Daily NCSC-FI news followup 2020-04-10

Large email extortion campaign underway, DON’T PANIC!

www.bleepingcomputer.com/news/security/large-email-extortion-campaign-underway-dont-panic/ A large email extortion campaign is underway telling recipients that their computer was hacked and that a video was taken through the hacked computer’s webcam. The attackers then demand $1,900 in bitcoins or the video will be sent to family and friends.

Ransomware scumbags leak Boeing, Lockheed Martin, SpaceX documents after contractor refuses to pay

www.theregister.co.uk/2020/04/10/lockheed_martin_spacex_ransomware_leak/ Internal confidential documents belonging to some of the largest aerospace companies in the world have been stolen from an industrial contractor and leaked online.

5G Virus Conspiracy Theory Fueled by Coordinated Effort

www.bloomberg.com/news/articles/2020-04-09/covid-19-link-to-5g-technology-fueled-by-coordinated-effort Marc Owen Jones, a researcher at Hamad bin Khalifa University in Qatar, who specializes in online disinformation networks, analyzed 22,000 recent interactions on Twitter mentioning 5G and corona, and said he found a large number of accounts displaying what he termed inauthentic activity. He said the effort bears some hallmarks of a state-backed campaign.

Ever needed a Zoom password? Probably not. But why not?

www.welivesecurity.com/2020/04/09/ever-needed-zoom-password-probably-not-why/ With Zoom and Zoom-bombing being all the rage, heres why the apps default password settings may be leaving the backdoor wide open

US wants to ban China Telecom over national cybersecurity risks

www.bleepingcomputer.com/news/security/us-wants-to-ban-china-telecom-over-national-cybersecurity-risks/ Several U.S. Executive Branch agencies are asking the Federal Communications Commission (FCC) to block China Telecom Americas authorization to operate within the United States over significant cybersecurity risks.

Microsoft: Azure delays not acknowledged for 5 hours because manager was asleep

www.zdnet.com/article/microsoft-azure-delays-not-acknowledged-for-5-hours-because-manager-was-asleep/ Microsoft has revealed it took five hours to acknowledge lengthy disruptions affecting European customers in late March because the task of informing customers relied on a US-based incident manager, who was asleep at the time.

Unique P2P Architecture Gives DDG Botnet Unstoppable Status

threatpost.com/p2p-ddg-botnet-unstoppable/154650/ DDG might be the worlds first P2P-based cryptomining botnet.

The Sandboxie Windows sandbox isolation tool is now open-source!

www.bleepingcomputer.com/news/software/the-sandboxie-windows-sandbox-isolation-tool-is-now-open-source/ Cybersecurity firm Sophos announced today that it has open-sourced the Sandboxie Windows sandbox-based isolation utility 15 years after it was released.

Compromised Zoom Credentials Swapped in Underground Forums

threatpost.com/compromised-zoom-credentials-underground-forums/154616/ Thousands of compromised Zoom credentials were discovered in underground forums as cybercriminals look to tap into the burgeoning remote workforce.

San Francisco Intl Airport discloses data breach after hack

www.bleepingcomputer.com/news/security/san-francisco-intl-airport-discloses-data-breach-after-hack/ San Francisco International Airport (SFO) disclosed a data breach after two of its websites, SFOConnect.com and SFOConstruction.com, were hacked during March 2020.

Dutch police arrests suspect behind DDoS attacks on government sites

www.bleepingcomputer.com/news/security/dutch-police-arrests-suspect-behind-ddos-attacks-on-government-sites/ A 19-year old man from Breda, Netherlands, was arrested today for allegedly carrying out distributed denial-of-service (DDoS) attacks that caused two Dutch government websites to shut down for several hours on March 19, 2020.

Critical VMware Bug Opens Up Corporate Treasure to Hackers

threatpost.com/critical-vmware-bug-corporate-treasure-hackers/154682/ A critical information-disclosure bug in VMwares Directory Service (vmdir) could lay bare the contents of entire corporate virtual infrastructures, if exploited by cyberattackers.. see also


Promising Results for Post-Quantum Certificates in TLS 1.3

blogs.cisco.com/security/promising-results-for-post-quantum-certificates-in-tls-1-3 Quantum Computers could threaten the security of TLS key exchange and authentication. To assess the performance of post-quantum certificates TLS 1.3, we evaluated NIST Round 2 signature algorithms and concluded that two of them offer acceptable speeds. We also analyzed other implications of post-quantum certs in TLS. More details in


You might be interested in …

Daily NCSC-FI news followup 2020-02-13

US says it can prove Huawei has backdoor access to mobile-phone networks arstechnica.com/tech-policy/2020/02/us-gave-allies-evidence-that-huawei-can-snoop-on-phone-networks-wsj-says/ “We have evidence that Huawei has the capability secretly to access sensitive and personal information in systems it maintains and sells around the world,” US National Security Adviser Robert O’Brien told the Journal.. The US kept the intelligence highly classified until late […]

Read More

Daily NCSC-FI news followup 2019-06-21

Iranian Hackers Launch a New US-Targeted Campaign as Tensions Mount www.wired.com/story/iran-hackers-us-phishing-tensions/ WHEN TWO COUNTRIES begin to threaten war in 2019, it’s a safe bet that they’ve already been hacking each other’s networks. Right on schedule, three different cybersecurity firms now say they’ve watched Iran’s hackers try to gain access to a wide array of US […]

Read More

Daily NCSC-FI news followup 2021-01-26

Poliisi tutkii jälleen huijauksia Mieheltä vietiin lähes 300 000 euroa poliisi.fi/-/poliisi-tutkii-jalleen-huijauksia-miehelta-vietiin-lahes-300-000-euroa Helsingin poliisi tutkii kahta erillistä tapausta, joissa uhreilta huijattiin puhelimitse ja sähköpostitse rahaa. Also: www.is.fi/digitoday/art-2000007763427.html CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit) blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit The Qualys Research Team has discovered a heap overflow vulnerability in sudo, a near-ubiquitous utility available on major Unix-like operating […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.