Daily NCSC-FI news followup 2020-05-23

The Week in Ransomware – May 22nd 2020 – Constantly Innovating

www.bleepingcomputer.com/news/security/the-week-in-ransomware-may-22nd-2020-constantly-innovating/ Ransomware operators continue to leak data for their victims and develop new ways to infect victims without being detected by security software. This week, we saw Snake ransomware leak data from Fresenius Medical Care, and REvil claims to have a buyer for the alleged data on President Trump.

Chrome: 70% of all security bugs are memory safety issues

www.zdnet.com/article/chrome-70-of-all-security-bugs-are-memory-safety-issues/ Google software engineers are looking into ways of eliminating memory management-related bugs from Chrome.

How encryption can help protect your sensitive data

www.welivesecurity.com/2020/05/22/how-encryption-can-help-protect-sensitive-data/ Here’s how encryption can help keep your data safe from prying eyes even if your device is stolen or your cloud account is hacked

Insidious Android malware gives up all malicious features but one to gain stealth

www.welivesecurity.com/2020/05/22/insidious-android-malware-gives-up-all-malicious-features-but-one-gain-stealth/ ESET researchers detect a new way of misusing Accessibility Service, the Achilles’ heel of Android security

Indonesia probes breach of data on more than two million voters

www.reuters.com/article/us-indonesia-cyber-breach/indonesia-probes-breach-of-data-on-more-than-two-million-voters-idUSKBN22Y15K Indonesia’s election commission is investigating the release of 2.3 million voters’ private information on a hacker website along with a threat to release of the data of about 200 million people, the agency said on Friday.

Chafer APT Hits Middle East Govs With Latest Cyber-Espionage Attacks

threatpost.com/chafer-apt-hits-middle-east-govs-with-latest-cyber-espionage-attacks/156002/ Government and air transportation companies in Kuwait and Saudi Arabia were targeted in a recent attack tracked back to the Chafer APT.

Virtual cybersecurity school teaches kids to fix security flaws and hunt down hackers

edition.cnn.com/2020/05/20/tech/virtual-cyber-security-school/index.html What started as a school-based program to teach kids a new skill is extending into a virtual cyber school. It’s filled with lessons and games to teach users how to fix security flaws on webpages, uncover trails left by cybercriminals and decrypt codes used by hackers. The program is now available online for any student ages 13 – 18 for free in the UK, and $100 a year in the US.

Security News This Week: Look Out for This Covid-19 Excel Phishing Scam

www.wired.com/story/covid-19-phishing-excel-ios-14-data-breaches/ THE COVID-19 PANDEMIC has provided boundless opportunities for scammers since January at least. But a group of fraudsters known as Scattered Canary has reached new depths, ripping off state unemployment systems for millions of dollars just as funds are running dangerously low. It’s not all bad news, though. For the last several months, the FBI had once again been pressuring Apple to undermine its encryption so that it could get into a mass shooter’s iPhones. And just as it did in 2016, the agency ultimately relented after it was able to determine the passwords on its own. Go figure!

www.enisa.europa.eu/news/enisa-news/securing-smart-infrastructure-in-covid-19-pandemic

You might be interested in …

Daily NCSC-FI news followup 2020-07-29

www.zdnet.com/article/hacker-gang-behind-garmin-attack-doesnt-have-a-history-of-stealing-user-data ‘BootHole’ attack impacts Windows and Linux systems using GRUB2 and Secure Boot www.zdnet.com/article/boothole-attack-impacts-windows-and-linux-systems-using-grub2-and-secure-boot The vulnerability, codenamed BootHole, allows attackers to tamper with the boot-loading process that precedes starting up the actual operating system (OS). Lisäksi: kb.cert.org/vuls/id/174059 ja www.openwall.com/lists/oss-security/2020/07/29/3. Lisäksi: www.bleepingcomputer.com/news/security/boothole-grub-bootloader-bug-lets-hackers-hide-malware-in-linux-windows/ ja www.theregister.com/2020/07/29/grub2_code_exec_flaw/ ja eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/ APT reports – APT trends report Q2 2020 securelist.com/apt-trends-report-q2-2020/97937/ For […]

Read More

Daily NCSC-FI news followup 2020-09-06

Ransomware attack halts Argentinian border crossing for four hours www.bleepingcomputer.com/news/security/ransomware-attack-halts-argentinian-border-crossing-for-four-hours/ Argentina’s official immigration agency, Dirección Nacional de Migraciones, suffered a Netwalker ransomware attack that temporarily halted border crossing into and out of the country. The ransomware demanded $4 million and leaked data from the breach online. Visa warns of new Baka credit card JavaScript skimmer […]

Read More

Daily NCSC-FI news followup 2019-09-30

Uusi ja kallis hätäkeskusjärjestelmä kaatui, kun valtion verkkoa päivitettiin “Se on hävyttömän pitkä aika www.iltalehti.fi/kotimaa/a/b2100812-f297-4a44-8b74-609719dda523 Uusi hätäkeskusjärjestelmä Erica on lakannut toimimasta valtion Valtorin turvallisuusverkon päivityskatkosten vuoksi. Detecting and Preventing Emotet 2019 Campaign media.cert.europa.eu/static/SecurityAdvisories/2019/CERT-EU-SA2019-021.pdf Since beginning of June 2019, the Emotet botnet stopped sending phishing emails to infect new victims. However, on August 22nd, 2019, the […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.