Google Sees State-Sponsored Hackers Ramping Up Coronavirus Attacks
www.wired.com/story/google-state-sponsored-hackers-coronavirus-phishing-malware/ More than 12 government-backed groups are using the pandemic as cover for digital reconnaissance and espionage, according to a new report. Report:
Chinese Agents Helped Spread Messages That Sowed Virus Panic in U.S., Officials Say
www.nytimes.com/2020/04/22/us/politics/coronavirus-china-disinformation.html American officials were alarmed by fake text messages and social media posts that said President Trump was locking down the country. Experts see a convergence with Russian tactics.
Zoom releases 5.0 update with security and privacy improvements
www.theverge.com/2020/4/22/21230962/zoom-update-security-privacy-features-improvements-download Zoom is moving quickly to address complaints
Zoom adds data center routing, security updates
www.zdnet.com/article/zoom-adds-data-center-routing-security-updates/ The data center routing feature is meant to allay fears that Zoom chats and encryption keys were being sent to Chinese servers.
New iOS zero-days actively used against high-profile targets
www.bleepingcomputer.com/news/security/new-ios-zero-days-actively-used-against-high-profile-targets/ Two zero-day vulnerabilities affecting iPhone and iPad devices were found by cybersecurity startup ZecOps after the discovery of a series of ongoing remote attacks that have targeted iOS users since at least January 2018.
Nazar: A Lost Amulet
www.epicturla.com/blog/the-lost-nazar Today, I’ll focus on a specific misidentified TeDi signature, SIG37. The Nazar APT
Vietnamese Threat Actors APT32 Targeting Wuhan Government and Chinese Ministry of Emergency Management in Latest Example of COVID-19 Related Espionage
www.fireeye.com/blog/threat-research/2020/04/apt32-targeting-chinese-government-in-covid-19-related-espionage.html – From at least January to April 2020, suspected Vietnamese actors APT32 carried out intrusion campaigns against Chinese targets that Mandiant Threat Intelligence believes was designed to collect intelligence on the COVID-19 crisis.
Questioning China’s Politicization of Cyber Intelligence During Pandemic
www.cfr.org/blog/questioning-chinas-politicization-cyber-intelligence-during-pandemic Recently, Chinese cybersecurity companies have reported an intrusion campaign targeting government networks and health-care systems during the COVID-19 pandemic. A campaign of this magnitude threatens to degrade international norms for the protection of health systems that are already under unprecedented pressures. However, there is reason to question the narrative from Beijing and these companies.
Goodbye smishing? SMS crackdown should stop you getting fake messages
www.zdnet.com/article/goodbye-smishing-sms-crackdown-should-stop-you-getting-fake-messages/ Mobile industry, banks and NCSC collaborate on SMS SenderID Protection Registry – which has already stopped at least 70 Covid-19 SMS scams from being sent.
New phishing hotline sent 5, 000 suspicious emails in just one day
www.zdnet.com/article/new-phishing-hotline-is-sent-5000-suspicious-emails-in-just-one-day/ 83 cyber criminal websites taken down just a day after National Cyber Security Centre launches Suspicious Email Reporting Service.
Following the money in a massive “sextortion” spam scheme
news.sophos.com/en-us/2020/04/22/following-the-sextortion-money/ Cryptocurrency profits from sextortion spam funneled into wallets tied to other cybercrime and dark web market activity.
Ransomware is now the biggest online menace you need to worry about
www.zdnet.com/article/ransomware-is-now-the-biggest-online-menace-you-need-to-worry-about/ Ransomware attacks have overtaken credit card theft as the top form of cybercrime according to new data.
DoppelPaymer Ransomware hits Los Angeles County city, leaks files
www.bleepingcomputer.com/news/security/doppelpaymer-ransomware-hits-los-angeles-county-city-leaks-files/ The City of Torrance of the Los Angeles metropolitan area, California, has allegedly been attacked by the DoppelPaymer Ransomware, having unencrypted data stolen and devices encrypted.
Revive ad servers being hacked to distribute malicious ads
www.bleepingcomputer.com/news/security/revive-ad-servers-being-hacked-to-distribute-malicious-ads/ The Tag Barnakle malvertising group is hacking into Revive ad servers to inject and deliver malicious advertisements on unwary visitors. This malicious code will detect when Firebug or a browser’s developer console is open, and if not, perform a redirect to malicious sites that are promoting fake Adobe Flash updates.
Bot creates millions of fake eyeballs to rip off smart-TV advertisers
nakedsecurity.sophos.com/2020/04/20/bot-creates-millions-of-fake-eyeballs-to-rip-off-smart-tv-advertisers/ Researchers have uncovered the biggest connected-TV (CTV) ad fraud operation they’ve ever seen, fueled with fake ad views seen by bogus eyeballs that actually belonged to a bot network they named ICEBUCKET.
Banking.BR Android Trojan Emerges in Credential-Stealing Attacks
threatpost.com/android-banking-br-trojan-credential-stealing/154990/ A new Android trojan targets banking customers with overlay attacks to steal their bank credentials and ultimately take over their accounts.
NSA, ASD Release Guidance for Mitigating Web Shell Malware
Flaw in iPhone, iPads may have allowed hackers to steal data for years
www.reuters.com/article/us-usa-apple-cyber-idUSKCN2242IK Apple Inc (AAPL.O) is planning to fix a flaw that a security firm said may have left more than half a billion iPhones vulnerable to hackers. See also:
Microsoft Issues Out-Of-Band Security Update For Office, Paint 3D
threatpost.com/microsoft-issues-out-of-band-security-update-for-office-paint-3d/155016/ Microsoft has released an out-of-band security update for Microsoft Office, Office 365 ProPlus and Paint 3D. The applications are affected by multiple Autodesk vulnerabilities that, if exploited, could enable remote code execution.
Serious flaws found in multiple smart home hubs: Is your device among them?
www.welivesecurity.com/2020/04/22/serious-flaws-smart-home-hubs-is-your-device-among-them/ In worst-case scenarios, some vulnerabilities could even allow attackers to take control over the central units and all peripheral devices connected to them
Attack of the clones: If you were relying on older Xilinx FPGAs to keep your product’s hardware code encrypted and secret, here’s some bad news
www.theregister.co.uk/2020/04/22/fpga_xilinx_side_channel/ Decrypted configuration bitstream can be siphoned from chips via side-channel flaw
NordVPN unveils first mainstream WireGuard virtual private network
“Sinne ei asennella pelejä tai katsella pornoa” Mikko Hyppösellä on painavaa sanottavaa työkoneiden käytöstä kotona
www.is.fi/digitoday/tietoturva/art-2000006482034.html Tietoturvaekspertti muistuttaa asioista, jotka kotityöläisen tulisi laittaa kuntoon, kun firma ei sitä pysty tekemään.