Categories
NCSC-FI News followup

Daily NCSC-FI news followup 2020-01-02

New evasion techniques found in web skimmers

blog.malwarebytes.com/threat-analysis/2019/12/new-evasion-techniques-found-in-web-skimmers/ For a number of years, criminals have been able to steal credit card details from unaware online shoppers without attracting too much attention. Few people in the security industry were talking about these credit card web skimmers, both server-side and client-side, before the latter became largely known as Magecart.

Landry’s restaurant chain disclose POS malware incident

www.zdnet.com/article/landrys-restaurant-chain-disclose-pos-malware-incident/ US restaurant chain Landry’s disclosed a security incident that involved the discovery of malware on the network of hundreds of restaurants.

Ransomware Attackers Offer Holiday Discounts and Greetings

www.bleepingcomputer.com/news/security/ransomware-attackers-offer-holiday-discounts-and-greetings/ To celebrate the holidays, ransomware operators are providing discounts or season’s greetings to entice victims into paying a ransom demand.Such is the case with the Sodinokibi Ransomware (REvil) who MalwareHunterTeam noticed had changed their ransom note over the holidays to include a new message wishing the victims a “Merry Christmas and Happy Holidays”.

Starbucks Devs Leave API Key in GitHub Public Repo

www.bleepingcomputer.com/news/security/starbucks-devs-leave-api-key-in-github-public-repo/ One misstep from developers at Starbucks left exposed an API key that could be used by an attacker to access internal systems and manipulate the list of authorized users.

Post-quantum TLS now supported in AWS KMS https://aws.amazon.com/blogs/security/post-quantum-tls-now-supported-in-aws-kms/ AWS Key Management Service (AWS KMS) now supports post-quantum hybrid key exchange for the Transport Layer Security (TLS) network encryption protocol that is used when connecting to KMS API endpoints. In this post, Ill tell you what post-quantum TLS is, what hybrid key exchange is, why its important, how to take advantage of this new feature, and how to give us feedback.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.