Daily NCSC-FI news followup 2020-05-29

Highly-targeted attacks on industrial sector hide payload in images

www.bleepingcomputer.com/news/security/highly-targeted-attacks-on-industrial-sector-hide-payload-in-images/ Attackers looking to steal employee credentials from organizations tied to the industrial sector deployed highly-targeted operations that delivered malicious PowerShell scripts in images. Victims in multiple countries (Japan, the U.K., Germany, Italy) were identified. Some of them supply equipment and software solutions to industrial enterprises.

Fortune 500 company NTT discloses security breach

www.zdnet.com/article/fortune-500-company-ntt-discloses-security-breach/ Japanese telecommunications giant NTT says hackers breached its internal network and stole data on 621 customers.

Microsoft bans Trend Micro driver from Windows 10 for “cheating” hardware tests

www.itpro.co.uk/security/cyber-security/355797/microsoft-bans-trend-micros-rootkit-buster-from-windows-10 Microsoft has blocked a free antivirus tool developed by Trend Micro after the security firm was accused of designing its driver to “cheat” hardware tests through coding trickery.

New Octopus Scanner malware spreads via GitHub supply chain attack

www.bleepingcomputer.com/news/security/new-octopus-scanner-malware-spreads-via-github-supply-chain-attack/ Security researchers have found a new malware that finds and backdoors open-source NetBeans projects hosted on the GitHub web-based code hosting platform to spread to Windows, Linux, and macOS systems and deploy a Remote Administration Tool (RAT). While investigating this malware, GitHub Security Lab researchers found 26 open source projects compromised by Octopus Scanner

NetWalker Ransomware – What You Need to Know

www.tripwire.com/state-of-security/featured/netwalker-ransomware-what-need-know/ NetWalker, like the Maze ransomware and a small number of other ransomware families, aggressively threatens to publish victims’ data on the internet if ransoms are not paid.

Michigan State University hit by NetWalker ransomware gang

www.zdnet.com/article/michigan-state-university-hit-by-ransomware-gang/ In case MSU officials refuse to pay or choose to restore from backups, the ransomware gang is prepared to leak documents stolen from the university’s network on a special website the group is operating on the dark web.

200K sites with buggy WordPress plugin exposed to takeover attacks and wiped sites

www.bleepingcomputer.com/news/security/200k-sites-with-buggy-wordpress-plugin-exposed-to-wipe-attacks/ PageLayer is a WordPress plugin with over 200, 000+ active installations according to numbers available on its WordPress plugins repository entry.

Hack-For-Hire Criminals Spoof WHO To Target Google Credentials

threatpost.com/hack-hire-spoof-who-google-credentials/156100/ Hack-for-hire organizations are the latest group of cybercriminals to take advantage of the ongoing coronavirus pandemic, using COVID-19 as a lure in phishing emails bent on stealing victims’ Google credentials.

Google Threat Analysis Group: Updates about government-backed hacking and disinformation

blog.google/threat-analysis-group/updates-about-government-backed-hacking-and-disinformation Last month, we sent 1, 755 warnings to users whose accounts were targets of government-backed attackers.

You might be interested in …

Daily NCSC-FI news followup 2020-06-20

Cyberbullying: Adults can be victims too www.welivesecurity.com/2020/06/19/cyberbullying-adults-can-be-victims-too/ Whenever cyberbullying is mentioned, our minds usually associate the topic with children or teenagers. Much has been said about cyberbullying by psychologists, organizations, public figures, as well as other concerned parties. However, we often fail to realize that adults can be the victims of cyberbullying too. Former DIA […]

Read More

Daily NCSC-FI news followup 2020-04-20

Taiwan High-Tech Ecosystem Targeted by Foreign APT Group: medium.com/@cycraft_corp/taiwan-high-tech-ecosystem-targeted-by-foreign-apt-group-5473d2ad8730 – From what we found even those who use VPNs are at risk even more so than usual. Read below to see how and what to do about it. The main objective of these attacks was the exfiltration of intellectual property, such as documents on integrated […]

Read More

Daily NCSC-FI news followup 2020-11-14

Schools Struggling to Stay Open Get Hit by Ransomware Attacks www.wsj.com/articles/my-information-is-out-there-hackers-escalate-ransomware-attacks-on-schools-11605279160?mod=djemalertNEWS Districts around the U.S. are fighting a wave of increasingly aggressive hackers, who are publicly posting sensitive student information. Based on searches of hackers’ sites on the dark weba network of websites accessed through special software that gives users anonymityas well as publicly known […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.