Daily NCSC-FI news followup 2019-09-19

Telecommunications Breakdown: How Russian Telco Infrastructure was Exposed

www.upguard.com/breaches/mts-nokia-telecom-inventory-data-exposure UpGuard can now disclose that a storage device containing 1.7 terabytes of information detailing telecommunications installations throughout the Russian Federation has been secured, preventing any future malicious use. This data includes schematics, administrative credentials, email archives, and other materials relating to telecom infrastructure projects.. Until recently the files were hosted on a rsync server configured for public accessibility. While documents and data stemming from several major Russian telecommunications providers are present, the primary entities affected by the exposure appear to be Nokia and Mobile TeleSystems.. Myös:

techcrunch.com/2019/09/18/russia-sorm-nokia-surveillance/

The FBI Tried to Plant a Backdoor in an Encrypted Phone Network

www.vice.com/en_us/article/pa73dz/fbi-tried-to-plant-backdoor-in-encrypted-phone-phantom-secure The FBI tried to force the owner of an encrypted phone company to put a backdoor in his devices, Motherboard has learned. The company involved is Phantom Secure, a firm that sold privacy-focused BlackBerry phones and which ended up catering heavily to the criminal market, including members of the Sinaloa drug cartel, formerly run by Joaquín “El Chapo” Guzmán.. The news signals some of the tactics law enforcement may use as criminals continue to leverage encrypted communications for their own ends. It also comes as Canadian media reported that a former top official in the Royal Canadian Mounted Police (RCMP), who has been charged with leaking state secrets, offered to sell information to Vincent Ramos, Phantom’s CEO.

 The Legend of Adwind: A Commodity RAT Saga in Eight Parts

unit42.paloaltonetworks.com/the-legend-of-adwind-a-commodity-rat-saga-in-eight-parts/ This blog post documents Adwind RAT familys beginning as an alleged science project, evolution to become widely available commodity malware, and eventual refinement into a private sale to what appears to be a closed customer base. By developing a technique to isolate cracked versions from licensed samples, we have documented the impact of the availability of free, cracked versions, and identified researcher reporting as a repeated catalyst to recen

The cyber threat to Universities

www.ncsc.gov.uk/report/the-cyber-threat-to-universities This paper aims to provide a short assessment of the current cyber security threat to UK universities and academia.. The threat posed to the university sector sits within the broader context of the threat to the UK as a whole. Over the past two years, the UK government has attributed state-sponsored malicious cyber activity against the UK to Russia, China, North Korea and Iran. There is also a serious and sustained threat to the UK from organised cyber crime.

Fileless Cryptocurrency-Miner GhostMiner Weaponizes WMI Objects, Kills Other Cryptocurrency-Mining Payloads

blog.trendmicro.com/trendlabs-security-intelligence/fileless-cryptocurrency-miner-ghostminer-weaponizes-wmi-objects-kills-other-cryptocurrency-mining-payloads/ Cybercriminals continue to use cryptocurrency-mining malware to abuse computing resources for profit. As early as 2017, we have also observed how they have applied fileless techniques to make detection and monitoring more difficult.

Overview of the Marsh-Microsoft 2019 Global Cyber Risk Perception survey results

www.microsoft.com/security/blog/2019/09/18/marsh-microsoft-2019-global-cyber-risk-perception-survey-results/ While companies see cyber events as a top priority, confidence in cyber resilience is declining. Cyber risk became even more firmly entrenched as an organizational priority in the past two years. Yet at the same time, organizations confidence in their ability to manage the risk declined.

WannaCry the worm that just wont die

nakedsecurity.sophos.com/2019/09/18/wannacry-the-worm-that-just-wont-die/ Well, guess what?. Not everyone has patched even now, more than two years later, and WannaCry is not only still alive (and ignoring the kill switch that was designed to stop it), but possibly more alive than ever.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.