selvitetty

yle.fi/uutiset/3-10918474 Porin kaupunkiin kohdistetun tietomurron aiheuttamat ongelmat on saatu korjattua. Tietomurto kohdistui opetusverkkoon, joka on saatu rakennettua takaisin käyttökuntoon.

Check Points SandBlast Protects Israeli Bank Customers from Smishing Campaign

blog.checkpoint.com/2019/08/12/check-points-sandblast-protects-israeli-bank-customers-from-smishing-campaign/ Recently a new smishing (SMS phishing) attack targeted users in Israel. In a smishing campaign, attackers send SMS messages from supposedly legitimate organizations. These messages try to persuade you to download what turns out to be a malicious app, provide private information like bank account or credit card details, or click a link which leads to a malicious URL.

Recent Cloud Atlas activity

securelist.com/recent-cloud-atlas-activity/92016/ Also known as Inception, Cloud Atlas is an actor that has a long history of cyber-espionage operations targeting industries and governmental entities. From the beginning of 2019 until July, we have been able to identify different spear-phishing campaigns related to this threat actor mostly focused on Russia, Central Asia and regions of Ukraine with ongoing military conflicts.

You might be interested in …

Daily NCSC-FI news followup 2020-09-19

5 ways cybercriminals can try to extort you www.welivesecurity.com/2020/09/18/five-cybercriminals-extortion-schemes/ When it comes to coercing people into parting with their money, cybercriminals seem to have an endless bag of tricks to choose from. There are some tricks, that they favor more than others, one of which is extortion. According to the FBIs latest Internet Crime Report, […]

Read More

Daily NCSC-FI news followup 2020-07-04

Hackers are trying to steal admin passwords from F5 BIG-IP devices www.zdnet.com/article/hackers-are-trying-to-steal-admin-passwords-from-f5-big-ip-devices/#ftag=RSSbaffb68 In an interview earlier today, [NCC group researcher] Warren told ZDNet the attacks are malicious in nature, and hackers are attempting to steal administrator passwords from the hacked devices. New Behave! extension warns of website port scans, local attacks www.bleepingcomputer.com/news/security/new-behave-extension-warns-of-website-port-scans-local-attacks/ A new browser […]

Read More

Daily NCSC-FI news followup 2021-02-18

Microsoft Internal Solorigate Investigation Final Update msrc-blog.microsoft.com/2021/02/18/microsoft-internal-solorigate-investigation-final-update/ We have now completed our internal investigation into the activity of the actor and want to share our findings, which confirm that we found no evidence of access to production services or customer data. The investigation also found no indications that our systems at Microsoft were used to […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.