Daily NCSC-FI news followup 2019-08-28

Avast and French police take over malware botnet and disinfect 850,000 computers

decoded.avast.io/janvojtesek/putting-an-end-to-retadup-a-malicious-worm-that-infected-hundreds-of-thousands/

Cybercrime: Ransomware attacks have more than doubled this year

www.zdnet.com/article/cyber-crime-ransomware-attacks-have-more-than-doubled-this-year/

TrickBot Modifications Target U.S. Mobile Users

www.secureworks.com/blog/trickbot-modifications-target-us-mobile-users TrickBot added functionality to solicit PIN codes from mobile customers, which could allow threat actors to access victims voice and text communications.

WootCloud Discovers ARES ADB IOT Botnet Targeting Android Devices especially TVs and multimedia boxes

www.wootcloud.com/blogs/ars_botnet.html

Android Trojan, xHelper, Infects Tens of Thousands of Devices in 4 Months

www.bleepingcomputer.com/news/security/android-trojan-infects-tens-of-thousands-of-devices-in-4-months/

Magecart Hits 80 Major eCommerce Sites in Card-Skimming Bonanza

threatpost.com/magecart-ecommerce-card-skimming-bonanza/147765/ Mainly motorsports and luxury apparel sites, all of them were running outdated versions of the Magento eCommerce platform.

US officials are reportedly trying to block an 8,000-mile Google and Facebook-backed undersea cable to China on national-security grounds

www.businessinsider.com/us-officials-may-undersea-cable-china-google-facebook-backed-wsj-2019-8?r=US&IR=T

Defense Takeaways from Three Adversary Playbooks

threatpost.com/defense-takeaways-three-adversary-playbooks/147771/

Canberra to create cyber and IP taskforce to protect unis from foreign interference

www.zdnet.com/article/canberra-to-create-cyber-and-ip-taskforce-to-protect-unis-from-foreign-interference/

Open Redirect: A Small But Very Common Vulnerability

isc.sans.edu/diary/rss/25276

You might be interested in …

Daily NCSC-FI news followup 2021-03-19

Identifying suspicious credential usage www.ncsc.gov.uk/blog-post/identifying-suspicious-credential-usage How NCSC guidance can help organisations detect and protect themselves from credential abuse. Weekly Threat Report 19th March 2021 www.ncsc.gov.uk/report/weekly-threat-report-19th-march-2021 The NCSC’s weekly threat report is drawn from recent open source reporting. “Expert” hackers used 11 0-days to infect Windows, iOS, and Android users arstechnica.com/information-technology/2021/03/expert-hackers-used-11-zerodays-to-infect-windows-ios-and-android-users/ A team of advanced hackers […]

Read More

Daily NCSC-FI news followup 2019-09-28

More SIM Cards Vulnerable to Simjacker Attack Than Previously Disclosed thehackernews.com/2019/09/dynamic-sim-toolkit-vulnerability.html Remember the Simjacker vulnerability? Now, it turns out that the [email protected] Browser is not the only dynamic SIM toolkit that contains the Simjacker issue which can be exploited remotely from any part of the world without any authorizationregardless of which handsets or mobile operating […]

Read More

Daily NCSC-FI news followup 2021-05-05

Uudistettu strategia kirkastaa HVK:n toiminnan tavoitteita www.huoltovarmuuskeskus.fi/huoltovarmuusorganisaatio/huoltovarmuuskeskus/strategia-visio-ja-missio Yritysten kyberturvallisuuden edistäminen ja dynaamisen, ennakoivan tilannekuva- ja -analyysitoiminnon tärkeys korostuvat. Varkaiden kiero tekniikka yleistyy Android-puhelimissa kohteena verkkopankit ja kryptovaluutat www.is.fi/digitoday/tietoturva/art-2000007959216.html Hyökkäyksissä haittaohjelmat piirtävät puhelimen ruudulle aidon sovelluksen päälle erittäin uskottavia ja tarkkoja kirjautumisruutuja jallittaakseen uhrin syöttämään tunnuksensa rikollisille. 882 sovellusta joutui tällaisen hyökkäyksen kohteeksi vuonna 2019, mutta […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.