Daily NCSC-FI news followup 2019-11-23

FBI says hackers are targeting US auto industry

us.cnn.com/2019/11/20/politics/fbi-us-auto-industry-hackers/index.html The American automotive industry has been the target of malicious cyber actors since at least late 2018, according to an FBI report obtained by CNN.

Leaky Gekko Group database exposes info on hotel brands, travelers

www.scmagazine.com/home/security-news/data-breach/leaky-gekko-group-database-exposes-info-on-hotel-brands-travelers/ European hotel booking platform provider Gekko Group mistakenly stored over 1 terabyte of information on a publicly configured server, exposing troves of data related to its hotel B2B clients, as well as travel agents and their customers.

Over 28,000 web domains suspended for criminal activity

www.zdnet.com/article/over-28000-web-domains-suspended-for-criminal-activity/ Over 28,000 .uk domain names were suspended in the last year over reports of criminal activity. Nominet, which is responsible for keeping the .uk internet infrastructure secure, can suspend domains following notification from the police or other law enforcement agencies that the domain is being used for criminal activity.

Dozens of Severe Flaws Found in 4 Popular Open Source VNC Software

thehackernews.com/2019/11/vnc-remote-software-hacking.html Four popular open-source VNC remote desktop applications have been found vulnerable to a total of 37 security vulnerabilities, many of which went unnoticed for the last 20 years and most severe could allow remote attackers to compromise a targeted system.

OnePlus Suffers New Data Breach Impacting Its Online Store Customers

thehackernews.com/2019/11/oneplus-store-data-breach.html Chinese smartphone maker OnePlus has suffered a new data breach exposing personal and order information of an undisclosed number of its customers, likely, as a result of a vulnerability in its online store website.

Extensive hacking operation discovered in Kazakhstan

www.zdnet.com/article/extensive-hacking-operation-discovered-in-kazakhstan/#ftag=RSSbaffb68 Chinese cyber-security vendor Qihoo 360 published a report on Friday exposing an extensive hacking operation targeting the country of Kazakhstan.

TrickBot Trojan Getting Ready to Steal OpenSSH and OpenVPN Keys

www.bleepingcomputer.com/news/security/trickbot-trojan-getting-ready-to-steal-openssh-and-openvpn-keys/ The Trickbot banking trojan keeps evolving according to researchers who spotted this week an updated password grabber module that could be used to steal OpenSSH private keys and OpenVPN passwords and configuration files.

Clop Ransomware Tries to Disable Windows Defender

www.bleepingcomputer.com/news/security/clop-ransomware-tries-to-disable-windows-defender-malwarebytes/ In order to successfully encrypt a victim’s data, the Clop CryptoMix Ransomware is now attempting to disable Windows Defender as well as remove the Microsoft Security Essentials and Malwarebytes’ standalone Anti-Ransomware programs.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.