Daily NCSC-FI news followup 2020-06-26

Cardplanet’ Operator Sentenced to 9 Years for Selling Stolen Credit Cards

threatpost.com/cardplanet-operator-sentenced-stolen-credit-cards/156956/ The carding store victimized mainly U.S. citizens and is responsible for $20 million in fraudulent purchases.

Developer of Mirai, Qbot-based DDoS botnets jailed for 13 months

www.bleepingcomputer.com/news/security/developer-of-mirai-qbot-based-ddos-botnets-jailed-for-13-months/ A 22-year-old Washington man was sentenced to 13 months in prison for renting and developing Mirai and Qbot-based DDoS botnets used in DDoS attacks against targets from all over the world.

New Charges, Sentencing in Satori IoT Botnet Conspiracy

krebsonsecurity.com/2020/06/new-charges-sentencing-in-satori-iot-botnet-conspiracy/ The U.S. Justice Department today charged a Canadian and a Northern Ireland man for allegedly conspiring to build botnets that enslaved hundreds of thousands of routers and other Internet of Things (IoT) devices for use in large-scale distributed denial-of-service (DDoS) attacks.

Hackers hide credit card stealing script in favicon metadata

www.bleepingcomputer.com/news/security/hackers-hide-credit-card-stealing-scripts-in-favicon-exif-data/ Hackers are always evolving their tactics to stay one step ahead of security companies. A perfect example of this is the hiding of malicious credit card stealing scripts in the EXIF data of a favicon image to evade detection.

New Ransom X Ransomware used in Texas TxDOT cyberattack

www.bleepingcomputer.com/news/security/new-ransom-x-ransomware-used-in-texas-txdot-cyberattack/ A new ransomware called Ransom X is being actively used in human-operated and targeted attacks against government agencies and enterprises.

Evil Corp blocked from deploying ransomware on 30 major US firms

www.bleepingcomputer.com/news/security/evil-corp-blocked-from-deploying-ransomware-on-30-major-us-firms/ The Evil Corp gang was blocked from deploying WastedLocker ransomware payloads in dozens of attacks against major US corporations, including Fortune 500 companies.

Chinese bank requires foreign firm to install app with covert backdoor

arstechnica.com/information-technology/2020/06/chinese-bank-requires-foreign-firm-to-install-app-with-covert-backdoor/ A multinational tech company gets schooled in the risks of doing business in China.

Hämärä singaporelaisfirma kerää suomalaisten yhteystietoja harhauttamalla listaa kumppaneikseen nimekkäitä suomalaisyrityksiä

www.is.fi/digitoday/art-2000006553111.html Ihmisille näytetään tällä hetkellä McDonald’sin nimissä mainoksia, joissa heidät houkutellaan kyselysivulle. Tämän jälkeen aukeaa sivu, jossa kysytään vastaajan yhteystietoja “lahjakorttiarvontaan osallistumiseksi”.

Näin Suomen koronasovellus toimii tartuntatautilain väliaikainen muutos hyväksyttiin tänään

yle.fi/uutiset/3-11420551

TikTok To Stop Clipboard Snooping After Apple Privacy Feature Exposes Behavior

threatpost.com/tiktok-to-stop-clipboard-snooping-after-apple-privacy-feature-exposes-behavior/156945/ App will stop reading users’ device cut-and-paste data after a new banner alert in an Apple update uncovered the activity.

More than 75% of all vulnerabilities reside in indirect dependencies

www.zdnet.com/article/more-than-75-of-all-vulnerabilities-reside-in-indirect-dependencies/ JavaScript, Ruby, and Java are the ecosystems with most bugs in indirect dependencies.

Best Practices for IoT Security: What Does That Even Mean?

arxiv.org/abs/2004.12179 We explore not the failure to follow best practices, but rather a surprising lack of understanding, and void in the literature, on what (generically) “best practice” means, independent of meaningfully identifying specific individual practices. We also find that an overwhelming majority of recommendations (91%) are not actual practices but rather desired outcomes.

Nvidia squashes display driver code execution, information leak bugs

www.zdnet.com/article/nvidia-squashes-display-driver-code-execution-information-leak-bugs/ The vulnerabilities impact both Windows and Linux machines.

You might be interested in …

Daily NCSC-FI news followup 2020-09-15

Windows Exploit Released For Microsoft Zerologon Flaw threatpost.com/windows-exploit-microsoft-zerologon-flaw/159254/ Security researchers and U.S. government authorities alike are urging admins to address Microsofts critical privilege escalation flaw.. Proof-of-concept (PoC) exploit code has been released for a Windows flaw, which could allow attackers to infiltrate enterprises by gaining administrative privileges, giving them access to companies Active Directory domain […]

Read More

Daily NCSC-FI news followup 2020-07-18

Cloudflare outage takes down Discord, BleepingComputer, and other sites www.bleepingcomputer.com/news/technology/cloudflare-outage-takes-down-discord-bleepingcomputer-and-other-sites/ Cloudflare is having an outage that is affecting many sites including Discord, BleepingComputer, and others. It is not known what is causing the outage, but users will not be able to connect to the sites depending on the region you are located. Read also: www.forbes.com/sites/daveywinder/2020/07/18/internet-down-human-error-not-cyber-attack-to-blame-says-cloudflare/ […]

Read More

Daily NCSC-FI news followup 2019-08-06

QualPwn Bugs In Snapdragon SoC Can Attack Android Over the Air www.bleepingcomputer.com/news/security/qualpwn-bugs-in-snapdragon-soc-can-attack-android-over-the-air/ Two serious vulnerabilities in Qualcomm’s Snapdragon system-on-a-chip (SoC) WLAN firmware could be leveraged to compromise the modem and the Android kernel over the air.. The flaws were found in Qualcomm’s Snapdragon 835 and 845 WLAN component. The tests were made on Google Pixel […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.