Daily NCSC-FI news followup 2020-04-23

Twitter will remove dubious 5G tweets that could potentially cause harm’

techcrunch.com/2020/04/22/twitter-will-remove-dubious-5g-tweets-that-could-potentially-cause-harm/ “We’re prioritizing the removal of COVID-19 content when it has a call to action that could potentially cause harm, “

First version of Apple and Google’s contact tracing API should be available to developers next week

techcrunch.com/2020/04/23/first-version-of-apple-and-googles-contact-tracing-api-should-be-available-to-developers-next-week/ The first version of Apple and Google’s jointly developed, cross-platform contact tracing API should be available to developers as of next week, according to a conversation between Apple CEO Tim Cook and European Commissioner for internal market Thierry Breton.

Coronavirus: Israel halts police phone tracking over privacy concerns

www.bbc.com/news/technology-52395886 The use by Israel’s police of mobile-phone location data to enforce quarantine has been halted because of privacy concerns.

Get your free work-from-home IT security awareness training kit, courtesy of SANS

www.theregister.co.uk/2020/04/23/free_lockdown_security_sans/

Creative Skype phishing campaign uses Google’s.app gTLD

www.bleepingcomputer.com/news/security/creative-skype-phishing-campaign-uses-googles-app-gtld/ Attackers have deployed a phishing campaign against remote workers using Skype, luring them with emails that fake notifications from the service.

Security firm details how hackers stole $1.3 million in wire transfers

www.engadget.com/hackers-steal-1-3-million-wire-transfer-100039219.html The group created lookalike domains and manipulated email messages. The story started when a cybercrime gang known as the “Florentine Banker” targeted three UK private equity companies for a potential wire transfer heist.

When in Doubt: Hang Up, Look Up, & Call Back

krebsonsecurity.com/2020/04/when-in-doubt-hang-up-look-up-call-back/ Many security-conscious people probably think they’d never fall for a phone-based phishing scam. But if your response to such a scam involves anything other than hanging up and calling back the entity that claims to be calling, you may be in for a rude awakening. Here’s how one security and tech-savvy reader got taken for more than $10, 000 in an elaborate, weeks-long ruse.

Scam Everything – Opioids, NetFlix, Phish, Covid Charities, and Government Refunds in one network neighborhood

garwarner.blogspot.com/2020/04/scam-everything-opioids-netflix-covid.html There was a nice cluster that revealed itself, consisting of six websites all on the same Class C NetBlock

Google will make all advertisers prove their identities, so people can see who they are and which country they’re in

www.cnbc.com/2020/04/23/google-advertiser-verification-process-now-required.html

Fake Skype, Signal Apps Used to Spread Surveillanceware

threatpost.com/fake-skype-signal-apps-used-to-spread-surveillanceware/155053/ Threat groups are increasingly relying on trojanized apps pretending to be legitimate such as Skype or Signal but are really spreading surveillanceware.

Threat Spotlight: MedusaLocker

blog.talosintelligence.com/2020/04/medusalocker.html MedusaLocker can encrypt the contents of mapped network drives that may be present on infected systems

Customer complaint phishing pushes network hacking malware

www.bleepingcomputer.com/news/security/customer-complaint-phishing-pushes-network-hacking-malware/ A new phishing campaign is underway that targets a company’s employees with fake customer complaints that install a new backdoor used to compromise a network.

ESET takes down VictoryGate cryptomining botnet

www.zdnet.com/article/eset-takes-down-victorygate-cryptomining-botnet/ More than 35, 000 computers believed to have been infected, according to ESET’s sinkhole data.

Fast-Moving DDoS Botnet Exploits Unpatched ZyXel RCE Bug

threatpost.com/fast-moving-ddos-botnet-unpatched-zyxel-rce-bug/155059/ The rapidly evolving Hoaxcalls botnet is exploiting an unpatched vulnerability in the ZyXEL Cloud CNM SecuManager in a bid to widen its spread.

WHO, CDC and Bill and Melinda Gates Foundation Victims of Credential Dump, Report

threatpost.com/who-cdc-and-bill-and-melinda-gates-foundation-victims-of-credential-dump-report/155081/ Hackers have used credentials allegedly stolen from the WHO, CDC and other notable groups to spread coronavirus misinformation online.

Public Sector Ransomware Attacks Rage On: Can Your Organization Repel Them?

threatpost.com/public-sector-ransomware-attacks-rage/155086/

Hankkija kamppailee kyberiskua vastaan viidettä päivää: “Mitään lunnaita ei näille rikollisille makseta”

www.is.fi/digitoday/tietoturva/art-2000006484357.html Hankkijan tanskalaiseen emoyhtiön sunnuntaina kohdistunut kyberisku on lamauttanut kauppaa Suomessa.

Amid Its Covid-19 Crisis, China Was Still Hacking Uighurs’ iPhones

www.wired.com/story/amid-covid-19-crisis-china-hacking-uighur-iphones/ Security researchers reveal a months-long, indiscriminate campaign targeting the iPhones of Chinese Muslims.

Security researcher identifies new APT group mentioned in 2017 Shadow Brokers leak

www.zdnet.com/article/security-researcher-identifies-new-apt-group-mentioned-in-2017-shadow-brokers-leak/#ftag=RSSbaffb68 NEW NAZAR APT BELIEVED TO BE OPERATING OUT OF IRAN

NSA: Hackers exploit these vulnerabilities to deploy backdoors

www.bleepingcomputer.com/news/security/nsa-hackers-exploit-these-vulnerabilities-to-deploy-backdoors/ The NSA has a dedicated GitHub repository containing tools that companies can use to detect and block web shell threats, and to prevent web shell deployment including:

iOS Mail bug allows remote zero-click attacks

blog.malwarebytes.com/mac/2020/04/ios-mail-bug-allows-remote-zero-click-attacks/ On Monday, ZecOps released a report about a couple concerning vulnerabilities with the Mail app in iOS. These vulnerabilities would allow an attacker to execute arbitrary code in the Mail app or the maild process that assists the Mail app behind the scenes. Most concerning, though, is the fact that even the most current version of iOS, 13.4.1, is vulnerable.

GCC 10 gets security bug trap. And look what just fell into it: OpenSSL and a prod-of-death flaw in servers and apps

www.theregister.co.uk/2020/04/23/gcc_openssl_vulnerability/ Static analyzer proves its worth with discovery of null-pointer error

CVE-2020-0022 an Android 8.0-9.0 Bluetooth Zero-Click RCE BlueFrag

insinuator.net/2020/04/cve-2020-0022-an-android-8-0-9-0-bluetooth-zero-click-rce-bluefrag/

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.