Daily NCSC-FI news followup 2019-09-12

1B Mobile Users Vulnerable to Ongoing SimJacker Surveillance Attack

threatpost.com/1b-mobile-users-vulnerable-to-ongoing-simjacker-surveillance-attack/148277/ More than one billion mobile users are at risk from a SIM card flaw being currently exploited by threat actors, researchers warn.. Also:

www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/. Report: simjacker.com/

New Clues Show How Russias Grid Hackers Aimed for Physical Destruction

www.wired.com/story/russia-ukraine-cyberattack-power-grid-blackout-destruction/ A fresh look at the 2016 blackout in Ukraine suggests that the cyberattack behind it was intended to cause far more damage.. In an insidious twist in the Ukrenergo case, Russia’s hackers apparently intended to trigger that destruction not at the time of the blackout itself but when grid operators turned the power back on, using the utility’s own recovery efforts against them.

Iranian Hackers Hit Over 60 Universities to Get Library Access

www.bleepingcomputer.com/news/security/iranian-hackers-hit-over-60-universities-to-get-library-access/ Cobalt Dickens, a threat actor associated with the Iranian government, ran a phishing operation in July and August that targeted more than 60 universities in countries on four continents.. Also:

threatpost.com/library-themed-university-phish-expands/148288/. Cobalt Dickens (a.k.a. Silent Librarian) is now actively targeting 380 universities, bent on stealing credentials and moving deeper into school networks.

New WiryJMPer Dropper Hides Netwire RAT Payloads in Plain Sight

www.bleepingcomputer.com/news/security/new-wiryjmper-dropper-hides-netwire-rat-payloads-in-plain-sight/ A new malware dropper was observed while infecting computers with a Netwire malicious payload hidden between two benign binaries and using obfuscation to fly under the radar of most anti-malware solutions.

Infamous surveillance tech vendor makes pledge to follow UN human rights policy

www.zdnet.com/article/surveillance-tech-vendor-makes-pledge-to-follow-un-human-rights-policy/ Facing legal assault, NSO Group pledges to fight customers abusing its tools to spy on innocents, political opponents.

Tenable wants to see the end of the ‘nation-state attacked us’ excuse

www.zdnet.com/article/tenable-wants-to-see-the-end-of-the-nation-state-attacked-us-excuse/ The “nation-state attacked us” excuse, according to Tenable chairman and CEO Amit Yoran, is not a valid excuse for having a weak system be compromised.

Google discloses vulnerability in Chrome OS ‘built-in security key’ feature

www.zdnet.com/article/google-discloses-vulnerability-in-chrome-os-built-in-security-key-feature/ Security issue fixed in late June, with the release of Chrome OS 75. Additional remediation steps below.

Ransomware attacks: Weak passwords are now your biggest risk

www.zdnet.com/article/ransomware-attacks-weak-passwords-are-now-your-biggest-risk/ Researchers at F-Secure analysed attacks over the course of six months and found that brute force attacks are now the preferred means of spreading ransomware – but phishing emails remain popular.

APIs Get Their Own Top 10 Security List

www.darkreading.com/application-security/apis-get-their-own-top-10-security-list/d/d-id/1335786 OWASP’s new list of API weaknesses focuses on issues that have caused recent data breaches and pose common security hazards in modern cloud-based applications.

August 2019s Most Wanted Malware: Echobot Launches Widespread Attack Against IoT Devices

blog.checkpoint.com/2019/09/12/august-2019s-most-wanted-malware-echobot-launches-widespread-attack-against-iot-devices/ In August, the research team saw an increase in a new variant of the Mirai IoT Botnet, Echobot, which has launched widespread attacks against a range of IoT devices. First seen in May 2019, Echobot has exploited over 50 different vulnerabilities, causing a sharp rise in the Command Injection Over HTTP vulnerability which has impacted 34% of organizations globally.

Kiina vakoilee verkossa Huaweita ei rajoiteta Suomessa, vaikka lännessä moni epäilee telejättiä

www.ulkopolitiikka.fi/lehti/3-2019/kiina-vakoilee-verkossa-huaweita-ei-rajoiteta-suomessa-vaikka-lannessa-moni-epailee-telejattia/ Kiina vakoilee, mutta toisinaan sitä on vaikea saada siitä kiinni. Tapaus Huawei jakaa mielipiteitä lännessä.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.