Daily NCSC-FI news followup 2019-11-28

Threat Spotlight: Machete Info-Stealer

threatvector.cylance.com/en_us/home/threat-spotlight-machete-info-stealer.html Machete is an info-stealing malware that can harvest user credentials, chat logs, screenshots, webcam pictures, geolocation, and perform keylogging. It can also copy files to a USB device and take control of the clipboard to exfiltrate information.

DHS Mandates Federal Agencies to Run Vulnerability Disclosure Policy

www.schneier.com/blog/archives/2019/11/dhs_mandates_fe.html The DHS is requiring all federal agencies to develop a vulnerability disclosure policy. The goal is that people who discover vulnerabilities in government systems have a mechanism for reporting them to someone who might actually do something about it.

Magento Marketplace Suffers Data Breach Exposing Users’ Account Info

thehackernews.com/2019/11/magento-marketplace-data-breach.html Adobethe company owning Magento e-commerce platformtoday disclosed a new data breach incident that exposed account information of Magento marketplace users to an unknown group of hackers or individuals.

NSO Group President Defends Controversial Tactics

threatpost.com/nso-group-president-defends-controversial-tactics/150694/ In a rare public appearance by Shiri Dolev, the president of the secretive NSO Group Technologies, the company leader vented over what she called false myths about the firm.

Microsoft Outlook for Android Bug Opens Door to XSS

threatpost.com/microsoft-outlook-android-bug-xss/150528/ Users of the Microsoft Outlook for Android app should update their apps to avoid a range of attacks. The bug (CVE-2019-1460) would allow an attacker to perform cross-site scripting (XSS) attacks on the affected systems.

Security firm Prosegur: We’ve shut our IT network after Ryuk ransomware attack

www.zdnet.com/article/security-firm-prosegur-weve-shut-our-it-network-after-ryuk-ransomware-attack/ Spanish multinational cash logistics and private security company Prosegur said Wednesday it had shut down its IT network to mitigate a Ryuk ransomware infection.

Dutch Govt Warns of 3 Ransomware Infecting 1,800 Businesses

www.bleepingcomputer.com/news/security/dutch-govt-warns-of-3-ransomware-infecting-1-800-businesses/ A confidential report from the National Cyber Security Centre (NCSC) in the Netherlands informs that at least 1,800 companies are affected by ransomware across the world. The report names three file-encrypting malware pieces responsible for the infections that use the same digital infrastructure and considers them “common forms of ransomware.”

You might be interested in …

Daily NCSC-FI news followup 2021-02-02

Liikkeellä erittäin uskottavia huijaussivuja älä mene verkkopankkiin Google-haun kautta www.finanssiala.fi/uutismajakka/Sivut/Liikkeella-uskottavia-huijaussivuja-ala-mene-verkkopankkiin-Google-haun-kautta.aspx Huijarit pyrkivät tällä hetkellä erittäin aktiivisesti verkkopankkeihin tuttujen sähköpostilinkkien avulla. Lisäksi pankit ovat havainneet uuden huijauskampanjan, jossa rikolliset ovat tavalla tai toisella saaneet ujutettua huijaussivustojaan Googlen hakutuloksiin. Pankeista neuvotaan, että ainakaan toistaiseksi ei kannata mennä verkkopankkiin hakemalla pankkinsa nimeä Googlesta, vaan kirjoittamalla osoite selaimen osoitekenttään. […]

Read More

Daily NCSC-FI news followup 2019-10-20

Equifax used ‘admin’ as username and password for sensitive data finance.yahoo.com/news/equifax-password-username-admin-lawsuit-201118316.html The Pixel 4s face unlock works on sleeping, unconscious people arstechnica.com/gadgets/2019/10/the-pixel-4s-face-unlock-works-on-sleeping-unconscious-people/ NordVPN is investigating a potential certificate leak. Unconfirmed as of now. https://twitter.com/NordVPN/status/1185979592374398976 See also https://twitter.com/cryptostorm_is/status/1185976222364438528

Read More

Daily NCSC-FI news followup 2019-07-24

Low Barr: Don’t give me that crap about security, just put the backdoors in the encryption, roars US Attorney General www.theregister.co.uk/2019/07/23/us_encryption_backdoor/ While speaking today in New York, Barr demanded eavesdropping mechanisms be added to consumer-level software and devices, mechanisms that can be used by investigators to forcibly decrypt and pry into strongly end-to-end encrypted chats, […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.