Daily NCSC-FI news followup 2020-06-07

Fake ransomware decryptor double-encrypts desperate victims’ files

www.bleepingcomputer.com/news/security/fake-ransomware-decryptor-double-encrypts-desperate-victims-files/ A fake decryptor for the STOP Djvu Ransomware is being distributed that lures already desperate people with the promise of free decryption. Instead of getting their files back for free, they are infected with another ransomware that makes their situation even worse.

New Tekya Ad Fraud Found on Google Play

blog.trendmicro.com/trendlabs-security-intelligence/new-tekya-ad-fraud-found-on-google-play/ In late March, researchers from CheckPoint found the Tekya malware family, which was being used to carry out ad fraud, on Google Play. These apps have since been removed from the store, but we recently found a variant of this family that had made its way onto Google Play via five malicious apps, although these have also been removed.

Owners of DDoS-for-Hire Service vDOS Get 6 Months Community Service

krebsonsecurity.com/2020/06/owners-of-ddos-for-hire-service-vdos-get-6-months-community-service/ The co-owners of vDOS, a now-defunct service that for four years helped paying customers launch more than two million distributed denial-of-service (DDoS) attacks that knocked countless Internet users and websites offline, each have been sentenced to six months of community service by an Israeli court.

uBlock Origin for Chrome now blocks port scans on most sites

www.bleepingcomputer.com/news/security/ublock-origin-for-chrome-now-blocks-port-scans-on-most-sites/ A recent update to an ad block filter list now allows the uBlock Origin extension to block most of the known sites that perform port scans of your local Windows computer.

This bot hunts software bugs for the Pentagon

arstechnica.com/information-technology/2020/06/this-bot-hunts-software-bugs-for-the-pentagon/ Champion of a 2016 DARPA contest at DEFCON, now Mayhem gets used by the military.

You might be interested in …

Daily NCSC-FI news followup 2019-08-14

In the Balkans, businesses are under fire from a doublebarreled weapon www.welivesecurity.com/2019/08/14/balkans-businesses-double-barreled-weapon/ Weve discovered an ongoing campaign in the Balkans spreading two tools having a similar purpose: a backdoor and a remote access trojan we named, respectively, BalkanDoor and BalkanRAT August Patch Tuesday: Update Fixes Wormable Flaws in Remote Desktop Services, VBScript Gets Disabled by […]

Read More

Daily NCSC-FI news followup 2020-06-26

Cardplanet’ Operator Sentenced to 9 Years for Selling Stolen Credit Cards threatpost.com/cardplanet-operator-sentenced-stolen-credit-cards/156956/ The carding store victimized mainly U.S. citizens and is responsible for $20 million in fraudulent purchases. Developer of Mirai, Qbot-based DDoS botnets jailed for 13 months www.bleepingcomputer.com/news/security/developer-of-mirai-qbot-based-ddos-botnets-jailed-for-13-months/ A 22-year-old Washington man was sentenced to 13 months in prison for renting and developing Mirai […]

Read More

Daily NCSC-FI news followup 2019-10-09

Exploring a Recent Magnitude Exploit Kit Sample www.fortinet.com/blog/threat-research/magnitude-exploit-kit-sample-analysis.html As Internet Explorer’s share of the browser pie continues to shrink, exploit kits frameworks hosted by malicious actors to target browser vulnerabilities, particularly for IE are much less active than before. However, some of them now target geographic regions where IE owns a more sizable part of […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.