Daily NCSC-FI news followup 2019-08-12

Nasty New Malware Waits Until You Visit A Pornsite, Then Starts Recording

www.forbes.com/sites/zakdoffman/2019/08/11/nasty-new-malware-waits-until-you-visit-a-pornsite-then-starts-recording/#120b21d7568d At the end of last week, ESET’s security researchers disclosed the discovery of a new strain of malware that takes the trend for sextortion to a new level. Varenyky, as the malware was named by its finders, monitors the activity on infected computers, watching until a pornographic website is visited, and then starts recording the screen.

Malware Naming Hell Part 1: Taming the mess of AV detection names

www.gdatasoftware.com/blog/2019/08/35146-taming-the-mess-of-av-detection-names Everyone who deals with malware will know this: Malware names are a convoluted mess. AV scanners will show different detection names for the same file. This confusion is also reflected in media coverage. Is there a way out of this mess?

Evaluating the NSA’s Telephony Metadata Program

www.schneier.com/blog/archives/2019/08/evaluating_the_1.html The telephony metadata program which was authorized under Section 215 of the PATRIOT Act, remains one of the most controversial programs launched by the U.S. Intelligence Community (IC) in the wake of the 9/11 attacks.

Canon DSLR Cameras Can Be Hacked With Ransomware Remotely

thehackernews.com/2019/08/dslr-camera-hacking.html In its latest research, security researchers at cybersecurity firm CheckPoint demonstrated how easy it is for hackers to remotely infect a digital DSLR camera with ransomware and hold private photos and videos hostage until victims pay a ransom.

Porin opetusverkkoon kohdistetun tietomurron ongelmat selvitetty

yle.fi/uutiset/3-10918474 Porin kaupunkiin kohdistetun tietomurron aiheuttamat ongelmat on saatu korjattua. Tietomurto kohdistui opetusverkkoon, joka on saatu rakennettua takaisin käyttökuntoon.

Check Points SandBlast Protects Israeli Bank Customers from Smishing Campaign

blog.checkpoint.com/2019/08/12/check-points-sandblast-protects-israeli-bank-customers-from-smishing-campaign/ Recently a new smishing (SMS phishing) attack targeted users in Israel. In a smishing campaign, attackers send SMS messages from supposedly legitimate organizations. These messages try to persuade you to download what turns out to be a malicious app, provide private information like bank account or credit card details, or click a link which leads to a malicious URL.

Recent Cloud Atlas activity

securelist.com/recent-cloud-atlas-activity/92016/ Also known as Inception, Cloud Atlas is an actor that has a long history of cyber-espionage operations targeting industries and governmental entities. From the beginning of 2019 until July, we have been able to identify different spear-phishing campaigns related to this threat actor mostly focused on Russia, Central Asia and regions of Ukraine with ongoing military conflicts.

You might be interested in …

Daily NCSC-FI news followup 2021-07-04

Kaseya zero-day involved in ransomware attack, patches coming therecord.media/kaseya-zero-day-involved-in-ransomware-attack-patches-coming/ Remote management software vendor Kaseya said it identified and is currently mitigating a vulnerability that was abused in a recent incident that saw ransomware deployed on the networks of thousands of companies worldwide. Lisäksi: www.reuters.com/technology/cyber-attack-against-us-it-provider-forces-swedish-chain-close-800-stores-2021-07-03/ Kaseya was fixing zero-day just as REvil ransomware sprung their attack […]

Read More

Daily NCSC-FI news followup 2020-04-04

Zoomed In: A Look into a Coinminer Bundled with Zoom Installer blog.trendmicro.com/trendlabs-security-intelligence/zoomed-in-a-look-into-a-coinminer-bundled-with-zoom-installer/ We found a Coinminer bundled with the legitimate installer of video conferencing app Zoom, luring users who want to install the software but end up unwittingly downloading a malicious file. The compromised files are not from Zooms official download center, and are assumed […]

Read More

Daily NCSC-FI news followup 2019-06-05

The EU Found Out That Its Embassy In Moscow Had Been Hacked But Kept It A Secret www.buzzfeednews.com/article/albertonardelli/eu-embassy-moscow-hack-russia A sophisticated cyber espionage event began in February 2017. Russian entities are believed to be behind the hack, a source told BuzzFeed News. The Most Expensive Lesson Of My Life: Details of SIM port hack medium.com/coinmonks/the-most-expensive-lesson-of-my-life-details-of-sim-port-hack-35de11517124 I […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.