Daily NCSC-FI news followup 2020-04-10

Large email extortion campaign underway, DON’T PANIC!

www.bleepingcomputer.com/news/security/large-email-extortion-campaign-underway-dont-panic/ A large email extortion campaign is underway telling recipients that their computer was hacked and that a video was taken through the hacked computer’s webcam. The attackers then demand $1,900 in bitcoins or the video will be sent to family and friends.

Ransomware scumbags leak Boeing, Lockheed Martin, SpaceX documents after contractor refuses to pay

www.theregister.co.uk/2020/04/10/lockheed_martin_spacex_ransomware_leak/ Internal confidential documents belonging to some of the largest aerospace companies in the world have been stolen from an industrial contractor and leaked online.

5G Virus Conspiracy Theory Fueled by Coordinated Effort

www.bloomberg.com/news/articles/2020-04-09/covid-19-link-to-5g-technology-fueled-by-coordinated-effort Marc Owen Jones, a researcher at Hamad bin Khalifa University in Qatar, who specializes in online disinformation networks, analyzed 22,000 recent interactions on Twitter mentioning 5G and corona, and said he found a large number of accounts displaying what he termed inauthentic activity. He said the effort bears some hallmarks of a state-backed campaign.

Ever needed a Zoom password? Probably not. But why not?

www.welivesecurity.com/2020/04/09/ever-needed-zoom-password-probably-not-why/ With Zoom and Zoom-bombing being all the rage, heres why the apps default password settings may be leaving the backdoor wide open

US wants to ban China Telecom over national cybersecurity risks

www.bleepingcomputer.com/news/security/us-wants-to-ban-china-telecom-over-national-cybersecurity-risks/ Several U.S. Executive Branch agencies are asking the Federal Communications Commission (FCC) to block China Telecom Americas authorization to operate within the United States over significant cybersecurity risks.

Microsoft: Azure delays not acknowledged for 5 hours because manager was asleep

www.zdnet.com/article/microsoft-azure-delays-not-acknowledged-for-5-hours-because-manager-was-asleep/ Microsoft has revealed it took five hours to acknowledge lengthy disruptions affecting European customers in late March because the task of informing customers relied on a US-based incident manager, who was asleep at the time.

Unique P2P Architecture Gives DDG Botnet Unstoppable Status

threatpost.com/p2p-ddg-botnet-unstoppable/154650/ DDG might be the worlds first P2P-based cryptomining botnet.

The Sandboxie Windows sandbox isolation tool is now open-source!

www.bleepingcomputer.com/news/software/the-sandboxie-windows-sandbox-isolation-tool-is-now-open-source/ Cybersecurity firm Sophos announced today that it has open-sourced the Sandboxie Windows sandbox-based isolation utility 15 years after it was released.

Compromised Zoom Credentials Swapped in Underground Forums

threatpost.com/compromised-zoom-credentials-underground-forums/154616/ Thousands of compromised Zoom credentials were discovered in underground forums as cybercriminals look to tap into the burgeoning remote workforce.

San Francisco Intl Airport discloses data breach after hack

www.bleepingcomputer.com/news/security/san-francisco-intl-airport-discloses-data-breach-after-hack/ San Francisco International Airport (SFO) disclosed a data breach after two of its websites, SFOConnect.com and SFOConstruction.com, were hacked during March 2020.

Dutch police arrests suspect behind DDoS attacks on government sites

www.bleepingcomputer.com/news/security/dutch-police-arrests-suspect-behind-ddos-attacks-on-government-sites/ A 19-year old man from Breda, Netherlands, was arrested today for allegedly carrying out distributed denial-of-service (DDoS) attacks that caused two Dutch government websites to shut down for several hours on March 19, 2020.

Critical VMware Bug Opens Up Corporate Treasure to Hackers

threatpost.com/critical-vmware-bug-corporate-treasure-hackers/154682/ A critical information-disclosure bug in VMwares Directory Service (vmdir) could lay bare the contents of entire corporate virtual infrastructures, if exploited by cyberattackers.. see also


Promising Results for Post-Quantum Certificates in TLS 1.3

blogs.cisco.com/security/promising-results-for-post-quantum-certificates-in-tls-1-3 Quantum Computers could threaten the security of TLS key exchange and authentication. To assess the performance of post-quantum certificates TLS 1.3, we evaluated NIST Round 2 signature algorithms and concluded that two of them offer acceptable speeds. We also analyzed other implications of post-quantum certs in TLS. More details in


You might be interested in …

Daily NCSC-FI news followup 2020-04-20

Taiwan High-Tech Ecosystem Targeted by Foreign APT Group: medium.com/@cycraft_corp/taiwan-high-tech-ecosystem-targeted-by-foreign-apt-group-5473d2ad8730 – From what we found even those who use VPNs are at risk even more so than usual. Read below to see how and what to do about it. The main objective of these attacks was the exfiltration of intellectual property, such as documents on integrated […]

Read More

Daily NCSC-FI news followup 2019-10-15

Linux SUDO Bug Lets You Run Commands as Root, Most Installs Unaffected www.bleepingcomputer.com/news/linux/linux-sudo-bug-lets-you-run-commands-as-root-most-installs-unaffected/ A vulnerability in the Linux sudo command has been discovered that could allow unprivileged users to execute commands as root. Thankfully, this vulnerability only works in non-standard configurations and most Linux servers are unaffected. Building China’s Comac C919 airplane involved a lot […]

Read More

Daily NCSC-FI news followup 2019-09-06

Critical Exim TLS Flaw Lets Attackers Remotely Execute Commands as Root www.bleepingcomputer.com/news/security/critical-exim-tls-flaw-lets-attackers-remotely-execute-commands-as-root/ The bug allows local or unauthenticated remote attackers to execute programs with root privileges on servers that accept TLS connections. Metasploit team releases BlueKeep exploit www.zdnet.com/article/metasploit-team-releases-bluekeep-exploit/ Metasploit BlueKeep module can achieve code execution, is easy to use.. BlueKeep, also known as CVE-2019-0708, is […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.