Daily NCSC-FI news followup 2019-09-28

More SIM Cards Vulnerable to Simjacker Attack Than Previously Disclosed

thehackernews.com/2019/09/dynamic-sim-toolkit-vulnerability.html Remember the Simjacker vulnerability? Now, it turns out that the [email protected] Browser is not the only dynamic SIM toolkit that contains the Simjacker issue which can be exploited remotely from any part of the world without any authorizationregardless of which handsets or mobile operating systems victims are using.

Most malspam contains a malicious URL these days, not file attachments

www.zdnet.com/article/most-malspam-contains-a-malicious-url-these-days-not-file-attachments/ Most malicious email spam (malspam) sent in the first half of the year has contained links to malicious files, rather than file attachments, according to telemetry gathered by cyber-security firm Proofpoint.

Cyber-Attacks Hit Defense Contractors in Europe and North America

www.bleepingcomputer.com/news/security/cyber-attacks-hit-defense-contractors-in-europe-and-north-america/ Defense contractors Rheinmetall AG and Defence Construction Canada (DCC) were hit this month by cyber-attacks that impacted and disrupted their information technology systems.

Masad Stealer: Exfiltrating using Telegram

forums.juniper.net/t5/Threat-Research/Masad-Stealer-Exfiltrating-using-Telegram/ba-p/468559 Juniper Threat Labs discovered a new Trojan-delivered spyware that uses Telegram to exfiltrate stolen information. Using Telegram as a Command and Control (CnC) channel allows the malware some anonymity, as Telegram is a legitimate messaging application with 200 million monthly active users.

Daily NCSC-FI news followup 2020-07-17

Iranian Spies Accidentally Leaked Videos of Themselves Hacking www.wired.com/story/iran-apt35-hacking-video/ IBM’s X-Force security team obtained five hours of APT35 hacking operations, showing exactly how the group steals data from email accountsand who it’s targeting. Read also: thehackernews.com/2020/07/iranian-hacking-training-videos.html, arstechnica.com/information-technology/2020/07/iran-state-hackers-caught-with-their-pants-down-in-intercepted-videos/ and securityintelligence.com/posts/new-research-exposes-iranian-threat-group-operations/ Can the exfiltration of personal data by web trackers be stopped? freedom-to-tinker.com/2020/07/14/can-the-exfiltration-of-personal-data-by-web-trackers-be-stopped/ In a series of […]

Daily NCSC-FI news followup 2020-02-02

Firefox now shows what telemetry data it’s collecting about you www.zdnet.com/article/firefox-now-shows-what-telemetry-data-its-collecting-about-you/ Users can no go to about:telemetry and see what Mozilla is collecting about their Firefox installs. Poliisin ohje Nivalan Nuorisoseuran täydelle salille ikäihmisiä, miten pitää rahat ja omaisuus varkailta suojassa: “Jos Töllin Keijo soittaa teille, älkää antako tunnuslukua.” www.nivala-lehti.fi/uutinen/588218 Kun sosiaalisessa mediassa kuitenkin ollaan, […]

Daily NCSC-FI news followup 2021-03-09

Dangerous Malware Dropper Found in 9 Utility Apps on Googles Play Store blog.checkpoint.com/2021/03/09/dangerous-malware-dropper-found-in-9-utility-apps-on-googles-play-store/ Check Point Research (CPR) recently discovered a new dropper spreading via the Google Play store. The dropper, dubbed Clast82, has the ability to avoid detection by Google Play Protect, complete the evaluation period successfully, and change the payload dropped from a non-malicious […]