Daily NCSC-FI news followup 2020-02-14

U.S. Charges Huawei with Stealing Trade Secrets from 6 Companies

thehackernews.com/2020/02/united-states-china-huawei.html The US Department of Justice (DoJ) and the Federal Bureau of Investigation (FBI) charged Huawei with racketeering and conspiring to steal trade secrets from six US firms, in a significant escalation of a lawsuit against the Chinese telecom giant that began last year.

North Korean Malicious Cyber Activity

www.us-cert.gov/ncas/current-activity/2020/02/14/north-korean-malicious-cyber-activity The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD) have identified the following malware variants used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.

500 Chrome Extensions Caught Stealing Private Data of 1.7 Million Users

thehackernews.com/2020/02/chrome-extension-malware.html Google removed 500 malicious Chrome extensions from its Web Store after they found to inject malicious ads and siphon off user browsing data to servers under the control of attackers.. These extensions were part of a malvertising and ad-fraud campaign that’s been operating at least since January 2019

LokiBot Impersonates Popular Game Launcher and Drops Compiled C# Code File

blog.trendmicro.com/trendlabs-security-intelligence/lokibot-impersonates-popular-game-launcher-and-drops-compiled-c-code-file/ Recently, we discovered LokiBot (detected by Trend Micro as Trojan.Win32.LOKI) impersonating a popular game launcher to trick users into executing it on their machines. Further analysis revealed that a sample of this variant employs a quirky, installation routine that involves dropping a compiled C# code file.

Raportti: Iranin tukemat hakkerit tehneet hyökkäyksiä länsimaisiin yliopistoihin

yle.fi/uutiset/3-11209244 Hakkerit ovat tiettävästi yrittäneet varastaa akateemista kirjallisuutta ja oppimateriaaleja.

Facebook removes ‘foreign interference’ operations from Iran and Russia

www.bbc.com/news/blogs-trending-51493172 Facebook has removed two separate networks of fake accounts originating in Iran and Russia, for “engaging in foreign or government interference”.

Securing the Software Development Supply Chain

blog.paloaltonetworks.com/2020/02/cloud-software-development-supply-chain/

Koronavirus hakkereiden täkynä Lisätietoja epidemiasta tarjoava roskaposti levittää haittaohjelmaa

www.epressi.com/tiedotteet/tietoturva/koronavirus-hakkereiden-takyna-lisatietoja-epidemiasta-tarjoava-roskaposti-levittaa-haittaohjelmaa.html Koronaviruspelon lisäksi kyberrikolliset hyödynsivät tammikuussa ahkerasti haavoittuvuutta, jota esiintyy jo 45 prosentissa maailman yritysverkoista, kertovat tietoturvayhtiö Check Pointin tutkijat.

You might be interested in …

Daily NCSC-FI news followup 2021-05-26

North Korean (LAZARUS) hackers behind CryptoCore multi-million dollar heists www.bleepingcomputer.com/news/security/north-korean-hackers-behind-cryptocore-multi-million-dollar-heists/ Security researchers piecing together evidence from multiple attacks on cryptocurrency exchanges, attributed to a threat actor they named CryptoCore have established a strong connection to the North Korean state-sponsored group Lazarus. Full report as PDF: www.clearskysec.com/wp-content/uploads/2021/05/CryptoCore-Lazarus-Clearsky.pdf Russian Hydra DarkNet Market Made Over $1.3 Billion in […]

Read More

Daily NCSC-FI news followup 2021-04-30

DarkPath scam group loses 134 domains impersonating the WHO therecord.media/darkpath-scam-group-loses-134-domains-impersonating-the-who/ United Nations security experts and security firm Group-IB said they worked together to take down 134 websites operated by a cybercrime group known as DarkPath. Group-IB told The Record that after notifying the UN’s International Computing Centre, they worked with “a wide network of regulators […]

Read More

Daily NCSC-FI news followup 2019-07-27

New York Passes Law to Update Data Breach Notification Requirements www.bleepingcomputer.com/news/security/new-york-passes-law-to-update-data-breach-notification-requirements/ New York Governor Andrew M. Cuomo signed the Stop Hacks and Improve Electronic Data Security (SHIELD) Act into law, with the new consumer privacy policy being designed to protect New Yorkers’ private data and strengthen the state’s data breach policies.. The signed legislation, sponsored […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.