Daily NCSC-FI news followup 2020-06-26

Cardplanet’ Operator Sentenced to 9 Years for Selling Stolen Credit Cards

threatpost.com/cardplanet-operator-sentenced-stolen-credit-cards/156956/ The carding store victimized mainly U.S. citizens and is responsible for $20 million in fraudulent purchases.

Developer of Mirai, Qbot-based DDoS botnets jailed for 13 months

www.bleepingcomputer.com/news/security/developer-of-mirai-qbot-based-ddos-botnets-jailed-for-13-months/ A 22-year-old Washington man was sentenced to 13 months in prison for renting and developing Mirai and Qbot-based DDoS botnets used in DDoS attacks against targets from all over the world.

New Charges, Sentencing in Satori IoT Botnet Conspiracy

krebsonsecurity.com/2020/06/new-charges-sentencing-in-satori-iot-botnet-conspiracy/ The U.S. Justice Department today charged a Canadian and a Northern Ireland man for allegedly conspiring to build botnets that enslaved hundreds of thousands of routers and other Internet of Things (IoT) devices for use in large-scale distributed denial-of-service (DDoS) attacks.

Hackers hide credit card stealing script in favicon metadata

www.bleepingcomputer.com/news/security/hackers-hide-credit-card-stealing-scripts-in-favicon-exif-data/ Hackers are always evolving their tactics to stay one step ahead of security companies. A perfect example of this is the hiding of malicious credit card stealing scripts in the EXIF data of a favicon image to evade detection.

New Ransom X Ransomware used in Texas TxDOT cyberattack

www.bleepingcomputer.com/news/security/new-ransom-x-ransomware-used-in-texas-txdot-cyberattack/ A new ransomware called Ransom X is being actively used in human-operated and targeted attacks against government agencies and enterprises.

Evil Corp blocked from deploying ransomware on 30 major US firms

www.bleepingcomputer.com/news/security/evil-corp-blocked-from-deploying-ransomware-on-30-major-us-firms/ The Evil Corp gang was blocked from deploying WastedLocker ransomware payloads in dozens of attacks against major US corporations, including Fortune 500 companies.

Chinese bank requires foreign firm to install app with covert backdoor

arstechnica.com/information-technology/2020/06/chinese-bank-requires-foreign-firm-to-install-app-with-covert-backdoor/ A multinational tech company gets schooled in the risks of doing business in China.

Hämärä singaporelaisfirma kerää suomalaisten yhteystietoja harhauttamalla listaa kumppaneikseen nimekkäitä suomalaisyrityksiä

www.is.fi/digitoday/art-2000006553111.html Ihmisille näytetään tällä hetkellä McDonald’sin nimissä mainoksia, joissa heidät houkutellaan kyselysivulle. Tämän jälkeen aukeaa sivu, jossa kysytään vastaajan yhteystietoja “lahjakorttiarvontaan osallistumiseksi”.

Näin Suomen koronasovellus toimii tartuntatautilain väliaikainen muutos hyväksyttiin tänään


TikTok To Stop Clipboard Snooping After Apple Privacy Feature Exposes Behavior

threatpost.com/tiktok-to-stop-clipboard-snooping-after-apple-privacy-feature-exposes-behavior/156945/ App will stop reading users’ device cut-and-paste data after a new banner alert in an Apple update uncovered the activity.

More than 75% of all vulnerabilities reside in indirect dependencies

www.zdnet.com/article/more-than-75-of-all-vulnerabilities-reside-in-indirect-dependencies/ JavaScript, Ruby, and Java are the ecosystems with most bugs in indirect dependencies.

Best Practices for IoT Security: What Does That Even Mean?

arxiv.org/abs/2004.12179 We explore not the failure to follow best practices, but rather a surprising lack of understanding, and void in the literature, on what (generically) “best practice” means, independent of meaningfully identifying specific individual practices. We also find that an overwhelming majority of recommendations (91%) are not actual practices but rather desired outcomes.

Nvidia squashes display driver code execution, information leak bugs

www.zdnet.com/article/nvidia-squashes-display-driver-code-execution-information-leak-bugs/ The vulnerabilities impact both Windows and Linux machines.

You might be interested in …

Daily NCSC-FI news followup 2020-12-30

DHS orders federal agencies to update SolarWinds Orion platform www.bleepingcomputer.com/news/security/dhs-orders-federal-agencies-to-update-solarwinds-orion-platform/ The Cybersecurity and Infrastructure Security Agency (CISA) has ordered all US federal agencies to update the SolarWinds Orion platform to the latest version by the end of business hours on December 31, 2020. Microsoft: SolarWinds hackers’ goal was the victims’ cloud data www.bleepingcomputer.com/news/security/microsoft-solarwinds-hackers-goal-was-the-victims-cloud-data/ Microsoft says […]

Read More

Daily NCSC-FI news followup 2019-11-24

CNAME Cloaking, the dangerous disguise of third-party trackers medium.com/nextdns/cname-cloaking-the-dangerous-disguise-of-third-party-trackers-195205dc522a What has started to happen in the last few months in the world of third-party tracking is having a major impact on peoples privacy, and it all stayed pretty much under the radar. How to Avoid Black Friday Scams Online www.wired.com/story/how-to-avoid-black-friday-scams-online/ Black Friday attracts crowds, and […]

Read More

Daily NCSC-FI news followup 2020-10-03

Kyberturvallisuuden superkuukausi on täällä taas! www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/kyberturvallisuuden-superkuukausi-taalla-taas Lokakuussa kyberturvallisuus saa siivet, kun Euroopan kyberturvallisuuskuukausi, European Cyber Security Month taas alkaa. Eurooppalainen kyberin yhteisponnistus näkyy ja kuuluu verkkosivuillamme ja somekanavissamme. Kampanja on tarkoitettu meille kaikille. Laitetaan yhdessä kyberturvallisuuden perustaidot kuntoon! CERT-SE Challenge 2020 – Will you accept our challenge? cert.se/2020/09/cert-se-challenge-2020 CERT-SE kicks the cybersecurity month off with […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.