Daily NCSC-FI news followup 2019-10-16

Phorpiex Botnet Sending Out Millions of Sextortion Emails Using Hacked Computers

thehackernews.com/2019/10/phorpiex-botnet-sextortion-emails.html A decade-old botnet malware that currently controls over 450,000 computers worldwide has recently shifted its operations from infecting machines with ransomware or crypto miners to abusing them for sending out sextortion emails to millions of innocent people.

Docker Containers Riddled with Graboid Crypto-Worm

threatpost.com/docker-containers-graboid-crypto-worm/149235/ A worm with a randomized propagation method is spreading via the popular container technology.. The Docker cloud containerization technology is the target for a just-discovered cryptojacking worm dubbed Graboid.

On-Board Mystery Boxes Threaten Global Shipping Vessels

threatpost.com/on-board-mystery-boxes-threaten-global-shipping-vessels/149211/ Unknown, vulnerable systems are present in nearly every ship environment that researchers have pen-tested.. see also

www.pentestpartners.com/security-blog/unmasking-mystery-boxes-on-ships-bridges/

New SDBot Remote Access Trojan Used in TA505 Malspam Campaigns

www.bleepingcomputer.com/news/security/new-sdbot-remote-access-trojan-used-in-ta505-malspam-campaigns/ Researchers discovered two new malware strains distributed via phishing campaigns carried out by the TA505 hacking group during the last two months, a new downloader dubbed Get2 and an undocumented remote access Trojan (RAT) named SDBbot.

.WAVs Hide Malware in Their Depths in Innovative Campaign

threatpost.com/wavs-hide-malware/149240/ Audio .WAV files are the latest hiding place for obfuscated malicious code; a campaign has been spotted in which malicious content was secretly woven throughout the files audio data.

Facebook Encourages Bug Hunting in Third-Party Services

www.bleepingcomputer.com/news/security/facebook-encourages-bug-hunting-in-third-party-services/ Facebook updated the terms of its bug bounty program for third-party services integrating with the platform to increase the rewards received by researchers.

Intelligence Gathering on U.S. Critical Infrastructure

www.icscybersecurityconference.com/intelligence-gathering-on-u-s-critical-infrastructure/ This time I will present how Open Source Intelligence can be applied to reconnaissance on critical infrastructure. In many cases its possible to narrow a search to specific buildings like power plants, wastewater plants, or chemical and manufactured facilities. The research consists of 26,000 exposed devices in United States.

Daily NCSC-FI news followup 2020-07-20

Cybersecurity basics more important then ever in the new normal of remote work says Salesforce Chief Trust Officer www.zdnet.com/article/cybersecurity-basics-more-important-then-ever-in-the-new-normal-of-remote-work-says-salesforce-chief-trust-officer/ Jim Alkove, Chief Trust Officer at Salesforce, talks security in the new normal of remote work, cybersecurity best practices, and how security jobs can be a way to increase diversity in IT. BadPower attack corrupts fast […]

Daily NCSC-FI news followup 2021-01-06

FBI, CISA, NSA Officially Blame Russia for SolarWinds Cyber Attack thehackernews.com/2021/01/fbi-cisa-nsa-officially-blames-russia.html The U.S. government on Tuesday formally pointed fingers at the Russian government for orchestrating the massive SolarWinds supply chain attack that came to light early last month. Lisäksi: This work indicates that an Advanced Persistent Threat (APT) actor, likely Russian in origin, is responsible […]

Daily NCSC-FI news followup 2020-05-13

Microsoft Patch Tuesday, May 2020 Edition krebsonsecurity.com/2020/05/microsoft-patch-tuesday-may-2020-edition/ Microsoft issued software updates to plug at least 111 security holes in Windows and Windows-based programs. None of the vulnerabilities were labeled as being publicly exploited or detailed prior to today, but as always if youre running Windows on any of your machines its time once again to […]