Daily NCSC-FI news followup 2020-05-02

Scammers Using COVID-19/Coronavirus Lure to Target Medical Suppliers

www.fortinet.com/blog/threat-research/scammers-using-covid-19-coronavirus-lure-to-target-medical-suppliers.html FortiGuard Labs has discovered a new malicious spearphishing campaign, once again using the COVID-19/Coronavirus pandemic as a lure. This latest email campaign targets a medical device supplier, wherein the attacker is inquiring about various materials needed to address the COVID-19 pandemic due to high demand for supplies, and includes a compelling statement that they have already tried to reach the recipient via telephone in order to create a stronger sense of urgency. The attachment is a maliciously crafted Word document, utilizing the infamous CVE-2017-11882 (Office Equation Editor) vulnerability.

It’s no time to let your guard down as coronavirus fraud remains a threat

www.welivesecurity.com/2020/05/01/no-time-let-your-guard-down-coronavirus-fraud-rampant/ In part four of our series on COVID-19-related scams, we share a few examples of recent campaigns targeting your money and personal data.

Cybersecurity and the economy: when recession strikes

blog.malwarebytes.com/cybercrime/2020/04/cybersecurity-and-the-economy-when-recession-strikes/ Cybercrime and the economy have always been intertwined, but with COVID-19 on the road to causing a seemingly inevitable global recession, many are asking what, exactly, will the impact be on cybercrime. Will criminals step up and increase malware production, ramp up phishing attacks, do whatever it takes to pull in some cash? Or will it cause a little downturn in malware making and other dubious dealings?

Europol analyses on criminal operations in Europe during COVID-19 Crisis

securityaffairs.co/wordpress/102574/cyber-crime/europol-criminal-operations-covid-19.html Threat actors and criminal organizations continue to take advantage of the COVID-19 pandemic to make money, Europol warns. also:

www.europol.europa.eu/publications-documents/beyond-pandemic-how-covid-19-will-shape-serious-and-organised-crime-landscape-in-eu

Abnormal Attack Stories: Microsoft Teams Impersonation

abnormalsecurity.com/blog/abnormal-attack-stories-microsoft-teams-impersonation/ In this attack, attackers are impersonating a notification from Microsoft Teams in order to steal the credentials of employees. Microsoft Teams has seen one of the largest increase in users as a result of the shift to remote work in response to the current COVID-19 pandemic.

Trump bans acquisition of foreign power grid equipment, citing hacking threats

www.zdnet.com/article/trump-bans-acquisition-of-foreign-power-grid-equipment-citing-hacking-threats/#ftag=RSSbaffb68 President Donald Trump signed today an executive order barring US power grid entities from buying and installing electrical equipment that has been manufactured outside the US. Trump said that “foreign adversaries are increasingly creating and exploiting vulnerabilities in the United States bulk-power system.”

Upgraded Cerberus Spyware Spreads Rapidly via MDM

threatpost.com/cerberus-trojan-major-spyware-targeted-attack/155415/ No longer a simple Android banker, Cerberus is now a full-fledged RAT that can take complete control of devices and automatically spread via mobile device management servers. also:

research.checkpoint.com/2020/first-seen-in-the-wild-mobile-as-attack-vector-using-mdm/

Advanced Persistent Threat Golden_hands – Digital Bank Robbery of the Year 2020

www.vulnerability-db.com/?q=articles%2F2020%2F04%2F30%2Fadvanced-persistent-threat-goldenhands-digital-bank-robbery-year-2020 This is a story about advanced persistent threats in Germany and the European Union during the crisis affecting the finance system and economy sector.

Zero Trust Deployment Guide for Microsoft Azure Active Directory

www.microsoft.com/security/blog/2020/04/30/zero-trust-deployment-guide-azure-active-directory/ Microsoft is providing a series of deployment guides for customers who have engaged in a Zero Trust security strategy. In this guide, we cover how to deploy and configure Azure Active Directory (Azure AD) capabilities to support your Zero Trust security strategy.

Threat Spotlight: Malicious use of reCaptcha

blog.barracuda.com/2020/04/30/threat-spotlight-malicious-recaptcha/ In the never-ending battle between cybersecurity and cybercrime, cybercriminals continue to find new techniques to evade detection. One such trick Barracuda researchers have started seeing more often in phishing campaigns uses reCaptcha walls to block URL scanning services from accessing the content of phishing pages.

North Dakota government fiber provider hit by ransomware

statescoop.com/north-dakota-government-fiber-provider-hit-maze-ransomware/ The company that operates a fiber optic network that supports statewide and local government entities across North Dakota was a victim of a recent ransomware attack that included some of the firm’s files being published on a website that attempts to shame victims into paying.

The Russian Doll of Putin’s Internet Clampdown

www.wired.com/story/opinion-the-russian-doll-of-putins-internet-clampdown/ The Kremlin’s path toward censorship, surveillance, and repression has many more layers than meets the eye.

Hacker leaks 15 million records from Tokopedia, Indonesia’s largest online store

www.zdnet.com/article/hacker-leaks-15-million-records-from-tokopedia-indonesias-largest-online-store/#ftag=RSSbaffb68 The Tokopedia data has been published on a well-known hacking forum.

Näin sinua yritetään huijata koronan nimissä Tietoturva-asiantuntija kertoo, miten nettihuijarit hyödyntävät nyt koronaepidemiaa

www.hs.fi/teknologia/art-2000006493173.html “Korona vaikuttaa siihen, kenen nimissä verkkorikolliset yrittävät nyt tehdä huijauksia”, sanoo tietoturva-asiantuntija Ville Kontinen.

You might be interested in …

Daily NCSC-FI news followup 2019-11-30

How is NordVPN unblocking Disney+? It might be through YOUR own computer. Even if youve never used Disney+ or NordVPN. medium.com/@derek./how-is-nordvpn-unblocking-disney-6c51045dbc30 New Chrome Password Stealer Sends Stolen Data to a MongoDB Database www.bleepingcomputer.com/news/security/new-chrome-password-stealer-sends-stolen-data-to-a-mongodb-database/ A new trojan has been discovered that attempts to steal passwords stored in the Google Chrome browser. While this is nothing unique, […]

Read More

Daily NCSC-FI news followup 2020-09-19

5 ways cybercriminals can try to extort you www.welivesecurity.com/2020/09/18/five-cybercriminals-extortion-schemes/ When it comes to coercing people into parting with their money, cybercriminals seem to have an endless bag of tricks to choose from. There are some tricks, that they favor more than others, one of which is extortion. According to the FBIs latest Internet Crime Report, […]

Read More

Daily NCSC-FI news followup 2020-01-11

An Empirical Study of Wireless Carrier Authentication for SIM Swaps www.issms2fasecure.com/ We examined the authentication procedures used by five prepaid wireless carriers when a customer attempts to change their SIM card, or SIM swap. We found that all five carriers use insecure authentication challenges that can easily be subverted by attackers. We found 17 websites […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.