Daily NCSC-FI news followup 2019-10-03

Casbaneiro: Dangerous cooking with a secret ingredient

www.welivesecurity.com/2019/10/03/casbaneiro-trojan-dangerous-cooking/ Casbaneiro, also known as Metamorfo, is a typical Latin American banking trojan that targets banks and cryptocurrency services in Brazil and Mexico (Figure 1). It uses the social engineering method described in the introduction to our previous article, where fake pop-up windows are displayed.

Just a GIF Image Could Have Hacked Your Android Phone Using WhatsApp

thehackernews.com/2019/10/whatsapp-rce-vulnerability.html WhatsApp has recently patched a critical security vulnerability in its app for Android, which remained unpatched for at least 3 months after being discovered, and if exploited, could have allowed remote hackers to compromise Android devices and potentially steal files and chat messages.

Dutch police take down hornets’ nest of DDoS botnets

www.zdnet.com/article/dutch-police-take-down-hornets-nest-of-ddos-botnets/ Dutch police have taken down this week a bulletproof hosting provider that has sheltered tens of IoT botnets that have been responsible for hundreds of thousands of DDoS attacks around the world,. Servers were seized, and two men were arrested yesterday at the offices of KV Solutions BV.


www.ic3.gov/media/2019/191002.aspx This Public Service Announcement (PSA) is an update and companion to Ransomware PSA I-091516-PSA posted on www.ic3.gov. This PSA contains updated information about the ransomware threat.

No More Mixed Messages About HTTPS

security.googleblog.com/2019/10/no-more-mixed-messages-about-https_3.html Today were announcing that Chrome will gradually start ensuring that https:// pages can only load secure https:// subresources. In a series of steps outlined below, well start blocking mixed content (insecure http:// subresources on https:// pages) by default.

Smominru botnet infects 4,700 new PCs daily

www.kaspersky.com/blog/smominru-botnet-eternalblue/28862/ Active since 2017, Smominru has now become one of the most rapidly spreading computer malware, according to a publicly available report. In 2019, during August alone, it infected 90,000 machines worldwide, with an infection rate of up to 4,700 computers per day. China, Taiwan, Russia, Brazil, and the US have seen the most attacks, but that doesnt mean other countries are out of its scope.

macOS systems abused in DDoS attacks

www.zdnet.com/article/macos-systems-abused-in-ddos-attacks/ Up to 40,000 macOS systems expose a particular port online that can be abused for pretty big DDoS attacks.

Minerva attack can recover private keys from smart cards, cryptographic libraries

www.zdnet.com/article/minerva-attack-can-recover-private-keys-from-smart-cards-cryptographic-libraries/ Czech academics have detailed this week a new cryptographic attack that can recover private keys used to sign operations on some smart cards and cryptographic libraries. Once obtained, the private key can allow attackers to spoof any smart cards or sign other cryptographic operations secured by the affected libraries.

Pulling back the curtain on a banking botnet

blog.avast.com/avast-researcher-helps-expose-banking-botnet-geost The Avast Threats Lab team has helped to pull back the curtain on the Geost botnet, which used 13 command-and-control servers to run hundreds of malicious domains. The botnet plundered bank accounts in Russia until in an ironic twist cybersecurity lapses exposed the entire operation, including what developers working on the criminal enterprise said to each other online.

Suomi saa uuden digiturvaosaajan: Kyberturvallisuusjohtaja torjuu bittimaailman uhkia tietokonetumpeloinnista trollaamiseen

yle.fi/uutiset/3-11003492 Suomessakin on laadittu kyberturvallisuusstrategioita, jollaisen päivitetty versio(siirryt toiseen palveluun) hyväksyttiin torstaina valtioneuvostossa. Uuden strategian on tarkoitus vastata alati kehittyvän digitaalisen ympäristön muutokseen.. Uutena ja konkreettisena uudistuksena strategiassa mainitaan kyberturvallisuusjohtajan tehtävä. Se perustetaan liikenne- ja viestintäministeriöön. Kyberturvallisuusjohtaja koordinoi kansallisesti digiuhkiin liittyviä toimia.

You might be interested in …

Daily NCSC-FI news followup 2020-01-10

Why is a 22GB database containing 56 million US folks’ personal details sitting on the open internet using a Chinese IP address? Seriously, why? www.theregister.co.uk/2020/01/09/checkpeoplecom_data_exposed/ The information silo appears to belong to Florida-based CheckPeople.com, which is a typical people-finder website: for a fee, you can enter someone’s name, and it will look up their current […]

Read More

Daily NCSC-FI news followup 2020-10-19

US Indicts Sandworm, Russia’s Most Destructive Cyberwar Unit www.wired.com/story/us-indicts-sandworm-hackers-russia-cyberwar-unit/ The Department of Justice has named and charged six men for allegedly carrying out many of the most costly cyberattacks in history.. see also www.justice.gov/opa/pr/six-russian-gru-officers-charged-connection-worldwide-deployment-destructive-malware-and. indictment www.justice.gov/opa/press-release/file/1328521/download. see also www.ncsc.gov.uk/news/uk-and-partners-condemn-gru-cyber-attacks-against-olympic-an-paralympic-games Ryuk Ransomware Gang Uses Zerologon Bug for Lightning-Fast Attack threatpost.com/ryuk-ransomware-gang-zerologon-lightning-attack/160286/ Researchers said the group was able […]

Read More

Daily NCSC-FI news followup 2021-03-30

Älä ole hiljaa: 7 syytä, joiden vuoksi verkkorötöksistä kannattaa tehdä rikosilmoitus www.is.fi/digitoday/tietoturva/art-2000007889042.html Kyberrikokset tulisi ilmoittaa poliisille, uusi Kyberrikollisuus on poliisiasia -opas kertoo. Suuri osa kyberrikoksista jää ilmoittamatta poliisille. Tähän tärkeimmät syyt ovat epäröinti käynnistää prosessi esimerkiksi negatiivisen julkisuuden pelossa, pelko omien virheiden paljastumisesta, sekä hyötyjen ja haittojen punnitseminen, johon kuuluu muun muassa uskomus rikollisen kiinni […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.