Daily NCSC-FI news followup 2020-02-14

U.S. Charges Huawei with Stealing Trade Secrets from 6 Companies

thehackernews.com/2020/02/united-states-china-huawei.html The US Department of Justice (DoJ) and the Federal Bureau of Investigation (FBI) charged Huawei with racketeering and conspiring to steal trade secrets from six US firms, in a significant escalation of a lawsuit against the Chinese telecom giant that began last year.

North Korean Malicious Cyber Activity

www.us-cert.gov/ncas/current-activity/2020/02/14/north-korean-malicious-cyber-activity The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD) have identified the following malware variants used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.

500 Chrome Extensions Caught Stealing Private Data of 1.7 Million Users

thehackernews.com/2020/02/chrome-extension-malware.html Google removed 500 malicious Chrome extensions from its Web Store after they found to inject malicious ads and siphon off user browsing data to servers under the control of attackers.. These extensions were part of a malvertising and ad-fraud campaign that’s been operating at least since January 2019

LokiBot Impersonates Popular Game Launcher and Drops Compiled C# Code File

blog.trendmicro.com/trendlabs-security-intelligence/lokibot-impersonates-popular-game-launcher-and-drops-compiled-c-code-file/ Recently, we discovered LokiBot (detected by Trend Micro as Trojan.Win32.LOKI) impersonating a popular game launcher to trick users into executing it on their machines. Further analysis revealed that a sample of this variant employs a quirky, installation routine that involves dropping a compiled C# code file.

Raportti: Iranin tukemat hakkerit tehneet hyökkäyksiä länsimaisiin yliopistoihin

yle.fi/uutiset/3-11209244 Hakkerit ovat tiettävästi yrittäneet varastaa akateemista kirjallisuutta ja oppimateriaaleja.

Facebook removes ‘foreign interference’ operations from Iran and Russia

www.bbc.com/news/blogs-trending-51493172 Facebook has removed two separate networks of fake accounts originating in Iran and Russia, for “engaging in foreign or government interference”.

Securing the Software Development Supply Chain

blog.paloaltonetworks.com/2020/02/cloud-software-development-supply-chain/

Koronavirus hakkereiden täkynä Lisätietoja epidemiasta tarjoava roskaposti levittää haittaohjelmaa

www.epressi.com/tiedotteet/tietoturva/koronavirus-hakkereiden-takyna-lisatietoja-epidemiasta-tarjoava-roskaposti-levittaa-haittaohjelmaa.html Koronaviruspelon lisäksi kyberrikolliset hyödynsivät tammikuussa ahkerasti haavoittuvuutta, jota esiintyy jo 45 prosentissa maailman yritysverkoista, kertovat tietoturvayhtiö Check Pointin tutkijat.

You might be interested in …

Daily NCSC-FI news followup 2020-06-03

Critical SAP ASE Flaws Allow Complete Control of Databases threatpost.com/critical-sap-ase-flaws-complete-control-databases/156239/ If exploited, the most severe flaws could give unprivileged users complete control of databases and in some cases even underlying operating systems – The most severe vulnerability, CVE-2020-6248, has a CVSS score of 9.1 out of 10. See also: wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=545396222. And also: www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/system-takeover-through-new-sap-ase-vulnerabilities/ Vulnerability Spotlight: […]

Read More

Daily NCSC-FI news followup 2020-09-06

Ransomware attack halts Argentinian border crossing for four hours www.bleepingcomputer.com/news/security/ransomware-attack-halts-argentinian-border-crossing-for-four-hours/ Argentina’s official immigration agency, Dirección Nacional de Migraciones, suffered a Netwalker ransomware attack that temporarily halted border crossing into and out of the country. The ransomware demanded $4 million and leaked data from the breach online. Visa warns of new Baka credit card JavaScript skimmer […]

Read More

Daily NCSC-FI news followup 2020-07-27

Alert (AA20-209A) Potential Legacy Risk from Malware Targeting QNAP NAS Devices us-cert.cisa.gov/ncas/alerts/aa20-209 CISA and NCSC are investigating a strain of malware known as QSnatch, which attackers used in late 2019 to target Network Attached Storage (NAS) devices manufactured by the firm QNAP.. All QNAP NAS devices are potentially vulnerable to QSnatch malware if not updated […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.