Daily NCSC-FI news followup 2019-11-27

Its Way Too Easy to Get a .gov Domain Name

krebsonsecurity.com/2019/11/its-way-too-easy-to-get-a-gov-domain-name/ Many readers probably believe they can trust links and emails coming from U.S. federal government domain names, or else assume there are at least more stringent verification requirements involved in obtaining a .gov domain versus a commercial one ending in .com or .org. But a recent experience suggests this trust may be severely misplaced, and that it is relatively straightforward for anyone to . obtain their very own .gov domain

Protecting users from government-backed hacking and disinformation

blog.google/technology/safety-security/threat-analysis-group/protecting-users-government-backed-hacking-and-disinformation/ Google’s Threat Analysis Group (TAG) works to counter targeted and government-backed hacking against Google and our users. Weve had a long-standing policy to send users warnings if we detect that they are the subject of state-sponsored phishing attempts, and have posted periodically about these before. From July to September 2019, we sent more than 12,000 warnings to users in 149 countries that

Full(z) House: a digital crime group using a full deck to maximize profits

www.riskiq.com/blog/labs/fullz-house/ In this article, we will discuss our insights into a criminal group that maximizes their profit by working in two ecosystems that are typically distinct, phishing and web skimming. By combining tactics, this group was playing with a full deck when it came to stealing financial data. Introducing Full(z) House.

Cyber Attack Causes Prosegur Security Company To Shut Down Its Network

www.bleepingcomputer.com/news/security/cyber-attack-causes-prosegur-security-company-to-shut-down-its-network/ In a statement at midday today (local time), Spanish multinational security company Prosegur announced that it was the victim of a cybersecurity incident disrupting its telecommunication platform. According to Derecho de la Red, the malware strain used in the attack is Ryuk, delivered via Emotet.

Ransomware Locks Medical Records at Great Plains Health

www.bleepingcomputer.com/news/security/ransomware-locks-medical-records-at-great-plains-health/ Great Plains Health medical center is recovering from a ransomware incident that hit its computer network at the beginning of the week and forced switching to pen and paper to maintain activity.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.