Daily NCSC-FI news followup 2019-10-17

Security researcher publishes proof-of-concept code for recent Android zero-day

www.zdnet.com/article/security-researcher-publishes-proof-of-concept-code-for-recent-android-zero-day/ Qu1ckR00t app can root an Android device using the CVE-2019-2215 zero-day.

Operation Ghost: The Dukes arent back they never left

www.welivesecurity.com/2019/10/17/operation-ghost-dukes-never-left/ ESET researchers describe recent activity of the infamous espionage group, the Dukes, including three new malware families. We believe Operation Ghost started in 2013 and it is still ongoing as of this writing. Our research shows that the Ministries of Foreign Affairs in at least three different countries in Europe are affected by this campaign. We have also discovered an infiltration by the Dukes at the Washington, DC embassy of a European Union country.. full report

www.welivesecurity.com/wp-content/uploads/2019/10/ESET_Operation_Ghost_Dukes.pdf

The Untold Story of the 2018 Olympics Cyberattack, the Most Deceptive Hack in History

www.wired.com/story/untold-story-2018-olympics-destroyer-cyberattack/ How digital detectives unraveled the mystery of Olympic Destroyerand why the next big attack will be even harder to crack.

European Airport Systems Infected With Monero-Mining Malware

www.bleepingcomputer.com/news/security/european-airport-systems-infected-with-monero-mining-malware/ More than 50% of all computing systems at a European international airport were recently found to be infected with a Monero cryptominer linked to the Anti-CoinMiner campaign Zscaler spotted during August 2018.. see also

www.cyberbit.com/blog/endpoint-security/cryptocurrency-miners-exploit-airport-resources/

Trump Campaign Website Left Open to Email Server Hijack

threatpost.com/trump-campaign-website-allowed-email-hijack/149278/ A misconfigured website development tool exposed hundreds of email servers to takeover, including President Donald Trumps official campaign website.

Feds Shut Down Largest Dark Web Child Abuse Site; South Korean Admin Arrested

thehackernews.com/2019/10/dark-web-child-abuse.html The United States Department of Justice said today that they had arrested hundreds of criminals in a global crackdown after taking down the largest known child porn site on the dark web and tracing payments made in bitcoins.

When Card Shops Play Dirty, Consumers Win

krebsonsecurity.com/2019/10/when-card-shops-play-dirty-consumers-win/ Cybercrime forums have been abuzz this week over news that BriansClub one of the undergrounds largest shops for stolen credit and debit cards has been hacked, and its inventory of 26 million cards shared with security contacts in the banking industry. Now it appears this brazen heist may have been the result of one of BriansClubs longtime competitors trying to knock out a rival.

Microsoft Adds Azure AD Sign-In History to Detect Unusual Activity

www.bleepingcomputer.com/news/microsoft/microsoft-adds-azure-ad-sign-in-history-to-detect-unusual-activity/ Microsoft announced the addition of an Azure Active Directory (AD) sign-in history feature that would allow users to get an overview of past sign-ins and quickly detect any unusual login activity.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.