Daily NCSC-FI news followup 2020-06-14

Privnotes.com Is Phishing Bitcoin from Users of Private Messaging Service Privnote.com

krebsonsecurity.com/2020/06/privnotes-com-is-phishing-bitcoin-from-users-of-private-messaging-service-privnote-com/ For the past year, a site called Privnotes.com has been impersonating Privnote.com, a legitimate, free service that offers private, encrypted messages which self-destruct automatically after they are read. Until recently, I couldn’t quite work out what Privnotes was up to, but today it became crystal clear: Any messages containing bitcoin addresses will be automatically altered to include a different bitcoin address, as long as the Internet addresses of the sender and receiver of the message are not the same.

Maze ransomware gang hacked M&A firm Threadstone Advisors LLP

securityaffairs.co/wordpress/104718/cyber-crime/threadstone-advisors-maze-ransomware.html Threadstone Advisors LLP, a corporate advisory firm specialising in mergers n’ acquisitions, is the last victim of the Maze ransomware operators. MAZE ransomware operators have stolen the data of the company before encrypting its systems and threaten to leak it in case the victim will not pay the ransom.

Coronavirus-themed attacks May 31 June 13, 2020

securityaffairs.co/wordpress/104730/cyber-crime/coronavirus-themed-attacks-may-31-june-13-2020.html This post includes the details of the Coronavirus-themed attacks launched from May 31 to June 13, 2020. Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases.

Fake govt-issued COVID-19 contact tracing apps spread spyware

www.hackread.com/fake-govt-covid-19-contact-tracing-apps-spread-spyware/ IT security researchers at Anomali have discovered yet another scam in which attackers are using fake COVID-19 contact tracing apps to infect Android devices. These malicious apps drop spyware, trojan, and adware on targeted devices across the globe. What’s noteworthy is these fake apps mimic official government-issued apps for COVID-19 contact tracing. According to researchers, there are 12 such apps scamming users in 10 countries including Armenia, Brazil, Columbia, Indonesia, India, Iran, Italy, Kyrgyzstan, Russia, and Singapore.

Extortionists threaten to destroy sites in fake ransom attacks

www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/ Scammers are targeting website owners with blackmail messages asking them to pay ransoms between $1, 500 and $3, 000 in bitcoins to avoid having their sites’ databases leaked and their reputation destroyed. As the fraudsters falsely claim, they exfiltrate the databases to attacker-controlled servers using credentials harvested after exploiting a vulnerability found within the sites’ software.

You might be interested in …

Daily NCSC-FI news followup 2019-11-16

Holiday Shoppers Beware: 100K Malicious Sites Found Posing as Well-Known Retailers threatpost.com/holiday-shoppers-malicious-sites-posing-retailers/150326/ As the holiday season looms, cybercrooks are going after shoppers with more than 100,000 lookalike domains mimicking legitimate retailers.. To that point, Venafi researchers uncovered the copycat phishing sites, which use trusted, valid TLS certificates (60 percent of them are free certificates from […]

Read More

Daily NCSC-FI news followup 2020-09-08

Microsoft September 2020 Patch Tuesday fixes 129 vulnerabilities www.zdnet.com/article/microsoft-september-2020-patch-tuesday-fixes-129-vulnerabilities/ Twenty critical remote code execution bugs have been patched this month, including in Windows and SharePoint enterprise servers. See also: isc.sans.edu/diary/rss/26544 Critical Adobe Flaws Allow Attackers to Run JavaScript in Browsers threatpost.com/critical-adobe-flaws-attackers-javascript-browsers/159026/ Adobe patched 11 bugs overall in its Experience Manager; five of those are rated […]

Read More

Daily NCSC-FI news followup 2019-10-16

Phorpiex Botnet Sending Out Millions of Sextortion Emails Using Hacked Computers thehackernews.com/2019/10/phorpiex-botnet-sextortion-emails.html A decade-old botnet malware that currently controls over 450,000 computers worldwide has recently shifted its operations from infecting machines with ransomware or crypto miners to abusing them for sending out sextortion emails to millions of innocent people. Docker Containers Riddled with Graboid Crypto-Worm […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.