Daily NCSC-FI news followup 2020-01-29

EXCLUSIVE: The cyber attack the UN tried to keep under wraps

www.thenewhumanitarian.org/investigation/2020/01/29/united-nations-cyber-attack The UN did not publicly disclose a major hacking attack into its IT systems in Europe a decision that potentially put staff, other organisations, and individuals at risk, according to data protection advocates.. also: apnews.com/0d958e15d7f5081dd612f07482f48b73

Someone Tried to Hack My Phone. Technology Researchers Accused Saudi Arabia.

www.nytimes.com/2020/01/28/reader-center/phone-hacking-saudi-arabia.html – From a suspicious text message I received, technology researchers concluded that hackers working for Saudi Arabia had targeted my phone with powerful Israeli software.. also:

citizenlab.ca/2020/01/stopping-the-press-new-york-times-journalist-targeted-by-saudi-linked-pegasus-spyware-operator/

Wawa Breach May Have Compromised More Than 30 Million Payment Cards

krebsonsecurity.com/2020/01/wawa-breach-may-have-compromised-more-than-30-million-payment-cards/ In late December 2019, fuel and convenience store chain Wawa Inc. said a nine-month-long breach of its payment card processing systems may have led to the theft of card data from customers who visited any of its 850 locations nationwide. Now, fraud experts say the first batch of card data stolen from Wawa customers is being sold at one of the undergrounds most popular crime shops, which claims

Canadian insurer paid for ransomware decryptor. Now it’s hunting the scum down

www.theregister.co.uk/2020/01/29/canadian_insurer_paid_ransomware_hunt/ A Canadian insurance business struck by ransomware paid off the crooks via a cyber insurance policy and their English reinsurers, having shelled out 109.25 Bitcoins, want it back from the alleged blackmailers.. Neither company was going to pay out and forget the incident. The English reinsurer hired Chainalysis Inc, a “blockchain investigations firm”, which eventually pinpointed the people responsible.. also:

www.coindesk.com/british-court-freezes-860000-in-bitcoin-linked-to-ransomware-payout

2019 saw more cryptocurrency hacks than any other year

www.zdnet.com/article/2019-saw-more-cryptocurrency-hacks-than-any-other-year/ Hackers launched more attacks against cryptocurrency exchanges in 2019, but stole fewer funds.. In 2019, hackers have successfully breached 11 major cryptocurrency exchanges and have stolen more than $283 million worth of cryptocurrency, according to blockchain analysis firm Chainalysis.

Sitra: Datan liikkumista mahdoton hahmottaa gdpr täysin riittämätön

www.tivi.fi/uutiset/tv/e060fafc-9a03-486e-9f5b-421fe366fdb0

Sprint Exposed Customer Support Site to Web

krebsonsecurity.com/2020/01/sprint-exposed-customer-support-site-to-web/ Fresh on the heels of a disclosure that Microsoft Corp. leaked internal customer support data to the Internet, mobile provider Sprint has addressed a mix-up in which posts to a private customer support community were exposed to the Web.

SIM Swappers Are Phishing Telecom Company Employees to Access Internal Tools

www.vice.com/en_us/article/v74b4d/sim-swappers-phishing-verizon-sprint-tmobile-to-access-internal-tools SIM swappers are particularly interested in a tool called Omni from Verizon that allows hackers to take over phone numbers.

Leaked Documents Expose the Secretive Market for Your Web Browsing Data

www.vice.com/en_us/article/qjdkq7/avast-antivirus-sells-user-browsing-data-investigation An Avast antivirus subsidiary sells ‘Every search. Every click. Every buy. On every site.’ Its clients have included Home Depot, Google, Microsoft, Pepsi, and McKinsey.

Why the UK is banning default passwords in IoT devices

tech.newstatesman.com/security/uk-banning-default-passwords

Apple has a Vladimir Putin problem

www.fastcompany.com/90456530/apple-has-a-vladimir-putin-problem In November 2019, Russian parliament passed whats become

Google Continues to Prod Holes in Apples Security

www.cbronline.com/news/apple-cves-google One vulnerability could allow attackers nearby to remote control any Mac systems with zero interaction.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.