Daily NCSC-FI news followup 2020-06-14

Privnotes.com Is Phishing Bitcoin from Users of Private Messaging Service Privnote.com

krebsonsecurity.com/2020/06/privnotes-com-is-phishing-bitcoin-from-users-of-private-messaging-service-privnote-com/ For the past year, a site called Privnotes.com has been impersonating Privnote.com, a legitimate, free service that offers private, encrypted messages which self-destruct automatically after they are read. Until recently, I couldn’t quite work out what Privnotes was up to, but today it became crystal clear: Any messages containing bitcoin addresses will be automatically altered to include a different bitcoin address, as long as the Internet addresses of the sender and receiver of the message are not the same.

Maze ransomware gang hacked M&A firm Threadstone Advisors LLP

securityaffairs.co/wordpress/104718/cyber-crime/threadstone-advisors-maze-ransomware.html Threadstone Advisors LLP, a corporate advisory firm specialising in mergers n’ acquisitions, is the last victim of the Maze ransomware operators. MAZE ransomware operators have stolen the data of the company before encrypting its systems and threaten to leak it in case the victim will not pay the ransom.

Coronavirus-themed attacks May 31 June 13, 2020

securityaffairs.co/wordpress/104730/cyber-crime/coronavirus-themed-attacks-may-31-june-13-2020.html This post includes the details of the Coronavirus-themed attacks launched from May 31 to June 13, 2020. Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases.

Fake govt-issued COVID-19 contact tracing apps spread spyware

www.hackread.com/fake-govt-covid-19-contact-tracing-apps-spread-spyware/ IT security researchers at Anomali have discovered yet another scam in which attackers are using fake COVID-19 contact tracing apps to infect Android devices. These malicious apps drop spyware, trojan, and adware on targeted devices across the globe. What’s noteworthy is these fake apps mimic official government-issued apps for COVID-19 contact tracing. According to researchers, there are 12 such apps scamming users in 10 countries including Armenia, Brazil, Columbia, Indonesia, India, Iran, Italy, Kyrgyzstan, Russia, and Singapore.

Extortionists threaten to destroy sites in fake ransom attacks

www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/ Scammers are targeting website owners with blackmail messages asking them to pay ransoms between $1, 500 and $3, 000 in bitcoins to avoid having their sites’ databases leaked and their reputation destroyed. As the fraudsters falsely claim, they exfiltrate the databases to attacker-controlled servers using credentials harvested after exploiting a vulnerability found within the sites’ software.

You might be interested in …

Daily NCSC-FI news followup 2020-11-10

With Great Power comes Great Leakage platypusattack.com/ With PLATYPUS, we present novel software-based power side-channel attacks on Intel server, desktop and laptop CPUs. We exploit the unprivileged access to the Intel RAPL interface exposing the processor’s power consumption to infer data and extract cryptographic keys. Lisäksi: www.zdnet.com/article/new-platypus-attack-can-steal-data-from-intel-cpus. Lisäksi: arstechnica.com/information-technology/2020/11/intel-sgx-defeated-yet-again-this-time-thanks-to-on-chip-power-meter/. Lisäksi: www.theregister.com/2020/11/10/intel_sgx_side_channel/ Microsoft Releases November 2020 […]

Read More

Daily NCSC-FI news followup 2020-02-04

TeamViewer whynotsecurity.com/blog/teamviewer/ TL;DR: TeamViewer stored user passwords encrypted with AES-128-CBC with they key of 0602000000a400005253413100040000 and iv of 0100010067244F436E6762F25EA8D704 in the Windows registry. If the password is reused anywhere, privilege escalation is possible. If you do not have RDP rights to machine but TeamViewer is installed, you can use TeamViewer to remote in. TeamViewer also […]

Read More

Daily NCSC-FI news followup 2020-01-03

Don’t Xiaomi pics of other people’s places! Chinese kitmaker fingers dodgy Boxing Day cache update after Google banishes it from Home www.theregister.co.uk/2020/01/03/google_blocks_xiaomi/ Xiaomi has blamed some post-Christmas cache digestion problems after finding itself plonked on the naughty step by Google which blocked the Chinese tech conglomerate’s devices from its Nest Hub and Assistant last night. […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.