Daily NCSC-FI news followup 2020-02-23

U.S. Defense Agency That Secures Trumps Communications Confirms Data Breach

www.forbes.com/sites/daveywinder/2020/02/21/us-defense-agency-that-secures-trumps-communications-confirms-data-breach/ The Department of Defense agency responsible for securing the communications of President Trump has suffered a data breach. Heres what is known so far.

Governments of the world just ramped up spying on reporters

www.cjr.org/first_person/ft-nations-surveillance-attacks.php

Transparent Tribe: Four Years Later

blog.yoroi.company/research/transparent-tribe-four-years-later/ Operation Transparent Tribe was first spotted by Proofpoint Researchers in Feb 2016, in a series of espionages operations against Indian diplomats and military personnel in some embassies in Saudi Arabia and Kazakhstan.. At that time, the researchers tracked the sources IP in Pakistan, the attacks were part of a wider operation that relies on multi vector such as watering hole websites and phishing email campaigns delivering custom RATs dubbed Crimson and Peppy. These RAT are capable of exfiltrate information, take screenshot and record webcam streams.

You might be interested in …

Daily NCSC-FI news followup 2020-08-14

NSA and FBI Cybersecurity Advisory – Russian GRU 85th GTsSS Deploys Previously Undisclosed Drovorub Malware media.defense.gov/2020/Aug/13/2002476465/-1/-1/0/CSA_DROVORUB_RUSSIAN_GRU_MALWARE_AUG_2020.PDF Drovorub is a Linux malware toolset consisting of an implant coupled with a kernel module rootkit, a file transfer and port forwarding tool, and a Command and Control (C2) server. When deployed on a victim machine, the Drovorub implant […]

Read More

Daily NCSC-FI news followup 2019-12-27

Yli puolet haittaohjelmista muhii kodin älylaitteissa – kaksi asiaa, joilla tukit helpoimmat vuotopaikat yle.fi/uutiset/3-11127237?origin=rss Kotirauhaasi häiritsevät uhat ovat varsin yksinkertaisia haittaohjelmia. Kun perusasiat ovat kunnossa, saadaan tietoturva paljon paremmaksi. Muista nämä: salasana ja laitteen päivitykset.. Nämä kaksi kriteeriä ovat myös tietoturvamerkin ehtoja laitevalmistajille – tietoturvamerkki.fi/ Kunnilla heikkoja salasanoja ja huteria palomuureja – Lahti maksoi kyberhyökkäyksen […]

Read More

Daily NCSC-FI news followup 2021-09-22

Russian state hackers use new TinyTurla malware as secondary backdoor www.bleepingcomputer.com/news/security/russian-state-hackers-use-new-tinyturla-malware-as-secondary-backdoor/ Russian state-sponsored hackers known as the Turla APT group have been using new malware over the past year that acted as a secondary persistence method on compromised systems in the U.S., Germany, and Afghanistan. Security researchers at Cisco Talos say that TinyTurla is a […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.