Daily NCSC-FI news followup 2020-02-14

U.S. Charges Huawei with Stealing Trade Secrets from 6 Companies

thehackernews.com/2020/02/united-states-china-huawei.html The US Department of Justice (DoJ) and the Federal Bureau of Investigation (FBI) charged Huawei with racketeering and conspiring to steal trade secrets from six US firms, in a significant escalation of a lawsuit against the Chinese telecom giant that began last year.

North Korean Malicious Cyber Activity

www.us-cert.gov/ncas/current-activity/2020/02/14/north-korean-malicious-cyber-activity The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD) have identified the following malware variants used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.

500 Chrome Extensions Caught Stealing Private Data of 1.7 Million Users

thehackernews.com/2020/02/chrome-extension-malware.html Google removed 500 malicious Chrome extensions from its Web Store after they found to inject malicious ads and siphon off user browsing data to servers under the control of attackers.. These extensions were part of a malvertising and ad-fraud campaign that’s been operating at least since January 2019

LokiBot Impersonates Popular Game Launcher and Drops Compiled C# Code File

blog.trendmicro.com/trendlabs-security-intelligence/lokibot-impersonates-popular-game-launcher-and-drops-compiled-c-code-file/ Recently, we discovered LokiBot (detected by Trend Micro as Trojan.Win32.LOKI) impersonating a popular game launcher to trick users into executing it on their machines. Further analysis revealed that a sample of this variant employs a quirky, installation routine that involves dropping a compiled C# code file.

Raportti: Iranin tukemat hakkerit tehneet hyökkäyksiä länsimaisiin yliopistoihin

yle.fi/uutiset/3-11209244 Hakkerit ovat tiettävästi yrittäneet varastaa akateemista kirjallisuutta ja oppimateriaaleja.

Facebook removes ‘foreign interference’ operations from Iran and Russia

www.bbc.com/news/blogs-trending-51493172 Facebook has removed two separate networks of fake accounts originating in Iran and Russia, for “engaging in foreign or government interference”.

Securing the Software Development Supply Chain

blog.paloaltonetworks.com/2020/02/cloud-software-development-supply-chain/

Koronavirus hakkereiden täkynä Lisätietoja epidemiasta tarjoava roskaposti levittää haittaohjelmaa

www.epressi.com/tiedotteet/tietoturva/koronavirus-hakkereiden-takyna-lisatietoja-epidemiasta-tarjoava-roskaposti-levittaa-haittaohjelmaa.html Koronaviruspelon lisäksi kyberrikolliset hyödynsivät tammikuussa ahkerasti haavoittuvuutta, jota esiintyy jo 45 prosentissa maailman yritysverkoista, kertovat tietoturvayhtiö Check Pointin tutkijat.

You might be interested in …

Daily NCSC-FI news followup 2019-06-26

Security flaw in LTE networks can let hackers send false presidential alerts cyware.com/news/security-flaw-in-lte-networks-can-let-hackers-send-false-presidential-alerts-109ceabf A vulnerability in LTE networks can be abused by hackers to launch spoofing attacks. The flaw can be exploited to send out spoofed AMBER alerts, and false presidential alerts. New Silex malware is bricking IoT devices, has scary plans www.zdnet.com/article/new-silex-malware-is-bricking-iot-devices-has-scary-plans/ A new […]

Read More

Daily NCSC-FI news followup 2020-11-06

Update Your iOS Devices Now 3 Actively Exploited 0-Days Discovered thehackernews.com/2020/11/update-your-ios-devices-now-3-actively.html Rolled out as part of its iOS, iPadOS, macOS, and watchOS updates, the flaws reside in the FontParser component and the kernel, allowing adversaries to remotely execute arbitrary code and run malicious programs with kernel-level privileges. Lisäksi: support.apple.com/en-us/HT201222. Lisäksi: us-cert.cisa.gov/ncas/current-activity/2020/11/06/apple-releases-security-updates-multiple-products. Lisäksi: threatpost.com/apple-patches-bugs-zero-days/161010/. Lisäksi: www.zdnet.com/article/apple-fixes-three-ios-zero-days-exploited-in-the-wild. […]

Read More

Daily NCSC-FI news followup 2021-02-15

Sandworm intrusion set campaign targeting Centreon systems www.cert.ssi.gouv.fr/cti/CERTFR-2021-CTI-005/ ANSSI has been informed of an intrusion campaign targeting the monitoring software Centreon distributed by the French company CENTREON which resulted in the breach of several French entities.. see full report www.cert.ssi.gouv.fr/uploads/CERTFR-2021-CTI-005.pdf Microsoft: SolarWinds attack took more than 1,000 engineers to create www.zdnet.com/article/microsoft-solarwinds-attack-took-more-than-1000-engineers-to-create/ The months-long hacking campaign […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.