Daily NCSC-FI news followup 2019-12-28

U.S. Coast Guard Says Ryuk Ransomware Took Down Maritime Facility

www.bleepingcomputer.com/news/security/us-coast-guard-says-ryuk-ransomware-took-down-maritime-facility/ The systems encrypted by Ryuk Ransomware directly impacted the facility’s “entire corporate IT network (beyond the footprint of the facility)” [emphasis ours] and physical access and camera control systems, and it also led to “loss of critical process control monitoring systems.”

Ransomware Hits Maastricht University, All Systems Taken Down

www.bleepingcomputer.com/news/security/ransomware-hits-maastricht-university-all-systems-taken-down/ Maastricht University (UM) announced that almost all of its Windows systems have been encrypted by ransomware following a cyber-attack that took place on Monday, December 23.. UM is a university from the Netherlands with over 18,000 students, 4,400 employees, and 70,000 alumni.

Ransomware at IT Services Provider Synoptek

krebsonsecurity.com/2019/12/ransomware-at-it-services-provider-synoptek/ Synoptek, a California-based cloud hosting and IT management services provider suffered a ransomware attack this week that has disrupted operations for many of its clients.. Two sources who work at the company have now confirmed their employer was hit by Sodinokibi, a potent ransomware strain also known as rEvil.

Ransomware Situation Goes From Bad to Worse

www.darkreading.com/attacks-breaches/ransomware-situation-goes-from-bad-to-worse/d/d-id/1336664 The surge in ransomware attacks on cities, municipalities, schools, and healthcare organizations this year is just a foretaste of what is likely come in 2020.. Threat actors have sensed a very real opportunity to make big returns attacking enterprise organizations using ransomware and are refining their tools and techniques to increase their chances for success, say worried security experts.

30 years of ransomware: How one bizarre attack laid the foundations for the malware taking over the world

www.zdnet.com/article/30-years-of-ransomware-how-one-bizarre-attack-laid-the-foundations-for-the-malware-taking-over-the-world/ In December 1989 the world was introduced to the first ever ransomware – – and 30 years later ransomware attacks are now at crisis levels.

Leveraging Disk Imaging Tools to Deliver RATs

www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/leveraging-disk-imaging-tools-to-deliver-rats/ This year we observed a notable uptick in disc imaging software (like .ISO) being used as a container for serving malware via email, with .ISO archives attributing to 6% of all malware attachment archives seen this year.

Ring and Amazon get slammed with a federal lawsuit that claims the companies failed to secure cameras against hackers

www.businessinsider.com/ring-amazon-sued-federal-court-security-hacking-2fa-2019-12 The lawsuit alleges that, as a manufacturer of security products, Ring failed to meet its “most basic obligation by not ensuring its Wi-Fi enabled cameras were protected against cyber-attack.”

You might be interested in …

Daily NCSC-FI news followup 2020-09-23

Phishers spoof reliable cybersecurity training company to garner clicks blog.malwarebytes.com/scams/2020/09/phishers-spoof-reliable-cybersecurity-training-company-to-garner-clicks/ It happens to the best of us. And, indeed, no adage is better suited to a phishing campaign that recently made headlines. Fraudsters used the brand, KnowBe4a trusted cybersecurity company that offers security awareness training for organizationsto gain recipients trust, their Microsoft Outlook credentials, and […]

Read More

Daily NCSC-FI news followup 2019-08-19

GAME OVER: Detecting and Stopping an APT41 Operation www.fireeye.com/blog/threat-research/2019/08/game-over-detecting-and-stopping-an-apt41-operation.html In August 2019, FireEye released the Double Dragon report on our newest graduated threat group, APT41. A China-nexus dual espionage and financially-focused group, APT41 targets industries such as gaming, healthcare, high-tech, higher education, telecommunications, and travel services.. In this blog post, were going to examine a […]

Read More

Daily NCSC-FI news followup 2020-07-08

Redirect auction securelist.com/redirect-auction/ Razor Enhanced, a legitimate assistant tool for Ultima Online, caught our eye when it started trying to access a malicious URL.. The WHOIS data told us that its owner had stopped paying for the domain name, and that it had been purchased using a service for tracking released domains, and then put […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.