Daily NCSC-FI news followup 2020-05-29

Highly-targeted attacks on industrial sector hide payload in images

www.bleepingcomputer.com/news/security/highly-targeted-attacks-on-industrial-sector-hide-payload-in-images/ Attackers looking to steal employee credentials from organizations tied to the industrial sector deployed highly-targeted operations that delivered malicious PowerShell scripts in images. Victims in multiple countries (Japan, the U.K., Germany, Italy) were identified. Some of them supply equipment and software solutions to industrial enterprises.

Fortune 500 company NTT discloses security breach

www.zdnet.com/article/fortune-500-company-ntt-discloses-security-breach/ Japanese telecommunications giant NTT says hackers breached its internal network and stole data on 621 customers.

Microsoft bans Trend Micro driver from Windows 10 for “cheating” hardware tests

www.itpro.co.uk/security/cyber-security/355797/microsoft-bans-trend-micros-rootkit-buster-from-windows-10 Microsoft has blocked a free antivirus tool developed by Trend Micro after the security firm was accused of designing its driver to “cheat” hardware tests through coding trickery.

New Octopus Scanner malware spreads via GitHub supply chain attack

www.bleepingcomputer.com/news/security/new-octopus-scanner-malware-spreads-via-github-supply-chain-attack/ Security researchers have found a new malware that finds and backdoors open-source NetBeans projects hosted on the GitHub web-based code hosting platform to spread to Windows, Linux, and macOS systems and deploy a Remote Administration Tool (RAT). While investigating this malware, GitHub Security Lab researchers found 26 open source projects compromised by Octopus Scanner

NetWalker Ransomware – What You Need to Know

www.tripwire.com/state-of-security/featured/netwalker-ransomware-what-need-know/ NetWalker, like the Maze ransomware and a small number of other ransomware families, aggressively threatens to publish victims’ data on the internet if ransoms are not paid.

Michigan State University hit by NetWalker ransomware gang

www.zdnet.com/article/michigan-state-university-hit-by-ransomware-gang/ In case MSU officials refuse to pay or choose to restore from backups, the ransomware gang is prepared to leak documents stolen from the university’s network on a special website the group is operating on the dark web.

200K sites with buggy WordPress plugin exposed to takeover attacks and wiped sites

www.bleepingcomputer.com/news/security/200k-sites-with-buggy-wordpress-plugin-exposed-to-wipe-attacks/ PageLayer is a WordPress plugin with over 200, 000+ active installations according to numbers available on its WordPress plugins repository entry.

Hack-For-Hire Criminals Spoof WHO To Target Google Credentials

threatpost.com/hack-hire-spoof-who-google-credentials/156100/ Hack-for-hire organizations are the latest group of cybercriminals to take advantage of the ongoing coronavirus pandemic, using COVID-19 as a lure in phishing emails bent on stealing victims’ Google credentials.

Google Threat Analysis Group: Updates about government-backed hacking and disinformation

blog.google/threat-analysis-group/updates-about-government-backed-hacking-and-disinformation Last month, we sent 1, 755 warnings to users whose accounts were targets of government-backed attackers.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.