Daily NCSC-FI news followup 2019-11-28

Threat Spotlight: Machete Info-Stealer

threatvector.cylance.com/en_us/home/threat-spotlight-machete-info-stealer.html Machete is an info-stealing malware that can harvest user credentials, chat logs, screenshots, webcam pictures, geolocation, and perform keylogging. It can also copy files to a USB device and take control of the clipboard to exfiltrate information.

DHS Mandates Federal Agencies to Run Vulnerability Disclosure Policy

www.schneier.com/blog/archives/2019/11/dhs_mandates_fe.html The DHS is requiring all federal agencies to develop a vulnerability disclosure policy. The goal is that people who discover vulnerabilities in government systems have a mechanism for reporting them to someone who might actually do something about it.

Magento Marketplace Suffers Data Breach Exposing Users’ Account Info

thehackernews.com/2019/11/magento-marketplace-data-breach.html Adobethe company owning Magento e-commerce platformtoday disclosed a new data breach incident that exposed account information of Magento marketplace users to an unknown group of hackers or individuals.

NSO Group President Defends Controversial Tactics

threatpost.com/nso-group-president-defends-controversial-tactics/150694/ In a rare public appearance by Shiri Dolev, the president of the secretive NSO Group Technologies, the company leader vented over what she called false myths about the firm.

Microsoft Outlook for Android Bug Opens Door to XSS

threatpost.com/microsoft-outlook-android-bug-xss/150528/ Users of the Microsoft Outlook for Android app should update their apps to avoid a range of attacks. The bug (CVE-2019-1460) would allow an attacker to perform cross-site scripting (XSS) attacks on the affected systems.

Security firm Prosegur: We’ve shut our IT network after Ryuk ransomware attack

www.zdnet.com/article/security-firm-prosegur-weve-shut-our-it-network-after-ryuk-ransomware-attack/ Spanish multinational cash logistics and private security company Prosegur said Wednesday it had shut down its IT network to mitigate a Ryuk ransomware infection.

Dutch Govt Warns of 3 Ransomware Infecting 1,800 Businesses

www.bleepingcomputer.com/news/security/dutch-govt-warns-of-3-ransomware-infecting-1-800-businesses/ A confidential report from the National Cyber Security Centre (NCSC) in the Netherlands informs that at least 1,800 companies are affected by ransomware across the world. The report names three file-encrypting malware pieces responsible for the infections that use the same digital infrastructure and considers them “common forms of ransomware.”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.