Daily NCSC-FI news followup 2019-10-03

Casbaneiro: Dangerous cooking with a secret ingredient

www.welivesecurity.com/2019/10/03/casbaneiro-trojan-dangerous-cooking/ Casbaneiro, also known as Metamorfo, is a typical Latin American banking trojan that targets banks and cryptocurrency services in Brazil and Mexico (Figure 1). It uses the social engineering method described in the introduction to our previous article, where fake pop-up windows are displayed.

Just a GIF Image Could Have Hacked Your Android Phone Using WhatsApp

thehackernews.com/2019/10/whatsapp-rce-vulnerability.html WhatsApp has recently patched a critical security vulnerability in its app for Android, which remained unpatched for at least 3 months after being discovered, and if exploited, could have allowed remote hackers to compromise Android devices and potentially steal files and chat messages.

Dutch police take down hornets’ nest of DDoS botnets

www.zdnet.com/article/dutch-police-take-down-hornets-nest-of-ddos-botnets/ Dutch police have taken down this week a bulletproof hosting provider that has sheltered tens of IoT botnets that have been responsible for hundreds of thousands of DDoS attacks around the world,. Servers were seized, and two men were arrested yesterday at the offices of KV Solutions BV.


www.ic3.gov/media/2019/191002.aspx This Public Service Announcement (PSA) is an update and companion to Ransomware PSA I-091516-PSA posted on www.ic3.gov. This PSA contains updated information about the ransomware threat.

No More Mixed Messages About HTTPS

security.googleblog.com/2019/10/no-more-mixed-messages-about-https_3.html Today were announcing that Chrome will gradually start ensuring that https:// pages can only load secure https:// subresources. In a series of steps outlined below, well start blocking mixed content (insecure http:// subresources on https:// pages) by default.

Smominru botnet infects 4,700 new PCs daily

www.kaspersky.com/blog/smominru-botnet-eternalblue/28862/ Active since 2017, Smominru has now become one of the most rapidly spreading computer malware, according to a publicly available report. In 2019, during August alone, it infected 90,000 machines worldwide, with an infection rate of up to 4,700 computers per day. China, Taiwan, Russia, Brazil, and the US have seen the most attacks, but that doesnt mean other countries are out of its scope.

macOS systems abused in DDoS attacks

www.zdnet.com/article/macos-systems-abused-in-ddos-attacks/ Up to 40,000 macOS systems expose a particular port online that can be abused for pretty big DDoS attacks.

Minerva attack can recover private keys from smart cards, cryptographic libraries

www.zdnet.com/article/minerva-attack-can-recover-private-keys-from-smart-cards-cryptographic-libraries/ Czech academics have detailed this week a new cryptographic attack that can recover private keys used to sign operations on some smart cards and cryptographic libraries. Once obtained, the private key can allow attackers to spoof any smart cards or sign other cryptographic operations secured by the affected libraries.

Pulling back the curtain on a banking botnet

blog.avast.com/avast-researcher-helps-expose-banking-botnet-geost The Avast Threats Lab team has helped to pull back the curtain on the Geost botnet, which used 13 command-and-control servers to run hundreds of malicious domains. The botnet plundered bank accounts in Russia until in an ironic twist cybersecurity lapses exposed the entire operation, including what developers working on the criminal enterprise said to each other online.

Suomi saa uuden digiturvaosaajan: Kyberturvallisuusjohtaja torjuu bittimaailman uhkia tietokonetumpeloinnista trollaamiseen

yle.fi/uutiset/3-11003492 Suomessakin on laadittu kyberturvallisuusstrategioita, jollaisen päivitetty versio(siirryt toiseen palveluun) hyväksyttiin torstaina valtioneuvostossa. Uuden strategian on tarkoitus vastata alati kehittyvän digitaalisen ympäristön muutokseen.. Uutena ja konkreettisena uudistuksena strategiassa mainitaan kyberturvallisuusjohtajan tehtävä. Se perustetaan liikenne- ja viestintäministeriöön. Kyberturvallisuusjohtaja koordinoi kansallisesti digiuhkiin liittyviä toimia.

You might be interested in …

Daily NCSC-FI news followup 2019-10-27

TrialWorks Ransomware Attack Disrupts Court Cases and Deadlines www.bleepingcomputer.com/news/security/trialworks-ransomware-attack-disrupts-court-cases-and-deadlines/ TrialWorks, one of the top-rated providers of legal case management software for law firms and attorneys, became the victim of a ransomware attack earlier this month. The ripples of disruption from this incident made it impossible for lawyers to access the legal documents hosted on TrialWorks […]

Read More

Daily NCSC-FI news followup 2020-08-31

Bluetoothin turvallinen käyttö älylaitteissa www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/bluetoothin-turvallinen-kaytto-alylaitteissa Suomen korona-altistuksia jäljittävä sovellus auttaa katkaisemaan tartuntaketjuja ja hillitsemään viruksen leviämistä. Jäljittäminen perustuu Bluetooth Low Energy (BLE) -tekniikkaan: laitteet tunnistavat olevansa toisen laitteen lähellä BLE-signaalien voimakkuuden perusteella. Tässä artikkelissa korjaamme oletuksia ja vastaamme kysymyksiin, jotka liittyvät Bluetoothin käytön tietoturvariskeihin. Cisco warns of actively exploited bug in carrier-grade routers www.bleepingcomputer.com/news/security/cisco-warns-of-actively-exploited-bug-in-carrier-grade-routers/ Cisco […]

Read More

Daily NCSC-FI news followup 2021-04-15

White House formally blames Russian intelligence service SVR for SolarWinds hack therecord.media/white-house-formally-blames-russian-intelligence-service-svr-for-solarwinds-hack/ In a press release today announcing a broad set of sanctions against the Russian government, the Biden administration has formally named the Russian Foreign Intelligence Service, also known as the SVR, as the perpetrator of the 2020 SolarWinds Orion supply chain attack.. The […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.