Daily NCSC-FI news followup 2019-08-19

GAME OVER: Detecting and Stopping an APT41 Operation

www.fireeye.com/blog/threat-research/2019/08/game-over-detecting-and-stopping-an-apt41-operation.html In August 2019, FireEye released the Double Dragon report on our newest graduated threat group, APT41. A China-nexus dual espionage and financially-focused group, APT41 targets industries such as gaming, healthcare, high-tech, higher education, telecommunications, and travel services.. In this blog post, were going to examine a recent instance where FireEye Managed Defense came toe-to-toe with APT41.

Kristiinankaupunkilaisten tietoja löytyi kirpputorilla myydyistä tietokoneista poliisi tutkii tietosuojarikoksena

yle.fi/uutiset/3-10928750 Poliisi tutkii Kristiinankaupungin tietokonelöytöä tietosuojarikoksena. Rikosilmoitus asiasta kirjattiin Porissa heinäkuun lopulla ja se siirtyi tutkittavaksi Pohjanmaan poliisille.

$11M Email Scam at Caterpillar Pinned to Nigerian Businessman

www.bleepingcomputer.com/news/security/11m-email-scam-at-caterpillar-pinned-to-nigerian-businessman/ A Nigerian national that was on Forbes’ list of the most promising entrepreneurs in Africa stands accused of business email compromise fraud that stole $11 million from one victim alone.

Uncovering a MyKings Variant With Bootloader Persistence via Managed Detection and Response

blog.trendmicro.com/trendlabs-security-intelligence/uncovering-a-mykings-variant-with-bootloader-persistence-via-managed-detection-and-response/ In May, during the Managed Detection and Response service on-boarding process of an electronics company in the Asia-Pacific region, we noticed suspicious activity via the Trend Micro Deep Discovery Inspector that turned out to be related to EternalBlue.

Hackers Use Fake NordVPN Website to Deliver Banking Trojan

www.bleepingcomputer.com/news/security/hackers-use-fake-nordvpn-website-to-deliver-banking-trojan/ The attackers who previously breached and abused the website of free multimedia editor VSDC to distribute the Win32.Bolik.2 banking Trojan have now switched their tactics.

The Rise of Bulletproof Residential Networks

krebsonsecurity.com/2019/08/the-rise-of-bulletproof-residential-networks/ Cybercrooks increasingly are anonymizing their malicious traffic by routing it through residential broadband and wireless data connections. Traditionally, those connections have been mainly hacked computers, mobile phones, or home routers.. But this story is about so-called bulletproof residential VPN services that appear to be built by purchasing or otherwise acquiring discrete chunks of Internet addresses from some of the worlds largest ISPs and mobile data providers.

Influence Operations Kill Chain

www.schneier.com/blog/archives/2019/08/influence_opera.html Influence operations are elusive to define. The Rand Corp.’s definition is as good as any: “the collection of tactical information about an adversary as well as the dissemination of propaganda in pursuit of a competitive advantage over an opponent.”

How Video Became a Dangerous Delivery Vehicle for Malware Attacks

securityintelligence.com/articles/how-video-became-a-dangerous-delivery-vehicle-for-malware-attacks/ Most employees have some awareness about malware attacks. Many probably know that you should never open an executable file from a stranger or install a thumb drive found in the parking lot, for example. But videos, or links to videos, can deliver malware just like that executable or thumb drive.

iFrame clickjacking countermeasures appear in Chrome source code. And it only took *checks calendar* three years

www.theregister.co.uk/2019/08/19/clickjacking_countermeasures_chrome/ After inaction, technical changes promise better fraud defense

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.