NCSC-FI News followup

Daily NCSC-FI news followup 2019-11-18

How the Iranian Government Shut Off the Internet Amid widespread demonstrations over rising gasoline prices, Iranians began experiencing internet slowdowns over the last few days that became a near-total internet and mobile data blackout on Saturday. The government is apparently seeing to silence protestors and quell unrest. So how does a country like Iran switch off internet to a population of more than 80 million? It’s not an easy thing to do.

Disney+ fans without answers after thousands hacked Thousands of Disney customers say they have been hacked after signing up to its online streaming service.

Pipka Card Skimmer Removes Itself After Infecting eCommerce Sites A new JavaScript payment card skimmer, dubbed Pipka, has been identified on at least seventeen merchant websites attempting to target site visitors payment data. Unlike other skimmers, Pipka removes itself from the HTML code of compromised websites after exfiltrating payment card data a detection evasion technique never seen before with JavaScript web skimmers.

Interpol: Strong encryption helps online predators. Build backdoors Three people “briefed on the matter” told financial newswire Reuters yesterday that the agency would be issuing a statement this week condemning the use of strong encryption because it helps child predators.. While the statement may well read like the rantings of a demented senior citizen in some long-forgotten care home, it builds on similar statements from Western governments, police and spy agencies, as well as new international treaties. So-called “think of the children” rhetoric is a tried and trusted strategy for police workers who are determined to get their way with politicians.

The Iran Cables In an unprecedented leak from one of the worlds most secretive regimes, an anonymous source provided 700 pages of Iranian intelligence reports to The Intercept, saying they wanted to let the world know what Iran is doing in my country Iraq.. also: also:

Otaniemen Junction-hackathonissa ennätysmäärä ulkomaalaisia osallistujia Pääpalkinto lasten kyberturvaa edistävälle sovellukselle Viikonlopun aikana osallistujat rakensivat yhteensä 350 uutta teknologiaprojektia, joista voittajaksi valittiin lasten kyberturvallisuutta edistävä sovellus. Sovellus mahdollistaa tarinallistamalla lapsille oman salasanansa luonnin ja muistamisen.

Pemex ransomware attack: Mexico Oil, Gas Recovery Update. How the Mexican state oil and gas conglomerate is striving to bring systems back online.

Someone is using the ‘Cozy Bear’ moniker to scare DDoS victims into bitcoin payments Multiple companies have reported to the security vendor Akamai that they were hit with a distributed denial-of-service attack, which degrades victims web services by overwhelming them with fake traffic. After a brief DDoS hit, victims say they receive an extortion note from a group claiming to be Cozy Bear, a state-sponsored Russian hacking group.. The scheme works like this: attackers launch the DDoS attack from a botnet, in which each IP in the botnet sends a fraction of the overall traffic to the target. The victim has a deadline, typically six days, to pay two bitcoin. If they dont pay by the time the deadline expires, the fee increases by one bitcoin per day, and the DDoS resumes.

Phineas Fisher Offers $100,000 Bounty to Hack Banks and Oil Companies Its a reward for hacktivists and criminals who break into capitalist institutions, offered by one of the most infamous hackers of all time.

The Importance of the Network in Detecting Incidents in Critical Infrastructure In order to have assurance of business operations, it is critical to have visibility and awareness into what is occurring on the network at any given time.. In the security world we can infer much from network telemetry, from malware behaviour and reconnaissance, to data exfiltration. It is even possible to infer to some extent what is contained in encrypted traffic.

Fortinet, Siemens pair up to better secure operational technology Fortinet and Siemens unveiled a partnership designed to better secure operational technology networks in markets such as utilities, transportation and oil and gas.. Under the alliance, Siemens will integrate its industrial and operational technologies and control systems with Fortinet’s cybersecurity platform and Fortinet Security Fabric. The aim is to better secure edge computing and Internet of things devices.

Windows security warning: Ransomware is growing fastest, and just got harder to tackle Tech security company Bitdefender analysed Windows security threats including ransomware, coin miners, fileless malware, PUAs (‘potentially unwanted applications’ that can compromise privacy or security), exploits (attacks based on unpatched or previously-unknown vulnerabilities) and banking Trojans.. Bitdefender found that of all these threats, ransomware reports saw the biggest year-on-year increase — 74.2%. Ransomware also ranked first in terms of the total number of reports.. report:

Linux, Windows Users Targeted With New ACBackdoor Malware Researchers have discovered a new multi-platform backdoor that infects Windows and Linux systems allowing the attackers to run malicious code and binaries on the compromised machines.. The malware dubbed ACBackdoor is developed by a threat group with experience in developing malicious tools for the Linux platform based on the higher complexity of the Linux variant as Intezer security researcher Ignacio Sanmillan found.. “ACBackdoor provides arbitrary execution of shell commands, arbitrary binary execution, persistence, and update capabilities,” the Intezer researcher found.

Experts found undocumented access feature in Siemens SIMATIC PLCs Researchers discovered a vulnerability in Siemens SIMATIC S7-1200 programmable logic controller (PLC) that could allow attackers to execute arbitrary code on vulnerable devices.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.