Daily NCSC-FI news followup 2019-08-28

Avast and French police take over malware botnet and disinfect 850,000 computers

decoded.avast.io/janvojtesek/putting-an-end-to-retadup-a-malicious-worm-that-infected-hundreds-of-thousands/

Cybercrime: Ransomware attacks have more than doubled this year

www.zdnet.com/article/cyber-crime-ransomware-attacks-have-more-than-doubled-this-year/

TrickBot Modifications Target U.S. Mobile Users

www.secureworks.com/blog/trickbot-modifications-target-us-mobile-users TrickBot added functionality to solicit PIN codes from mobile customers, which could allow threat actors to access victims voice and text communications.

WootCloud Discovers ARES ADB IOT Botnet Targeting Android Devices especially TVs and multimedia boxes

www.wootcloud.com/blogs/ars_botnet.html

Android Trojan, xHelper, Infects Tens of Thousands of Devices in 4 Months

www.bleepingcomputer.com/news/security/android-trojan-infects-tens-of-thousands-of-devices-in-4-months/

Magecart Hits 80 Major eCommerce Sites in Card-Skimming Bonanza

threatpost.com/magecart-ecommerce-card-skimming-bonanza/147765/ Mainly motorsports and luxury apparel sites, all of them were running outdated versions of the Magento eCommerce platform.

US officials are reportedly trying to block an 8,000-mile Google and Facebook-backed undersea cable to China on national-security grounds

www.businessinsider.com/us-officials-may-undersea-cable-china-google-facebook-backed-wsj-2019-8?r=US&IR=T

Defense Takeaways from Three Adversary Playbooks

threatpost.com/defense-takeaways-three-adversary-playbooks/147771/

Canberra to create cyber and IP taskforce to protect unis from foreign interference

www.zdnet.com/article/canberra-to-create-cyber-and-ip-taskforce-to-protect-unis-from-foreign-interference/

Open Redirect: A Small But Very Common Vulnerability

isc.sans.edu/diary/rss/25276

You might be interested in …

Daily NCSC-FI news followup 2021-02-23

Cyber Criminals Exploit Accellion FTA for Data Theft and Extortion www.fireeye.com/blog/threat-research/2021/02/accellion-fta-exploited-for-data-theft-and-extortion.html “”. Starting in mid-December 2020, malicious actors that Mandiant tracks as UNC2546 exploited multiple zero-day vulnerabilities in Accellion’s legacy File Transfer Appliance (FTA) to install a newly discovered web shell named DEWMODE. The motivation of UNC2546 was not immediately apparent, but starting in late […]

Read More

Daily NCSC-FI news followup 2021-05-25

– From Wiper to Ransomware – The Evolution of Agrius labs.sentinelone.com/from-wiper-to-ransomware-the-evolution-of-agrius/ Researchers say they’ve uncovered a new disk-wiping malware (wiper) that’s disguising itself as ransomware as it unleashes destructive attacks on Israeli targets. Full report as PDF: assets.sentinelone.com/sentinellabs/evol-agrius Evolution of JSWorm ransomware securelist.com/evolution-of-jsworm-ransomware/102428/ JSWorm ransomware was discovered in 2019 and since then different variants have […]

Read More

Daily NCSC-FI news followup 2021-04-17

Major BGP leak disrupts thousands of networks globally www.bleepingcomputer.com/news/security/major-bgp-leak-disrupts-thousands-of-networks-globally/ A large BGP routing leak that occurred last night disrupted the connectivity for thousands of major networks and websites around the world. Although the BGP routing leak occurred in Vodafone’s autonomous network (AS55410) based in India, it has impacted U.S. companies, including Google, according to sources. […]

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.