Microsoft Hijacks Necurs Botnet that Infected 9 Million PCs Worldwide
thehackernews.com/2020/03/necurs-botnet-takedown.html Microsoft today announced that it has successfully disrupted the botnet network of the Necurs malware, which has infected more than 9 million computers globally, and also hijacked the majority of its infrastructure.
Fingridin kumppani joutui tietomurron uhriksi Verkot ovat hyvin suojassa edelleen
www.is.fi/digitoday/tietoturva/art-2000006434452.html Hyökkäys Entso-E:n tietojärjestelmiin ei aiheuta vaaraa Suomen sähköverkoille, Fingrid vakuuttaa.
NSA Warns About Microsoft Exchange Flaw as Attacks Start
www.bleepingcomputer.com/news/security/nsa-warns-about-microsoft-exchange-flaw-as-attacks-start/ The U.S. National Security Agency (NSA) warned about a post-auth remote code execution vulnerability in all supported Microsoft Exchange Server servers via a tweet published on the agency’s Twitter account.
Intel CPUs vulnerable to new LVI attacks
www.zdnet.com/article/intel-cpus-vulnerable-to-new-lvi-attacks/ Researchers say Intel processors will need another round of silicon chip re-designs to protect against new attack.
Rocket Loader skimmer impersonates CloudFlare library in clever scheme
Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487)
blog.trendmicro.com/trendlabs-security-intelligence/busting-ghostcat-an-analysis-of-the-apache-tomcat-vulnerability-cve-2020-1938-and-cnvd-2020-10487/ Discussions surrounding the Ghostcat vulnerability (CVE-2020-1938 and CNVD-2020-10487) found in Apache Tomcat puts it in the spotlight as researchers looked into its security impact, specifically its potential use for remote code execution (RCE).
Microsoft shares nightmare tale: 6 sets of hackers on a customer’s network
www.zdnet.com/article/microsoft-shares-nightmare-tale-6-sets-of-hackers-on-a-customers-network/ Microsoft’s first report from its Detection and Response Team (DART), which helps customers in deep cyber trouble, details the case of a large customer with six threat actors simultaneously on its network, including one state-sponsored hacker group that had been stealing data and email for 243 days. . see also
FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts
krebsonsecurity.com/2020/03/fbi-arrests-alleged-owner-of-deer-io-a-top-broker-of-stolen-accounts/ FBI officials last week arrested a Russian computer security researcher on suspicion of operating deer.io, a vast marketplace for buying and selling stolen account credentials for thousands of popular online services and stores.
Paradise Ransomware Distributed via Uncommon Spam Attachment
www.bleepingcomputer.com/news/security/paradise-ransomware-distributed-via-uncommon-spam-attachment/ Attackers have started to send Excel Web Query attachments in phishing campaigns to download and install the Paradise Ransomware on unsuspecting victims.
How poor IoT security is allowing this 12-year-old malware to make a comeback
www.zdnet.com/article/how-poor-iot-security-is-allowing-this-ten-year-old-malware-to-make-a-comeback/ Conficker peaked in 2009, but unsupported connected devices are allowing it to spread in 2020 – and the healthcare sector is where it’s infected the most targets.
WHO’S HACKING THE HACKERS: NO HONOR AMONG THIEVES
www.cybereason.com/blog/whos-hacking-the-hackers-no-honor-among-thieves Cybereason Nocturnus is investigating a campaign where attackers are trojanizing multiple hacking tools with njRat, a well known RAT. The campaign ultimately gives attackers total access to the target machine. The threat actors behind this campaign are posting malware embedded inside various hacking tools and cracks for those tools on several websites.