Categories
NCSC-FI News followup

Daily NCSC-FI news followup 2020-06-13

Fraudster gets maximum jail time for news site DDoS extortion

www.bleepingcomputer.com/news/security/fraudster-gets-maximum-jail-time-for-news-site-ddos-extortion/ Iranian-born U.S. citizen Andrew Rakhshan, previously convicted in Canada for fraud, was sentenced to the maximum sentence of five years and ordered to pay over $500, 000 after being found guilty of launching several distributed denial of service (DDoS) attacks against news websites.

Microsoft Joins Ban on Sale of Facial Recognition Tech to Police

threatpost.com/microsoft-joins-ban-on-sale-of-facial-recognition-tech-to-police/156521/ Microsoft has joined Amazon and IBM in banning the sale of facial recognition technology to police departments and pushing for federal laws to regulate the technology.

15 Individuals Plead Guilty to Multimillion-Dollar Online Auction Fraud Scheme

www.darkreading.com/attacks-breaches/15-individuals-plead-guilty-to-multimillion-dollar-online-auction-fraud-scheme/d/d-id/1338082 Fifteen Romanian nationals have pleaded guilty to a variety of charges tied to their participation in a multimillion-dollar online auction fraud scheme targeting Internet users in the US. A Department of Justice (DoJ) statement announcing the pleas described the defendants as participating in a scam where they posted false advertisements, typically for vehicles and other high-priced goods, on popular sites such as eBay and Craigslist.

Lamphone attack lets threat actors recover conversations from your light bulb

www.zdnet.com/article/lamphone-attack-lets-threat-actors-recover-conversations-from-your-light-bulb/ Academics record light variations in a light bulb to recover the sound waves (speech, conversations, songs) from a room 25 meters (80 feet) away. The technique, which they named Lamphone, revolves around the principle that objects vibrate when soundwave hits their surface. When this happens in a light bulb, academics say the vibrations also create small flickers in light emissions. They say that by using powerful sensors, they can record the light variations and reverse-engineer the sound waves that hit the light bulb’s surface.

Black Kingdom ransomware hacks networks with Pulse VPN flaws

www.bleepingcomputer.com/news/security/black-kingdom-ransomware-hacks-networks-with-pulse-vpn-flaws/ Operators of Black Kingdom ransomware are targeting enterprises with unpatched Pulse Secure VPN software or initial access on the network, security researchers have found. The malware got caught in a honeypot, allowing researchers to analyze and document the tactics used by the threat actors.

City of Florence to Pay $300, 000 Ransom after ransomware attack

securityaffairs.co/wordpress/104666/breaking-news/city-of-florence-ransomware.html Florence City in Alabama will pay a $300, 000 ransom worth of Bitcoins after its computer system was infected with a ransomware. “It appears they may have been in our system since early May over a month going through our system, ” Mayor Steve Holt said.Mayor Holt confirmed that the City’s system was infected with the DoppelPaymer ransomware.

Mirai Botnet Activity

isc.sans.edu/forums/diary/Mirai+Botnet+Activity/26234/ This past week, I noticed new activity from the Mirai botnet in my honeypot. The sample log with the IP and file associated with the first log appears to have been taken down (96.30.193.26) which appeared multiple times this week including today. . However, the last two logs from today are still active which is using a Bash script to download multiple exploits targeting various device types (MIPS, ARM4-7, MPSL, x86, PPC, M68k). Something else of interest is the User-Agent: XTC and the name viktor which appear to be linked to XTC IRC Botnet, aka Hoaxcalls.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.