Daily NCSC-FI news followup 2019-09-01

Latest Sextortion Email Scheme Sent by ChaosCC Hacker Group

www.bleepingcomputer.com/news/security/latest-sextortion-email-scheme-sent-by-chaoscc-hacker-group/ A new sextortion scam is underway that claims to be from the ChaosCC hacker group who states they infected the recipient’s computer with a Trojan that videoed them on adult web sites. If you received this email, it is important to know from the beginning that this is a scam and that no hacker group has infected your computer or videoed you while using adult sites. Instead this is just a scam, commonly called sextortion, that tries to scare you into thinking that you are videoed while doing something you would like to keep private so that you will pay them an extortion demand.

iPhone Hackers Caught By Google Also Targeted Android And Microsoft Windows, Say Sources

www.forbes.com/sites/thomasbrewster/2019/09/01/iphone-hackers-caught-by-google-also-targeted-android-and-microsoft-windows-say-sources/#75531f534adf The unprecedented attack on Apple iPhones revealed by Google this week was broader than first thought. Multiple sources with knowledge of the situation said that Googles own Android operating system and Microsoft Windows PCs were also targeted in a campaign that sought to infect the computers and smartphones of the Uighur ethnic group in China. That community has long been targeted by the Chinese government, in particular in the Xinjiang region, where surveillance is pervasive.

Don’t Play in Google’s Privacy Sandbox

www.eff.org/deeplinks/2019/08/dont-play-googles-privacy-sandbox-1 Last week, Google announced a plan to build a more private web. The announcement post was, frankly, a mess. The company that tracks user behavior on over of the web said that Privacy is paramount to us, in everything we do.. Google not only doubled down on its commitment to targeted advertising, but also made the laughable claim that blocking third-party cookies — by far the most common tracking technology on the Web, and Googles tracking method of choice — will hurt user privacy.

Backdooring My Router Firmware

www.secjuice.com/backdooring-dlink-router-firmware/ During my research on the OWASP Internet of Things Project I decided to analyze and backdoor the firmware (dir300 v1.05 976h.bin) on my D-Link DIR-300 Router in order to satisfy my curiosity. I wanted to see for myself if my router was secure or not, I wanted to analyze the firmware and see if I could back door it.

Alert Logic Researchers Uncover New Campaign Exfiltrating Credentials via DNS

blog.alertlogic.com/alert-logic-researchers-uncover-new-campaign-exfiltrating-credentials-via-dns/ Attackers are constantly changing their behaviors to attempt to avoid detection. The best way to combat this is a strong threat research and intelligence discipline. One tactic we have observed attackers using recently is exfiltration over DNS. A recent campaignwhich as of writing is not detected by VirusTotal or the vendors tested againstuses a backdoored SSH (Secure Shell) client to extract and send credentials from the infected machine to domains acro

How MuleSoft patched a critical security flaw and avoided a disaster

www.zdnet.com/article/how-mulesoft-patched-a-critical-security-flaw-and-avoided-a-disaster/ MuleSoft deals with a sensitive security issue and sets up an example for the whole industry to follow. John is a software engineer and a pretty good one. He works for a company that processes online payments. On Thursday, August 1, John’s bosses pulled him into an urgent security meeting. John was scared but also very curious. What could have happened? The last time John was called into a security meeting was in 2017, more than two years ago, during the three ransomware outbreaks that occurred that year — WannaCry, NotPetya, and Bad Rabbit.

You might be interested in …

Daily NCSC-FI news followup 2019-09-17

Calling all breakers & builders: BlueHat Seattle registration is open! msrc-blog.microsoft.com/2019/09/16/calling-all-breakers-builders-bluehat-seattle-registration-is-open/ Exciting changes are coming to BlueHat Seattle 2019! If youd like to attend this premier security conference, we have good news for you: registration for BlueHat Seattle is now open and we hope you register. . Wait, isnt BlueHat invitation-only? It isbut if we […]

Read More

Daily NCSC-FI news followup 2020-05-13

Microsoft Patch Tuesday, May 2020 Edition krebsonsecurity.com/2020/05/microsoft-patch-tuesday-may-2020-edition/ Microsoft issued software updates to plug at least 111 security holes in Windows and Windows-based programs. None of the vulnerabilities were labeled as being publicly exploited or detailed prior to today, but as always if youre running Windows on any of your machines its time once again to […]

Read More

Daily NCSC-FI news followup 2020-01-23

Increased Emotet Malware Activity www.us-cert.gov/ncas/current-activity/2020/01/22/increased-emotet-malware-activity The Cybersecurity and Infrastructure Security Agency (CISA) is aware of a recent increase in targeted Emotet malware attacks. Emotet is a sophisticated Trojan that commonly functions as a downloader or dropper of other malware. Emotet primarily spreads via malicious email attachments and attempts to proliferate within a network by brute […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.