Daily NCSC-FI news followup 2019-10-12

These are the 29 countries vulnerable to Simjacker attacks

www.zdnet.com/article/these-are-the-29-countries-vulnerable-to-simjacker-attacks/ Adaptive Mobile publishes the list of countries where mobile operators ship SIM cards vulnerable to Simjacker attacks.. Simjacker attacks spotted in Mexico, Colombia and Peru.

Nemty 1.6 Ransomware Released and Pushed via RIG Exploit Kit

www.bleepingcomputer.com/news/security/nemty-16-ransomware-released-and-pushed-via-rig-exploit-kit/ The RIG exploit kit is now pushing a cocktail of malware that includes a new variant of the Nemty Ransomware. . According to security firm Tesorion, Nemty 1.6 also modified their encryption algorithm to use the Windows cryptographic libraries instead of their own custom AES implementation. . This was most likely done to break the decryptor created by Tesorion, which didn’t go as plan as Tesorion’s decryptor can still decrypt Nemty 1.6 victims for free.

Mikä moka: tiedustelupalvelu osti nollapäivähaavoittuvuuksia – omalla koneella ollut virusskanneri aiheutti melkoisen yllätyksen

www.mikrobitti.fi/uutiset/mb/6bc5e739-52d6-4fd8-a990-92130396c0d7 Uzbekistanin uusi tiedustelupalvelu SandCat oli työssään niin kujalla, että se paitsi vuosi oman hyökkäystyökalunsa tietoturvatutkijoille, myös paljasti vahingossa Saudi-Arabian käyttämiä iskumetodeja.. see also

www.vice.com/en_us/article/9kxp83/researchers-easily-trick-cylances-ai-based-antivirus-into-thinking-malware-is-goodware

Decades-Old Code Is Putting Millions of Critical Devices at Risk

www.wired.com/story/urgent-11-ipnet-vulnerable-devices/ Nearly two decades ago, a company called Interpeak created a network protocol that became an industry standard. It also had severe bugs that are only now coming to light.

Attackers Create Elaborate Crypto Trading Scheme to Install Malware

www.bleepingcomputer.com/news/security/attackers-create-elaborate-crypto-trading-scheme-to-install-malware/ Security researcher MalwareHunterTeam discovered a scheme where an attacker has created a fake company that is offering a free cryptocurrency trading platform called JMT Trader. When this program is installed, it will also infect a victim with a backdoor Trojan.. Possible ties to the Lazarus APT group

You might be interested in …

Daily NCSC-FI news followup 2019-10-17

Security researcher publishes proof-of-concept code for recent Android zero-day www.zdnet.com/article/security-researcher-publishes-proof-of-concept-code-for-recent-android-zero-day/ Qu1ckR00t app can root an Android device using the CVE-2019-2215 zero-day. Operation Ghost: The Dukes arent back they never left www.welivesecurity.com/2019/10/17/operation-ghost-dukes-never-left/ ESET researchers describe recent activity of the infamous espionage group, the Dukes, including three new malware families. We believe Operation Ghost started in 2013 […]

Read More

Daily NCSC-FI news followup 2020-01-05

Austria: Cyberangriff auf Außenministerium orf.at/stories/3149769/ Die IT-Systeme des Außenministeriums sind derzeit offenbar Ziel eines schwerwiegenden Cyberangriffs. Der Angriff lief auch am Sonntag weiter, so Außenamtssprecher Peter Guschelbauer. Vonseiten des Ministeriums vermutet man einen Angriff eines staatlichen Akteurs.. Also www.bbc.com/news/world-europe-50997773 US announces AI software export restrictions www.theverge.com/2020/1/5/21050508/us-export-ban-ai-software-china-geospatial-analysis The ban, which comes into force on Monday, is […]

Read More

Daily NCSC-FI news followup 2020-07-13

The NCSC-UK’s Exercise in a Box tool set has been updated to help organisations keep their employees safe while working from home www.zdnet.com/article/remote-working-this-free-tool-tests-how-good-your-security-really-is/ The ‘Home and Remote Working’ exercise has been added to the NCSC-UK’s Exercise in a Box, a toolkit designed to help small and medium-sized businesses prepare to defend against cyber attacks by […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.