Daily NCSC-FI news followup 2019-12-22

Florida man jailed for over five years after cyberstalking schoolmate, posting threats

www.zdnet.com/article/man-jailed-for-over-five-years-after-cyberstalking-schoolmate-posting-threats/

One Day, Three Credit Card Data Breach Notifications

www.bleepingcomputer.com/news/security/one-day-three-credit-card-data-breach-notifications/ On the same day this week, two restaurants and a convenience store, all with locations across the U.S., disclosed security breach incidents that may have enabled attackers to steal customer payment card data.. Wawa www.wawa.com/alerts/data-security. Islands Restaurants

www.islandsrestaurants.com/paymentcardnotification. Champagne Bakery

www.champagnebakery.com/champagne-french-bakery-cafe-substitute-notice/

Weekly roundup: Tracking President Trump with cellphone location data

www.theregister.co.uk/2019/12/21/roundup_dec_20/ New York Times obtained a three-year-old database of 50 billion phone location pings for more than 12 million Americans.. The journalists analyzing the data found one phone that appeared to belong to a Secret Service agent on President Trump’s team, and showed the course of the agent’s progress during a trip to the commander-in-chief’s Mar-a-Lago resort, then to a golf course where Trump was playing golf with the Japanese prime minister.

The Week in Ransomware – December 20th 2019 – Attacks Everywhere

www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-20th-2019-attacks-everywhere/ This week’s ransomware news continues to be dominated by targeted ransomware attacks against hospitals, cities, and businesses and the new tactic of releasing victim’s data if they do not pay.

Dropbox Zero-Day Vulnerability Gets Temporary Fix

www.bleepingcomputer.com/news/security/dropbox-zero-day-vulnerability-gets-temporary-fix/ Dropbox has yet to release a new version that patches the flaw but a temporary solution is freely available in the form of a micropatch.

U.S. Navy bans TikTok from government-issued mobile devices

www.reuters.com/article/us-usa-tiktok-navy/u-s-navy-bans-tiktok-from-government-issued-mobile-devices-idUSKBN1YO2HU Earlier this week the United States Navy banned the social media app TikTok from government-issued mobile devices, saying the popular short video app represented a cybersecurity threat.

Windows Remote Desktop Services Used for Fileless Malware Attacks

www.bleepingcomputer.com/news/security/windows-remote-desktop-services-used-for-fileless-malware-attacks/

Not so IDLE hands: FBI program offers companies data protection via deception

arstechnica.com/information-technology/2019/12/not-so-idle-hands-fbi-program-offers-companies-data-protection-via-deception/ Newly surfaced doc outlines FBI’s IDLE program – which teases thieves with “decoy data.”

Apple Opens Its Invite-Only Bug Bounty Program to All Researchers

thehackernews.com/2019/12/apple-bug-bounty-program.html Highlight: an enormous increase in the maximum reward from $200,000 to $1.5 million

You might be interested in …

Daily NCSC-FI news followup 2020-03-22

Remote working safety and security www.kaspersky.com/blog/remote-work-security/34258/?utm_source=rss&utm_medium=rss&utm_campaign=remote-work-security That makes sense: If companies are to continue functioning, and if your job is location-neutral, staying home reduces the likelihood of catching and transmitting the coronavirus while letting you continue doing your job. Honeypot – Scanning and Targeting Devices & Services isc.sans.edu/forums/diary/Honeypot+Scanning+and+Targeting+Devices+Services/25928/ I was curious this week to see […]

Read More

Daily NCSC-FI news followup 2021-01-13

Cloud Threat Hunting: Attack & Investigation Series- Lateral Movement Under the Radar blog.checkpoint.com/2021/01/13/cloud-threat-hunting-attack-investigation-series-lateral-movement-under-the-radar/ A sign of a truly sophisticated attack in the cloud is the ability to move laterally undetected. Doing so successfully requires knowledge of many techniques. In this latest installation of the Cloud Threat Hunting: Attack and Investigation Series, we present the most […]

Read More

Daily NCSC-FI news followup 2020-09-30

Android Spyware Variant Snoops on WhatsApp, Telegram Messages threatpost.com/new-android-spyware-whatsapp-telegram/159694/ The Android malware comes from threat group APT-C-23, also known as Two-Tailed Scorpion and Desert Scorpion. The Emerald Connection: EquationGroup collaboration with Stuxnet fmmresearch.wordpress.com/2020/09/28/the-emerald-connection-equationgroup-collaboration-with-stuxnet/ This article is part of a continued ongoing effort in my research of the use of a series of libraries called Exploit […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.