Daily NCSC-FI news followup 2019-09-12

1B Mobile Users Vulnerable to Ongoing SimJacker Surveillance Attack

threatpost.com/1b-mobile-users-vulnerable-to-ongoing-simjacker-surveillance-attack/148277/ More than one billion mobile users are at risk from a SIM card flaw being currently exploited by threat actors, researchers warn.. Also:

www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/. Report: simjacker.com/

New Clues Show How Russias Grid Hackers Aimed for Physical Destruction

www.wired.com/story/russia-ukraine-cyberattack-power-grid-blackout-destruction/ A fresh look at the 2016 blackout in Ukraine suggests that the cyberattack behind it was intended to cause far more damage.. In an insidious twist in the Ukrenergo case, Russia’s hackers apparently intended to trigger that destruction not at the time of the blackout itself but when grid operators turned the power back on, using the utility’s own recovery efforts against them.

Iranian Hackers Hit Over 60 Universities to Get Library Access

www.bleepingcomputer.com/news/security/iranian-hackers-hit-over-60-universities-to-get-library-access/ Cobalt Dickens, a threat actor associated with the Iranian government, ran a phishing operation in July and August that targeted more than 60 universities in countries on four continents.. Also:

threatpost.com/library-themed-university-phish-expands/148288/. Cobalt Dickens (a.k.a. Silent Librarian) is now actively targeting 380 universities, bent on stealing credentials and moving deeper into school networks.

New WiryJMPer Dropper Hides Netwire RAT Payloads in Plain Sight

www.bleepingcomputer.com/news/security/new-wiryjmper-dropper-hides-netwire-rat-payloads-in-plain-sight/ A new malware dropper was observed while infecting computers with a Netwire malicious payload hidden between two benign binaries and using obfuscation to fly under the radar of most anti-malware solutions.

Infamous surveillance tech vendor makes pledge to follow UN human rights policy

www.zdnet.com/article/surveillance-tech-vendor-makes-pledge-to-follow-un-human-rights-policy/ Facing legal assault, NSO Group pledges to fight customers abusing its tools to spy on innocents, political opponents.

Tenable wants to see the end of the ‘nation-state attacked us’ excuse

www.zdnet.com/article/tenable-wants-to-see-the-end-of-the-nation-state-attacked-us-excuse/ The “nation-state attacked us” excuse, according to Tenable chairman and CEO Amit Yoran, is not a valid excuse for having a weak system be compromised.

Google discloses vulnerability in Chrome OS ‘built-in security key’ feature

www.zdnet.com/article/google-discloses-vulnerability-in-chrome-os-built-in-security-key-feature/ Security issue fixed in late June, with the release of Chrome OS 75. Additional remediation steps below.

Ransomware attacks: Weak passwords are now your biggest risk

www.zdnet.com/article/ransomware-attacks-weak-passwords-are-now-your-biggest-risk/ Researchers at F-Secure analysed attacks over the course of six months and found that brute force attacks are now the preferred means of spreading ransomware – but phishing emails remain popular.

APIs Get Their Own Top 10 Security List

www.darkreading.com/application-security/apis-get-their-own-top-10-security-list/d/d-id/1335786 OWASP’s new list of API weaknesses focuses on issues that have caused recent data breaches and pose common security hazards in modern cloud-based applications.

August 2019s Most Wanted Malware: Echobot Launches Widespread Attack Against IoT Devices

blog.checkpoint.com/2019/09/12/august-2019s-most-wanted-malware-echobot-launches-widespread-attack-against-iot-devices/ In August, the research team saw an increase in a new variant of the Mirai IoT Botnet, Echobot, which has launched widespread attacks against a range of IoT devices. First seen in May 2019, Echobot has exploited over 50 different vulnerabilities, causing a sharp rise in the Command Injection Over HTTP vulnerability which has impacted 34% of organizations globally.

Kiina vakoilee verkossa Huaweita ei rajoiteta Suomessa, vaikka lännessä moni epäilee telejättiä

www.ulkopolitiikka.fi/lehti/3-2019/kiina-vakoilee-verkossa-huaweita-ei-rajoiteta-suomessa-vaikka-lannessa-moni-epailee-telejattia/ Kiina vakoilee, mutta toisinaan sitä on vaikea saada siitä kiinni. Tapaus Huawei jakaa mielipiteitä lännessä.

You might be interested in …

Daily NCSC-FI news followup 2020-09-03

Suomalaisten ammattiliittojen jäsenten tietoja kalasteltiin toimi näin, jos lankesit ansaan www.tivi.fi/uutiset/tv/3b254379-c90e-48fa-b97f-282f4e7086ee Ylemmät toimihenkilöt YTN edustaa Suomessa 20 akavalaisen liiton kautta noin 170 000 asiantuntijaa ja esimiestä eri toimialoilla. YTN kertoo tiedotteessaan joutuneensa 25. elokuuta tietomurron kohteeksi. Uhriksi joutui yksi YTN:n työntekijän sähköpostilaatikko. YTN:n mukaan hyökkäys rajoittui tähän, eikä esimerkiksi henkilötietoja päätynyt murron myötä vääriin käsiin. […]

Read More

Daily NCSC-FI news followup 2020-12-11

AIVD exposes espionage network in the Netherlands; two Russian intelligence officers forced to leave the country english.aivd.nl/latest/news/2020/12/10/aivd-exposes-espionage-network-in-the-netherlands-two-russian-intelligence-officers-forced-to-leave-the-country Recently the General Intelligence and Security Service (“Algemene Inlichtingen- en Veiligheidsdienst” AIVD) disrupted the covert activities of an intelligence officer of the Russian civil intelligence agency SVR. The intelligence officer – who worked at the Russian Embassy in […]

Read More

Daily NCSC-FI news followup 2019-07-07

Libra Cryptocurrency Scams Already Active Ahead Of 2020 Launch www.bleepingcomputer.com/news/security/libra-cryptocurrency-scams-already-active-ahead-of-2020-launch/ No sooner had Facebook announced Libra cryptocurrency and the matching digital Calibra wallet that cybercriminals tried to get a head start on a new phishing theme. Europe Built a System to Fight Russian Meddling. Its Struggling. www.nytimes.com/2019/07/06/world/europe/europe-russian-disinformation-propaganda-elections.html TWITTER’S DISINFORMATION DATA DUMPS ARE HELPFULTO A POINT […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.