Daily NCSC-FI news followup 2019-11-27
Its Way Too Easy to Get a .gov Domain Name
krebsonsecurity.com/2019/11/its-way-too-easy-to-get-a-gov-domain-name/ Many readers probably believe they can trust links and emails coming from U.S. federal government domain names, or else assume there are at least more stringent verification requirements involved in obtaining a .gov domain versus a commercial one ending in .com or .org. But a recent experience suggests this trust may be severely misplaced, and that it is relatively straightforward for anyone to . obtain their very own .gov domain
Protecting users from government-backed hacking and disinformation
blog.google/technology/safety-security/threat-analysis-group/protecting-users-government-backed-hacking-and-disinformation/ Google’s Threat Analysis Group (TAG) works to counter targeted and government-backed hacking against Google and our users. Weve had a long-standing policy to send users warnings if we detect that they are the subject of state-sponsored phishing attempts, and have posted periodically about these before. From July to September 2019, we sent more than 12,000 warnings to users in 149 countries that
Full(z) House: a digital crime group using a full deck to maximize profits
www.riskiq.com/blog/labs/fullz-house/ In this article, we will discuss our insights into a criminal group that maximizes their profit by working in two ecosystems that are typically distinct, phishing and web skimming. By combining tactics, this group was playing with a full deck when it came to stealing financial data. Introducing Full(z) House.
Cyber Attack Causes Prosegur Security Company To Shut Down Its Network
www.bleepingcomputer.com/news/security/cyber-attack-causes-prosegur-security-company-to-shut-down-its-network/ In a statement at midday today (local time), Spanish multinational security company Prosegur announced that it was the victim of a cybersecurity incident disrupting its telecommunication platform. According to Derecho de la Red, the malware strain used in the attack is Ryuk, delivered via Emotet.
Ransomware Locks Medical Records at Great Plains Health
www.bleepingcomputer.com/news/security/ransomware-locks-medical-records-at-great-plains-health/ Great Plains Health medical center is recovering from a ransomware incident that hit its computer network at the beginning of the week and forced switching to pen and paper to maintain activity.
