Categories
NCSC-FI News followup

Daily NCSC-FI news followup 2020-04-18

German government loses tens of millions of euros in COVID-19 phishing attack

www.zdnet.com/article/german-government-loses-tens-of-millions-of-euros-in-covid-19-phishing-attack/ The government of North Rhine-Westphalia, a province in western Germany, is believed to have lost tens of millions of euros after it failed to build a secure website for distributing coronavirus emergency aid funding. The funds were lost following a classic phishing operation.

Microsoft: Trickbot in hundreds of unique COVID-19 lures per week

www.bleepingcomputer.com/news/security/microsoft-trickbot-in-hundreds-of-unique-covid-19-lures-per-week/ TrickBot is, at the moment, the malware showing up in the highest number of unique COVID-19 related malicious emails and attachments delivered to potential victims’ inboxes based on Microsoft’s Office 365 Advanced Threat Protection (ATP) data.

FBI says cybercrime reports quadrupled during COVID-19 pandemic

www.zdnet.com/article/fbi-says-cybercrime-reports-quadrupled-during-covid-19-pandemic/ FBI official also says foreign hackers targeted COVID-19 research

Growth in surveillance may be hard to scale back after pandemic, experts say

www.theguardian.com/world/2020/apr/14/growth-in-surveillance-may-be-hard-to-scale-back-after-coronavirus-pandemic-experts-say

GitHub accounts stolen in ongoing phishing attacks

www.bleepingcomputer.com/news/security/github-accounts-stolen-in-ongoing-phishing-attacks/ GitHub users are currently being targeted by a phishing campaign specifically designed to collect and steal their credentials via landing pages mimicking GitHub’s login page.

Microsoft helped stop a botnet controlled via an LED light console

www.bleepingcomputer.com/news/security/microsoft-helped-stop-a-botnet-controlled-via-an-led-light-console/ Microsoft says that its Digital Crimes Unit (DCU) discovered and helped take down a botnet of 400, 000 compromised devices controlled with the help of an LED light control console.

Office printers: The ticking IT time bomb hiding in plain sight

www.helpnetsecurity.com/2020/04/17/unprotected-printers/ Office printers don’t have to be security threats: with foresight and maintenance they’re very easily threat-proofed. The problem is that system administrators rarely give the humble printer (or scanner, or multifunction printer) much attention.

US govt: Hacker used stolen AD credentials to ransom hospitals

www.bleepingcomputer.com/news/security/us-govt-hacker-used-stolen-ad-credentials-to-ransom-hospitals/ Hackers have deployed ransomware on the systems of U.S. hospitals and government entities using Active Directory credentials stolen months after exploiting a known pre-auth remote code execution (RCE) vulnerability in their Pulse Secure VPN servers.

IT services giant Cognizant suffers Maze Ransomware cyber attack

www.bleepingcomputer.com/news/security/it-services-giant-cognizant-suffers-maze-ransomware-cyber-attack/ Information technologies services giant Cognizant suffered a cyber attack Friday night allegedly by the operators of the Maze Ransomware, BleepingComputer has learned. Cognizant is one of the largest IT managed services company in the world with close to 300, 000 employees and over $15 billion in revenue.

Syrian-linked APT group SEA recently used COVID-19-themed lures as part of a long-running surveillance campaign, security researchers warn

securityaffairs.co/wordpress/101754/malware/sea-targets-android.html The campaign aimed at users in Syria and surrounding regions was spotted by experts from mobile security firm Lookout, threat actors employed tens of Android apps, none of which is available in the official Google Play Store.

Gamaredon APT Group Use Covid-19 Lure in Campaigns

blog.trendmicro.com/trendlabs-security-intelligence/gamaredon-apt-group-use-covid-19-lure-in-campaigns/

Security News This Week: Russian Hackers Went After San Francisco International Airport

www.wired.com/story/russian-hackers-san-francisco-airport-windows-zero-days-security-roundup/ Plus: Windows zero days, Covid-19 spam, and more of the week’s top security news.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.