Daily NCSC-FI news followup 2020-06-13

Fraudster gets maximum jail time for news site DDoS extortion

www.bleepingcomputer.com/news/security/fraudster-gets-maximum-jail-time-for-news-site-ddos-extortion/ Iranian-born U.S. citizen Andrew Rakhshan, previously convicted in Canada for fraud, was sentenced to the maximum sentence of five years and ordered to pay over $500, 000 after being found guilty of launching several distributed denial of service (DDoS) attacks against news websites.

Microsoft Joins Ban on Sale of Facial Recognition Tech to Police

threatpost.com/microsoft-joins-ban-on-sale-of-facial-recognition-tech-to-police/156521/ Microsoft has joined Amazon and IBM in banning the sale of facial recognition technology to police departments and pushing for federal laws to regulate the technology.

15 Individuals Plead Guilty to Multimillion-Dollar Online Auction Fraud Scheme

www.darkreading.com/attacks-breaches/15-individuals-plead-guilty-to-multimillion-dollar-online-auction-fraud-scheme/d/d-id/1338082 Fifteen Romanian nationals have pleaded guilty to a variety of charges tied to their participation in a multimillion-dollar online auction fraud scheme targeting Internet users in the US. A Department of Justice (DoJ) statement announcing the pleas described the defendants as participating in a scam where they posted false advertisements, typically for vehicles and other high-priced goods, on popular sites such as eBay and Craigslist.

Lamphone attack lets threat actors recover conversations from your light bulb

www.zdnet.com/article/lamphone-attack-lets-threat-actors-recover-conversations-from-your-light-bulb/ Academics record light variations in a light bulb to recover the sound waves (speech, conversations, songs) from a room 25 meters (80 feet) away. The technique, which they named Lamphone, revolves around the principle that objects vibrate when soundwave hits their surface. When this happens in a light bulb, academics say the vibrations also create small flickers in light emissions. They say that by using powerful sensors, they can record the light variations and reverse-engineer the sound waves that hit the light bulb’s surface.

Black Kingdom ransomware hacks networks with Pulse VPN flaws

www.bleepingcomputer.com/news/security/black-kingdom-ransomware-hacks-networks-with-pulse-vpn-flaws/ Operators of Black Kingdom ransomware are targeting enterprises with unpatched Pulse Secure VPN software or initial access on the network, security researchers have found. The malware got caught in a honeypot, allowing researchers to analyze and document the tactics used by the threat actors.

City of Florence to Pay $300, 000 Ransom after ransomware attack

securityaffairs.co/wordpress/104666/breaking-news/city-of-florence-ransomware.html Florence City in Alabama will pay a $300, 000 ransom worth of Bitcoins after its computer system was infected with a ransomware. “It appears they may have been in our system since early May over a month going through our system, ” Mayor Steve Holt said.Mayor Holt confirmed that the City’s system was infected with the DoppelPaymer ransomware.

Mirai Botnet Activity

isc.sans.edu/forums/diary/Mirai+Botnet+Activity/26234/ This past week, I noticed new activity from the Mirai botnet in my honeypot. The sample log with the IP and file associated with the first log appears to have been taken down (96.30.193.26) which appeared multiple times this week including today. . However, the last two logs from today are still active which is using a Bash script to download multiple exploits targeting various device types (MIPS, ARM4-7, MPSL, x86, PPC, M68k). Something else of interest is the User-Agent: XTC and the name viktor which appear to be linked to XTC IRC Botnet, aka Hoaxcalls.

You might be interested in …

Daily NCSC-FI news followup 2019-09-27

Some Voting Machines Still Have Decade-Old Vulnerabilities www.wired.com/story/voting-village-results-hacking-decade-old-bugs/ The results of the 2019 Defcon Voting Village are inand they paint an ugly picture for voting machine security.. In three short years, the Defcon Voting Village has gone from a radical hacking project to a stalwart that surfaces voting machine security issues. This afternoon, its organizers […]

Read More

Daily NCSC-FI news followup 2020-09-21

JAMK kartoitti kyberharjoitusympäristöjä: Euroopassa tietoverkkohyökkäyksiä vastaan harjoitellaan aktiivisesti www.epressi.com/tiedotteet/tietoturva/jamk-kartoitti-kyberharjoitusymparistoja-euroopassa-tietoverkkohyokkayksia-vastaan-harjoitellaan-aktiivisesti.html Jyväskylän ammattikorkeakoulussa (JAMK) on selvitetty eurooppalaisia kyberturvallisuusympäristöjä ja niiden ominaisuuksia. Laaja selvitys on Euroopassa ensimmäinen laatuaan. Raportoituja eurooppalaisia kyberturvallisuusharjoitusympäristöjä (cyber range) löytyi selvityksessä kolmekymmentäyhdeksän. Suomalaisia harjoitusympäristöjä raportointiin maakohtaisesti eniten, yhteensä seitsemän. Slightly broken overlay phishing isc.sans.edu/forums/diary/Slightly+broken+overlay+phishing/26586/ At the Internet Storm Center, we often receive examples of […]

Read More

Daily NCSC-FI news followup 2020-07-15

Mozilla Joins Apple, Google in Reducing TLS Certificate Lifespans – starting September 1, 2020 rootdaemon.com/2020/07/14/mozilla-joins-apple-google-in-reducing-tls-certificate-lifespans/ Currently, SSL/TLS certificates have a maximum lifespan of 825 days, but, in an attempt to ensure better protection of HTTPS connections, browser makers such as Apple, Google and Mozilla are looking into reducing that period to 398 days. The TLS […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.