Daily NCSC-FI news followup 2019-09-13

Israel accused of planting mysterious spy devices near the White House

www.politico.com/story/2019/09/12/israel-white-house-spying-devices-1491351 The U.S. government concluded within the past two years that Israel was most likely behind the placement of cellphone surveillance devices that were found near the White House and other sensitive locations around Washington, according to three former senior U.S. officials with knowledge of the matter.

France to block Facebook’s Libra cryptocurrency in Europe

www.theguardian.com/technology/2019/sep/12/france-block-development-facebook-libra-cryptocurrency The French finance minister, Bruno Le Maire, said plans for Libra could not move ahead until concerns over consumer risk and governments monetary sovereignty were addressed.

Treasury Sanctions North Korean State-Sponsored Malicious Cyber Groups

home.treasury.gov/news/press-releases/sm774 Today, the U.S. Department of the Treasurys Office of Foreign Assets Control (OFAC) announced sanctions targeting three North Korean state-sponsored malicious cyber groups responsible for North Koreas malicious cyber activity on critical infrastructure. Todays actions identify North Korean hacking groups commonly known within the global cyber security private industry as Lazarus Group, Bluenoroff, and Andariel as agencies,

Autumn Aperture: Threat Campaign Highlights New Evasion Technique using an Antiquated File Format

blog.prevailion.com/2019/09/autumn-aperture-report.html After detecting several related trojanized documents all discussing nuclear deterrence, North Koreas nuclear submarine program, and North Korean economic sanctions Prevailion has determined the existence of a coordinated threat campaign. We have dubbed the campaign Autumn Aperture and have associated it with moderate confidence to the Kimsuky, a.k.a. Smoke Screen, threat actors.

You might be interested in …

Daily NCSC-FI news followup 2020-04-26

Hackers are exploiting a Sophos firewall zero-day www.zdnet.com/article/hackers-are-exploiting-a-sophos-firewall-zero-day/ Read also: community.sophos.com/kb/en-us/135412 and www.theregister.co.uk/2020/04/26/security_roundup_240420/. As well as: www.bleepingcomputer.com/news/security/hackers-exploit-zero-day-in-sophos-xg-firewall-fix-released/ Reopen Domains: Shut the Front Dorr www.domaintools.com/resources/blog/reopen-domains-shut-the-front-dorr Update: We noticed that while working on this piece Brian Krebs posted an excellent article on the same. What can we say, but great minds think alike? Since we dug into […]

Read More

Daily NCSC-FI news followup 2019-11-17

Indian officials acknowledged on October 30th that a cyberattack occurred at the countrys Kudankulam nuclear power plant. thebulletin.org/2019/11/lessons-from-the-cyberattack-on-indias-largest-nuclear-power-plant/ While reactor operations at Kudankulam were reportedly unaffected, this incident should serve as yet another wake-up call that the nuclear power industry needs to take cybersecurity more seriously.. The problem of cybersecurity is not new to the […]

Read More

Daily NCSC-FI news followup 2020-06-25

As organizations get back to business, cyber criminals look for new angles to exploit blog.checkpoint.com/2020/06/25/as-organizations-get-back-to-business-cyber-criminals-look-for-new-angles-to-exploit/ Criminals are using COVID-19 training for employees as phishing bait. Non coronavirus-related headline news (including Black Lives Matter) being used in phishing scams. Weekly cyber-attacks increase 18% compared to May average. However, Covid-19 related cyber-attacks down 24% compared to May. […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.