Daily NCSC-FI news followup 2019-09-11

Ryuk Related Malware Steals Confidential Military, Financial Files

www.bleepingcomputer.com/news/security/ryuk-related-malware-steals-confidential-military-financial-files/ A new malware with strange associations to the Ryuk Ransomware has been discovered to look for and steal confidential financial, military, and law enforcement files.

Microsoft to Improve Office 365 Phishing Email Notifications

www.bleepingcomputer.com/news/security/microsoft-to-improve-office-365-phishing-email-notifications/ Microsoft is currently working on enhancing the notification system for quarantined malware or phishing messages for admins in all Microsoft 365 environments, with the new feature to roll out to customers in early October.

Virtual Disk Attachments Can Bypass Gmail and Chrome Security

www.bleepingcomputer.com/news/security/virtual-disk-attachments-can-bypass-gmail-and-chrome-security/ Virtual disk files are locked containers that shield the items inside from online or local security defenses. The trick can help adversaries deliver malware invisibly to a target’s computer.. Vulnerability analyst Will Dormann last week published research on VHD and VHDX files being treated like a black box by Windows and the operating system.

Iranian hackers resume credential-stealing phishing attacks against universities around the world

www.zdnet.com/article/iranian-hackers-credential-stealing-phishing-attacks-against-universities-around-the-world/ Over 60 universities in the US, the UK, Australia and more have been targeted by the Colbalt Dickens hacking group in attacks attempting to steal research and intellectual property.

198 Million Car-Buyer Records Exposed Online for All to See

threatpost.com/198m-car-buyer-records-exposed-online/148231/ An Elastica DB belonging to Dealer Leads exposed a raft of information collected by research websites aimed at prospective car buyers.

Major Groupon, Ticketmaster Fraud Scheme Exposed By Insecure Database

threatpost.com/major-groupon-ticketmaster-fraud-scheme-exposed-by-insecure-database/148246/ An exposed database containing 17 million email addresses exposed a massive fraud scheme impacting vendors like Groupon and Ticketmaster.. After discovering a cache of 17 million emails exposed on an unsecured database, researchers with vpnMentor began to hunt for its owner but to their surprise, they found that the database belonged not to a company, but to a sophisticated criminal network.

You might be interested in …

Daily NCSC-FI news followup 2019-11-07

Microsoft crams Office 365 docs into Edge-style sandboxes to thwart malware infections www.theregister.co.uk/2019/11/07/ignite_2019_security/ Your guide to some of the security enhancements announced this week. Office 365 will be getting additional security protections through Application Guard, the sandboxing tool Microsoft debuted with its Edge browser. The idea is that Application Guard will isolate documents, preventing malicious […]

Read More

Daily NCSC-FI news followup 2019-12-06

If there’s somethin’ stored in a secure enclave, who ya gonna call? Membuster! www.theregister.co.uk/2019/12/05/membuster_secure_enclave/ Computer scientists from UC Berkeley, Texas A&M, and semiconductor biz SK Hynix have found a way to defeat secure enclave protections by observing memory requests from a CPU to off-chip DRAM through the memory bus. Read also: arxiv.org/pdf/1912.01701.pdf VCs find exciting […]

Read More

Daily NCSC-FI news followup 2021-01-07

Linux malware authors use Ezuri Golang crypter for zero detection www.bleepingcomputer.com/news/security/linux-malware-authors-use-ezuri-golang-crypter-for-zero-detection/ Multiple malware authors are using the “Ezuri” crypter and memory loader to make their code undetectable to antivirus products. Source code for Ezuri, written in Golang, is available on GitHub for anyone to use. December 2020’s Most Wanted Malware: Emotet Returns as Top Malware […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.