Daily NCSC-FI news followup 2020-05-29

Highly-targeted attacks on industrial sector hide payload in images

www.bleepingcomputer.com/news/security/highly-targeted-attacks-on-industrial-sector-hide-payload-in-images/ Attackers looking to steal employee credentials from organizations tied to the industrial sector deployed highly-targeted operations that delivered malicious PowerShell scripts in images. Victims in multiple countries (Japan, the U.K., Germany, Italy) were identified. Some of them supply equipment and software solutions to industrial enterprises.

Fortune 500 company NTT discloses security breach

www.zdnet.com/article/fortune-500-company-ntt-discloses-security-breach/ Japanese telecommunications giant NTT says hackers breached its internal network and stole data on 621 customers.

Microsoft bans Trend Micro driver from Windows 10 for “cheating” hardware tests

www.itpro.co.uk/security/cyber-security/355797/microsoft-bans-trend-micros-rootkit-buster-from-windows-10 Microsoft has blocked a free antivirus tool developed by Trend Micro after the security firm was accused of designing its driver to “cheat” hardware tests through coding trickery.

New Octopus Scanner malware spreads via GitHub supply chain attack

www.bleepingcomputer.com/news/security/new-octopus-scanner-malware-spreads-via-github-supply-chain-attack/ Security researchers have found a new malware that finds and backdoors open-source NetBeans projects hosted on the GitHub web-based code hosting platform to spread to Windows, Linux, and macOS systems and deploy a Remote Administration Tool (RAT). While investigating this malware, GitHub Security Lab researchers found 26 open source projects compromised by Octopus Scanner

NetWalker Ransomware – What You Need to Know

www.tripwire.com/state-of-security/featured/netwalker-ransomware-what-need-know/ NetWalker, like the Maze ransomware and a small number of other ransomware families, aggressively threatens to publish victims’ data on the internet if ransoms are not paid.

Michigan State University hit by NetWalker ransomware gang

www.zdnet.com/article/michigan-state-university-hit-by-ransomware-gang/ In case MSU officials refuse to pay or choose to restore from backups, the ransomware gang is prepared to leak documents stolen from the university’s network on a special website the group is operating on the dark web.

200K sites with buggy WordPress plugin exposed to takeover attacks and wiped sites

www.bleepingcomputer.com/news/security/200k-sites-with-buggy-wordpress-plugin-exposed-to-wipe-attacks/ PageLayer is a WordPress plugin with over 200, 000+ active installations according to numbers available on its WordPress plugins repository entry.

Hack-For-Hire Criminals Spoof WHO To Target Google Credentials

threatpost.com/hack-hire-spoof-who-google-credentials/156100/ Hack-for-hire organizations are the latest group of cybercriminals to take advantage of the ongoing coronavirus pandemic, using COVID-19 as a lure in phishing emails bent on stealing victims’ Google credentials.

Google Threat Analysis Group: Updates about government-backed hacking and disinformation

blog.google/threat-analysis-group/updates-about-government-backed-hacking-and-disinformation Last month, we sent 1, 755 warnings to users whose accounts were targets of government-backed attackers.

You might be interested in …

Daily NCSC-FI news followup 2021-05-30

Attacks On Healthcare Sector Are On The Rise www.forbes.com/sites/davidbalaban/2021/05/30/attacks-on-healthcare-sector-are-on-the-rise/ According to Bitglass, a US-based provider of threat protection services, the number of reported healthcare breaches reached 599 in 2020, a 55.1% spike compared to 2019. Hacking and IT incidents accounted for the vast majority of these incidents, exposing personally identifiable information of more than 24 […]

Read More

Daily NCSC-FI news followup 2020-11-01

Nyt tuli peli, jota puolustusministeriökin hehkuttaa: “Nyt saa pelata työajalla” www.is.fi/digitoday/tietoturva/art-2000006705549.html Digiturvallinen elämä -peli ei vie paljoa aikaa, mutta sen hyödyt voivat kantaa pitkälle. US Cyber Command exposes new Russian malware www.zdnet.com/article/us-cyber-command-exposes-new-russian-malware/#ftag=RSSbaffb68 Together with CISA and the FBI, US Cyber Command wish Russian state hackers a “Happy Halloween!”. Six of the eight samples are for […]

Read More

Daily NCSC-FI news followup 2020-12-14

Kyberuhat yleistyvät Miten Suomen yritykset pärjäävät? www.etla.fi/julkaisut/kyberuhat-yleistyvat-miten-suomen-yritykset-parjaavat/ Vaikka Suomen yritysten kyberturva onkin Euroopan keskitasoa vahvempaa, on Suomi jäämässä kehityksen kärjestä useilla eri mittareilla arvioituna. Erityisesti tietovuodot vaikuttavat tuottavan kotimaisille yrityksille poikkeuksellisen paljon haasteita. Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html FireEye has uncovered a widespread campaign, […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.