Daily NCSC-FI news followup 2020-02-24

Operation DRBControl

www.trendmicro.com/vinfo/us/security/news/cyber-attacks/operation-drbcontrol-uncovering-a-cyberespionage-campaign-targeting-gambling-companies-in-southeast-asia Uncovering a Cyberespionage Campaign Targeting Gambling Companies in Southeast Asia. The DRBControl campaign attacks its targets using a variety of malware and techniques that coincide with those used in other known cyberespionage campaigns.

EU Commission to staff: Switch to Signal messaging app

www.politico.eu/pro/eu-commission-to-staff-switch-to-signal-messaging-app/ The European Commission has told its staff to start using Signal, an end-to-end-encrypted messaging app, in a push to increase the security of its communications.

Cybersecurity: Hacking victims are uncovering cyberattacks faster – and GDPR is the reason why

www.zdnet.com/article/cybersecurity-hacking-victims-are-uncovering-cyber-attacks-faster-and-gdpr-is-the-reason-why/ Organisations are still falling victim to hackers, but a new report from FireEye suggests that data protection legislation has improved the response time to cyberattacks.

WhatsApp, Telegram Group Invite Links Leaked in Public Searches

www.bleepingcomputer.com/news/security/whatsapp-telegram-group-invite-links-leaked-in-public-searches/ Invite links for WhatsApp and Telegram groups that may not be intended for public access are available through simple lookups on popular web search engines.

Malvertising in Govt, Enterprise Targets Old Software, Macs

www.bleepingcomputer.com/news/security/malvertising-in-govt-enterprise-targets-old-software-macs/ A new report on malicious advertising underscores the importance of using modern web browsers and making sure your operating system is up to date with the latest security updates to prevent being infected.

Racoon Malware Steals Your Data From Nearly 60 Apps

www.bleepingcomputer.com/news/security/racoon-malware-steals-your-data-from-nearly-60-apps/ An infostealing malware that is relatively new on cybercriminal forums can extract sensitive data from about 60 applications on a targeted computer.

Calling for security research in Azure Sphere, now generally available

msrc-blog.microsoft.com/2020/02/24/calling-for-security-research-in-azure-sphere/ also:


Samsung cops to data breach after unsolicited ‘1/1’ Find my Mobile push notification

www.theregister.co.uk/2020/02/24/samsung_data_breach_find_my_mobile/ Samsung has admitted that what it calls a “small number” of users could indeed read other people’s personal data following last week’s unexplained Find my Mobile notification.

Google rolls out Titan keys to Europe, Japan. Plus: Group Policy bug is a feature, not a flaw, says Microsoft


Zyxel Fixes 0day in Network Storage Devices

krebsonsecurity.com/2020/02/zyxel-fixes-0day-in-network-storage-devices/ Patch comes amid active exploitation by ransomware gangs

Google rolls out Titan keys to Europe, Japan. Plus: Group Policy bug is a feature, not a flaw, says Microsoft


Zyxel Fixes 0day in Network Storage Devices

krebsonsecurity.com/2020/02/zyxel-fixes-0day-in-network-storage-devices/ Patch comes amid active exploitation by ransomware gangs

California man arrested on charges his DDoSes took down candidates website

arstechnica.com/information-technology/2020/02/california-man-arrested-on-charges-his-ddoses-took-down-candidates-website/ Feds say defendant used Amazon servers to wage DDoS attacks that cost the rival campaign.

Cisco unveils SecureX cloud platform for improved security visibility

www.zdnet.com/article/cisco-unveils-securex-cloud-platform-for-improved-security-visibility/ Cisco’s new platform aims to give businesses better visibility across their security portfolio via analytics and workflow automation.

Redefining Security Orchestration and Automation with Cortex XSOAR

blog.paloaltonetworks.com/2020/02/cortex-xsoar/ We are proud to introduce Cortex XSOAR, an evolution of Demisto, that continues our tradition of raising the bar for the security orchestration, automation and response (SOAR) category.

Google Cloud unveils new tools for detecting modern threats

www.zdnet.com/article/google-cloud-unveils-new-tools-for-detecting-modern-threats/ Google Cloud on Monday announced a series of new security capabilities, including a new way to detect threats with Chronicle’s security analytics platform. The new security tools line up with Google Cloud’s broader efforts to cater to enterprise customers.

European Union cybersecurity agency ENISA has issued advice on ensuring hospital computer networks are protected against cyber attacks.


iPhone and iPad apps can snoop on everything you copy to the clipboard

www.zdnet.com/article/iphone-and-ipad-apps-can-snoop-on-everything-you-copy-to-the-clipboard/ But Apple doesn’t think that this is a problem.

Cybersecurity alliance launches first open source messaging framework for security tools

www.zdnet.com/article/cybersecurity-alliance-launches-first-open-source-messaging-framework-for-security-tools/ OpenDXL Ontology is designed for data and command sharing between cybersecurity software.

LTE security flaw can be abused to take out subscriptions at your expense

www.zdnet.com/article/lte-security-flaw-can-be-abused-to-take-out-subscriptions-at-your-expense/ Researchers say the vulnerability impacts virtually all smartphones on the market.. report: imp4gt-attacks.net/

You might be interested in …

Daily NCSC-FI news followup 2020-08-25

DDoS Hide & Seek: On the Effectiveness of a Booter Services Takedown labs.ripe.net/Members/daniel_kopp/ddos-hide-and-seek In this article, we investigated booter-based DDoS attacks in the wild and the impact of an FBI takedown targeting fifteen booter websites in December 2018. We investigated and compared attack properties of multiple booter services by launching DDoS attacks against our own […]

Read More

Daily NCSC-FI news followup 2021-03-25

Supon vuosikirja 2020: Terrorismin uhka-arviossa näkyy äärioikeiston muuttunut tilannekuva supo.fi/-/supon-vuosikirja-2020-terrorismin-uhka-arviossa-nakyy-aarioikeiston-muuttunut-tilannekuva Terrorismin uhka Suomessa on edelleen tasolla kaksi eli kohonnut. Suurin muutos on tapahtunut äärioikeistolaisen terrorismin tilannekuvassa. Koronapandemia vaikutti kybervakoilun kasvuun. Suojelupoliisi havaitsi poikkeuksellisen intensiivisiä valtiollisia kybervakoiluyrityksiä, jotka kohdistuivat Suomen ulko- ja turvallisuuspoliittisen päätöksenteon valmisteluun. Cybersecurity: Council adopts conclusions on the EU’s cybersecurity strategy www.consilium.europa.eu/en/press/press-releases/2021/03/22/cybersecurity-council-adopts-conclusions-on-the-eu-s-cybersecurity-strategy/ The […]

Read More

Daily NCSC-FI news followup 2021-07-09

Banking Trojans in a business wrapper www.kaspersky.com/blog/icedid-qbot-banking-trojans-in-spam/40552/ Spammers are using malicious macros to distribute IcedID and Qbot banking malware in seemingly important documents. For employees facing hundreds of e-mails, the temptation to speed-read and download attachments on autopilot can be great. Cybercriminals, of course, take advantage, sending out seemingly important documents that might contain just […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.