Daily NCSC-FI news followup 2020-05-02

Scammers Using COVID-19/Coronavirus Lure to Target Medical Suppliers

www.fortinet.com/blog/threat-research/scammers-using-covid-19-coronavirus-lure-to-target-medical-suppliers.html FortiGuard Labs has discovered a new malicious spearphishing campaign, once again using the COVID-19/Coronavirus pandemic as a lure. This latest email campaign targets a medical device supplier, wherein the attacker is inquiring about various materials needed to address the COVID-19 pandemic due to high demand for supplies, and includes a compelling statement that they have already tried to reach the recipient via telephone in order to create a stronger sense of urgency. The attachment is a maliciously crafted Word document, utilizing the infamous CVE-2017-11882 (Office Equation Editor) vulnerability.

It’s no time to let your guard down as coronavirus fraud remains a threat

www.welivesecurity.com/2020/05/01/no-time-let-your-guard-down-coronavirus-fraud-rampant/ In part four of our series on COVID-19-related scams, we share a few examples of recent campaigns targeting your money and personal data.

Cybersecurity and the economy: when recession strikes

blog.malwarebytes.com/cybercrime/2020/04/cybersecurity-and-the-economy-when-recession-strikes/ Cybercrime and the economy have always been intertwined, but with COVID-19 on the road to causing a seemingly inevitable global recession, many are asking what, exactly, will the impact be on cybercrime. Will criminals step up and increase malware production, ramp up phishing attacks, do whatever it takes to pull in some cash? Or will it cause a little downturn in malware making and other dubious dealings?

Europol analyses on criminal operations in Europe during COVID-19 Crisis

securityaffairs.co/wordpress/102574/cyber-crime/europol-criminal-operations-covid-19.html Threat actors and criminal organizations continue to take advantage of the COVID-19 pandemic to make money, Europol warns. also:


Abnormal Attack Stories: Microsoft Teams Impersonation

abnormalsecurity.com/blog/abnormal-attack-stories-microsoft-teams-impersonation/ In this attack, attackers are impersonating a notification from Microsoft Teams in order to steal the credentials of employees. Microsoft Teams has seen one of the largest increase in users as a result of the shift to remote work in response to the current COVID-19 pandemic.

Trump bans acquisition of foreign power grid equipment, citing hacking threats

www.zdnet.com/article/trump-bans-acquisition-of-foreign-power-grid-equipment-citing-hacking-threats/#ftag=RSSbaffb68 President Donald Trump signed today an executive order barring US power grid entities from buying and installing electrical equipment that has been manufactured outside the US. Trump said that “foreign adversaries are increasingly creating and exploiting vulnerabilities in the United States bulk-power system.”

Upgraded Cerberus Spyware Spreads Rapidly via MDM

threatpost.com/cerberus-trojan-major-spyware-targeted-attack/155415/ No longer a simple Android banker, Cerberus is now a full-fledged RAT that can take complete control of devices and automatically spread via mobile device management servers. also:


Advanced Persistent Threat Golden_hands – Digital Bank Robbery of the Year 2020

www.vulnerability-db.com/?q=articles%2F2020%2F04%2F30%2Fadvanced-persistent-threat-goldenhands-digital-bank-robbery-year-2020 This is a story about advanced persistent threats in Germany and the European Union during the crisis affecting the finance system and economy sector.

Zero Trust Deployment Guide for Microsoft Azure Active Directory

www.microsoft.com/security/blog/2020/04/30/zero-trust-deployment-guide-azure-active-directory/ Microsoft is providing a series of deployment guides for customers who have engaged in a Zero Trust security strategy. In this guide, we cover how to deploy and configure Azure Active Directory (Azure AD) capabilities to support your Zero Trust security strategy.

Threat Spotlight: Malicious use of reCaptcha

blog.barracuda.com/2020/04/30/threat-spotlight-malicious-recaptcha/ In the never-ending battle between cybersecurity and cybercrime, cybercriminals continue to find new techniques to evade detection. One such trick Barracuda researchers have started seeing more often in phishing campaigns uses reCaptcha walls to block URL scanning services from accessing the content of phishing pages.

North Dakota government fiber provider hit by ransomware

statescoop.com/north-dakota-government-fiber-provider-hit-maze-ransomware/ The company that operates a fiber optic network that supports statewide and local government entities across North Dakota was a victim of a recent ransomware attack that included some of the firm’s files being published on a website that attempts to shame victims into paying.

The Russian Doll of Putin’s Internet Clampdown

www.wired.com/story/opinion-the-russian-doll-of-putins-internet-clampdown/ The Kremlin’s path toward censorship, surveillance, and repression has many more layers than meets the eye.

Hacker leaks 15 million records from Tokopedia, Indonesia’s largest online store

www.zdnet.com/article/hacker-leaks-15-million-records-from-tokopedia-indonesias-largest-online-store/#ftag=RSSbaffb68 The Tokopedia data has been published on a well-known hacking forum.

Näin sinua yritetään huijata koronan nimissä Tietoturva-asiantuntija kertoo, miten nettihuijarit hyödyntävät nyt koronaepidemiaa

www.hs.fi/teknologia/art-2000006493173.html “Korona vaikuttaa siihen, kenen nimissä verkkorikolliset yrittävät nyt tehdä huijauksia”, sanoo tietoturva-asiantuntija Ville Kontinen.

You might be interested in …

Daily NCSC-FI news followup 2021-02-07

Hacked by SolarWinds backdoor masterminds, Mimecast now lays off staff after profit surge www.theregister.com/2021/02/07/in_brief_security/ Plus: British Mensa in data leak blunder, DARPA are Star Wars fans, Sonicwall patch out, and more. Email security biz Mimecast not only fell victim to the SolarWinds hackers, leading to its own customers being attacked, it is also trimming its […]

Read More

Daily NCSC-FI news followup 2019-09-13

Israel accused of planting mysterious spy devices near the White House www.politico.com/story/2019/09/12/israel-white-house-spying-devices-1491351 The U.S. government concluded within the past two years that Israel was most likely behind the placement of cellphone surveillance devices that were found near the White House and other sensitive locations around Washington, according to three former senior U.S. officials with knowledge […]

Read More

Daily NCSC-FI news followup 2020-09-17

Ransomware attack at German hospital leads to death of patient www.bleepingcomputer.com/news/security/ransomware-attack-at-german-hospital-leads-to-death-of-patient/ A person in a life-threatening condition passed away after being forced to go to a more distant hospital due to a ransomware attack. www.is.fi/digitoday/tietoturva/art-2000006638568.html Postin nimissä lähetettäviä huijaustekstiviestejä tulee suomalaisille hyvin aktiivisesti. Ilta-Sanomat Digitoday on saanut useita ilmoituksia viime viikonloppuna ja tällä viikolla lähetetyistä […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.