Daily NCSC-FI news followup 2020-05-09

DigitalOcean Data Leak Incident Exposed Some of Its Customers Data

thehackernews.com/2020/05/digitalocean-data-breach.html DigitalOcean, one of the biggest modern web hosting platforms, recently hit with a concerning data leak incident that exposed some of its customers’ data to unknown and unauthorized third parties. Though the hosting company has not yet publicly released a statement, it did has started warning affected customers of the scope of the breach via an email.. Also:


A hacker group is selling more than 73 million user records on the dark web

www.zdnet.com/article/a-hacker-group-is-selling-more-than-73-million-user-records-on-the-dark-web/ A hacker group going by the name of ShinyHunters claims to have breached ten companies and is currently selling their respective user databases on a dark web marketplace for illegal products. The hackers are the same group who breached last week Tokopedia, Indonesia’s largest online store. Hackers initially leaked 15 million user records online, for free, but later put the company’s entire database of 91 million user records on sale for $5,000.. Also:


Rail vehicle manufacturer Stadler hit by cyberattack, blackmailed

www.bleepingcomputer.com/news/security/rail-vehicle-manufacturer-stadler-hit-by-cyberattack-blackmailed/ International rail vehicle construction company, Stadler, disclosed that it was the victim of a cyberattack which might have also allowed the attackers to steal company and employee data. Stadler manufactures a wide range of railway vehicles from high-speed trains to tramways and trams, and it is the worlds leading service provider in the rack-and-pinion rail vehicle industry.

One malicious MMS is all it takes to pwn a Samsung smartphone: Bug squashed amid Android patch batch

www.theregister.co.uk/2020/05/08/samsung_android_patches/ Samsung has patched a serious security hole in its smartphones that can be exploited by maliciously crafted text messages to hijack devices. It appears no user interaction is required: if Samsung’s messaging app bundled with phones since 2015 receives a booby-trapped MMS, it will parse it automatically before the user even opens it. This will trigger a vulnerability in the Skia graphics library, used by the app to decode the message’s embedded Qmage image.

North Korean hackers infect real 2FA app to compromise Macs

www.bleepingcomputer.com/news/security/north-korean-hackers-infect-real-2fa-app-to-compromise-macs/ Hackers have hidden malware in a legitimate two-factor authentication (2FA) app for macOS to distribute Dacls, a remote access trojan associated with the North Korean Lazarus group. Dacls has been used to target Windows and Linux platforms and the recently discovered RAT variant for macOS borrows from them much of the functionality and code.

Companies Struggle for Effective Cybersecurity

www.darkreading.com/operations/companies-struggle-for-effective-cybersecurity/d/d-id/1337779?_mc The money companies are spending on cybersecurity tools doesn’t necessarily result in better security, a new survey shows. Organizations of all sizes are under near-constant attack from cybercriminals that we know. And of course they must defend themselves against attacks. But there are some huge questions about just how effective their ability to do so is. A new report by Mandiant Security Validation aims to address those questions.

Scams to watch out for not just this Mothers Day

www.welivesecurity.com/2020/05/08/scams-watch-out-mothers-day/ As it is with every special occasion, large or small, in the run-up to Mothers Day retailers are promoting special offers to honor all mothers around the world. That provides ample opportunity for cybercriminals to pull out all the stops in their mission to make money off of everything. even a kind occasion like this. Scammers wont just be focusing on masquerading as vendors; they will probably stoop as low as possible and try to woo single mothers in search of romance and swindle them out of their money.

Hackers Target WHO by Posing as Think Tank, Broadcaster

www.bloomberg.com/news/articles/2020-05-07/hackers-target-who-by-posing-as-think-tank-broadcaster The messages began arriving in World Health Organization employees inboxes in early April, seemingly innocuous emails about the coronavirus from news organizations and researchers. But a close examination revealed that they contained malicious links, and some security experts have traced the emails to a hacking group in Iran believed to be sponsored by the government.

You might be interested in …

Daily NCSC-FI news followup 2021-06-27

Builder for Babuk Locker ransomware leaked online therecord.media/builder-for-babuk-locker-ransomware-leaked-online/ The builder for the Babuk Locker ransomware was leaked online this week, allowing easy access to an advanced ransomware strain to any would-be criminal group looking to get into the ransomware scene with little to no development effort Google announces unified vulnerability schema to strengthen open-source security […]

Read More

Daily NCSC-FI news followup 2021-07-27

Microsoft Teams now automatically blocks phishing attempts www.bleepingcomputer.com/news/security/microsoft-teams-now-automatically-blocks-phishing-attempts/ Microsoft has extended Defender for Office 365 Safe Links protection to Microsoft Teams to safeguard users from malicious URL-based phishing attacks.. This added protection couldn’t have come at a better time, seeing that, based on Microsoft’s stats, the Microsoft Teams userbase has exploded over the last 18 […]

Read More

Daily NCSC-FI news followup 2021-06-20

Norway says Chinese group APT31 is behind catastrophic 2018 government hack therecord.media/norway-says-chinese-group-apt31-is-behind-catastrophic-2018-government-hack/ Norway’s police secret service said this week that APT31, a cyber-espionage group operating on behalf of China, was responsible for a 2018 breach of the government’s IT network. According to the Norwegian Police Security Service (PST), the 2018 hack was as bad as […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.