Daily NCSC-FI news followup 2019-11-09

Titanium: the Platinum group strikes again

securelist.com/titanium-the-platinum-group-strikes-again/94961/ Platinum is one of the most technologically advanced APT actors with a traditional focus on the APAC region. During recent analysis we discovered Platinum using a new backdoor that we call Titanium (named after a password to one of the self-executable archives). Titanium is the final result of a sequence of dropping, downloading and installing stages. The malware hides at every step by mimicking

Feds release new processes of notifying public about foreign election interference

www.cbsnews.com/news/foreign-election-interference-federal-agencies-release-new-processes-for-notifying-public-2019-11-08/ The summary document said the U.S. Secret Service will be notified of “all activity” targeting major presidential and vice presidential candidates. Notification decisions will take into account whether sources and methods could be compromised by any public disclosure. . [Did not find reference to doc with quick googling, it’s tweeted at https://twitter.com/ericgeller/status/1192876162789363714 ]

You might be interested in …

[NCSC-FI News] Examining the Black Basta Ransomware’s Infection Routine

Black Basta, a new ransomware gang, has swiftly risen to prominence in recent weeks after it caused massive breaches to organizations in a short span of time This blog entry takes a closer look at the Black Basta ransomware and analyzes this newcomer’s familiar infection techniques. Source: Read More (NCSC-FI daily news followup)

Read More

[NCSC-FI News] Insteon Blames Abrupt Shutdown on Failed Effort to Find a Buyer

Original Story 4/19:Home automation company Insteon appears to have quietly shut down without warning. The abrupt service termination left users with broken smart home setups and plenty of questions. UPDATE: Why did Insteon shut down without warning? It ran out of money. Source: Read More (NCSC-FI daily news followup)

Read More

[NCSC-FI News] Nettikatko paljastui kyberhyökkäykseksi kohteena Ukrainan armeija?

Venäjän aloittaman Ukrainan-sodan alkupäivinä tapahtunut laaja Viasatin satelliittiyhteyksien toimintahäiriö on paljastumassa kyberhyökkäykseksi. Isku kohdistui satelliittipohjaisiin internet-yhteyksiin, ja toteutettiin reitittimet toimintakyvyttömäksi tekevällä ohjelmistopäivityksellä, kertoo saksalaisiin hallituslähteisiin tukeutuva Der Spiegel Hyökkäyksen kohteena oli Viasatin KA-SAT-palvelu, jota käytetään runsaasti Itä-Euroopassa. Sitä käyttää myös Ukrainan armeija. Kyberhyökkäys aiheutti häiriöitä myös Saksan energiantuotannossa, sillä verkkoyhteys ainakin 3000 tuulivoimalaan katkesi hyökkäyksessä. […]

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.