Daily NCSC-FI news followup 2019-09-11

Ryuk Related Malware Steals Confidential Military, Financial Files

www.bleepingcomputer.com/news/security/ryuk-related-malware-steals-confidential-military-financial-files/ A new malware with strange associations to the Ryuk Ransomware has been discovered to look for and steal confidential financial, military, and law enforcement files.

Microsoft to Improve Office 365 Phishing Email Notifications

www.bleepingcomputer.com/news/security/microsoft-to-improve-office-365-phishing-email-notifications/ Microsoft is currently working on enhancing the notification system for quarantined malware or phishing messages for admins in all Microsoft 365 environments, with the new feature to roll out to customers in early October.

Virtual Disk Attachments Can Bypass Gmail and Chrome Security

www.bleepingcomputer.com/news/security/virtual-disk-attachments-can-bypass-gmail-and-chrome-security/ Virtual disk files are locked containers that shield the items inside from online or local security defenses. The trick can help adversaries deliver malware invisibly to a target’s computer.. Vulnerability analyst Will Dormann last week published research on VHD and VHDX files being treated like a black box by Windows and the operating system.

Iranian hackers resume credential-stealing phishing attacks against universities around the world

www.zdnet.com/article/iranian-hackers-credential-stealing-phishing-attacks-against-universities-around-the-world/ Over 60 universities in the US, the UK, Australia and more have been targeted by the Colbalt Dickens hacking group in attacks attempting to steal research and intellectual property.

198 Million Car-Buyer Records Exposed Online for All to See

threatpost.com/198m-car-buyer-records-exposed-online/148231/ An Elastica DB belonging to Dealer Leads exposed a raft of information collected by research websites aimed at prospective car buyers.

Major Groupon, Ticketmaster Fraud Scheme Exposed By Insecure Database

threatpost.com/major-groupon-ticketmaster-fraud-scheme-exposed-by-insecure-database/148246/ An exposed database containing 17 million email addresses exposed a massive fraud scheme impacting vendors like Groupon and Ticketmaster.. After discovering a cache of 17 million emails exposed on an unsecured database, researchers with vpnMentor began to hunt for its owner but to their surprise, they found that the database belonged not to a company, but to a sophisticated criminal network.

You might be interested in …

Daily NCSC-FI news followup 2019-08-20

Guccifer Rising? Months-Long Phishing Campaign on ProtonMail Targets Dozens of Russia-Focused Journalists and NGOs www.bellingcat.com/news/uk-and-europe/2019/08/10/guccifer-rising-months-long-phishing-campaign-on-protonmail-targets-dozens-of-russia-focused-journalists-and-ngos/ A sophisticated phishing campaign targeting Bellingcat and other Russia-focused journalists has been much larger in scope than previously thought, and has lasted at least several months. Bellingcat has identified dozens of targeted individuals across Europe and the US, with the […]

Read More

Daily NCSC-FI news followup 2019-07-14

Ongoing DNS hijacking and mitigation advice www.ncsc.gov.uk/news/ongoing-dns-hijacking-and-mitigation-advice Since that alert was published we have observed further activity, with victims of DNS hijacking identified across multiple regions and sectors. This Advisory covers some of the risks for organisations around DNS hijacking activity and gives advice on ways the risks can be mitigated.. Report at s3.eu-west-1.amazonaws.com/ncsc-content/files/Advisory-DNS-hijacking.pdf Guidance […]

Read More

Daily NCSC-FI news followup 2021-04-17

Major BGP leak disrupts thousands of networks globally www.bleepingcomputer.com/news/security/major-bgp-leak-disrupts-thousands-of-networks-globally/ A large BGP routing leak that occurred last night disrupted the connectivity for thousands of major networks and websites around the world. Although the BGP routing leak occurred in Vodafone’s autonomous network (AS55410) based in India, it has impacted U.S. companies, including Google, according to sources. […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.