Daily NCSC-FI news followup 2019-10-12

These are the 29 countries vulnerable to Simjacker attacks

www.zdnet.com/article/these-are-the-29-countries-vulnerable-to-simjacker-attacks/ Adaptive Mobile publishes the list of countries where mobile operators ship SIM cards vulnerable to Simjacker attacks.. Simjacker attacks spotted in Mexico, Colombia and Peru.

Nemty 1.6 Ransomware Released and Pushed via RIG Exploit Kit

www.bleepingcomputer.com/news/security/nemty-16-ransomware-released-and-pushed-via-rig-exploit-kit/ The RIG exploit kit is now pushing a cocktail of malware that includes a new variant of the Nemty Ransomware. . According to security firm Tesorion, Nemty 1.6 also modified their encryption algorithm to use the Windows cryptographic libraries instead of their own custom AES implementation. . This was most likely done to break the decryptor created by Tesorion, which didn’t go as plan as Tesorion’s decryptor can still decrypt Nemty 1.6 victims for free.

Mikä moka: tiedustelupalvelu osti nollapäivähaavoittuvuuksia – omalla koneella ollut virusskanneri aiheutti melkoisen yllätyksen

www.mikrobitti.fi/uutiset/mb/6bc5e739-52d6-4fd8-a990-92130396c0d7 Uzbekistanin uusi tiedustelupalvelu SandCat oli työssään niin kujalla, että se paitsi vuosi oman hyökkäystyökalunsa tietoturvatutkijoille, myös paljasti vahingossa Saudi-Arabian käyttämiä iskumetodeja.. see also

www.vice.com/en_us/article/9kxp83/researchers-easily-trick-cylances-ai-based-antivirus-into-thinking-malware-is-goodware

Decades-Old Code Is Putting Millions of Critical Devices at Risk

www.wired.com/story/urgent-11-ipnet-vulnerable-devices/ Nearly two decades ago, a company called Interpeak created a network protocol that became an industry standard. It also had severe bugs that are only now coming to light.

Attackers Create Elaborate Crypto Trading Scheme to Install Malware

www.bleepingcomputer.com/news/security/attackers-create-elaborate-crypto-trading-scheme-to-install-malware/ Security researcher MalwareHunterTeam discovered a scheme where an attacker has created a fake company that is offering a free cryptocurrency trading platform called JMT Trader. When this program is installed, it will also infect a victim with a backdoor Trojan.. Possible ties to the Lazarus APT group

You might be interested in …

Daily NCSC-FI news followup 2020-10-17

Google warned users of 33,000 state-sponsored attacks in 2020 www.bleepingcomputer.com/news/security/google-warned-users-of-33-000-state-sponsored-attacks-in-2020/ Google delivered over 33,000 alerts to its users during the first three quarters of 2020 to warn them of state-sponsored phishing attacks targeting their accounts. Political campaign emails contain dark patterns to manipulate donors, voters www.zdnet.com/article/political-campaign-emails-contain-dark-patterns-to-manipulate-donors-voters/ Princeton researchers analyzed 100,000 different campaign emails from more […]

Read More

Daily NCSC-FI news followup 2020-06-07

Fake ransomware decryptor double-encrypts desperate victims’ files www.bleepingcomputer.com/news/security/fake-ransomware-decryptor-double-encrypts-desperate-victims-files/ A fake decryptor for the STOP Djvu Ransomware is being distributed that lures already desperate people with the promise of free decryption. Instead of getting their files back for free, they are infected with another ransomware that makes their situation even worse. New Tekya Ad Fraud Found […]

Read More

Daily NCSC-FI news followup 2021-05-06

Syväteknologiaa kehittävä Unikie kyberturvallisuusjärjestö FISCin jäseneksi: “Kaiken internet (IoE) ilman salattua tietoliikennettä on vastuuton” www.epressi.com/tiedotteet/ohjelmistoteollisuus/syvateknologiaa-kehittava-unikie-kyberturvallisuusjarjesto-fiscin-jaseneksi-kaiken-internet-ioe-ilman-salattua-tietoliikennetta-on-vastuuton.html tsuNAME – New DNS bug allows attackers to DDoS authoritative DNS servers www.bleepingcomputer.com/news/security/new-tsuname-dns-bug-allows-attackers-to-ddos-authoritative-dns-servers/ “What makes TsuNAME particularly dangerous is that it can be exploited to carry out DDoS attacks against critical DNS infrastructure like large TLDs or ccTLDs, potentially affecting […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.