Daily NCSC-FI news followup 2020-07-01

Experts: COVID Multiplying Risks To Critical Infrastructure

www.forbes.com/sites/paulfroberts/2020/07/01/experts-covid-multiplying-risks-to-critical-infrastructure/ Former DHS Secretary Michael Chertoff warned on Tuesday that changes wrought by the COVID global pandemic are exacerbating vulnerabilities in the global economy, including the risk of crippling cyber attacks on critical infrastructure like the electric grid.

China’s Software Stalked Uighurs Earlier and More Widely, Researchers Learn

www.nytimes.com/2020/07/01/technology/china-uighurs-hackers-malware-hackers-smartphones.html A new report revealed a broad campaign that targeted Muslims in China and their diaspora in other countries, beginning as early as 2013. Report:

blog.lookout.com/multiyear-surveillance-campaigns-discovered-targeting-uyghurs

Did a Chinese Hack Kill Canada’s Greatest Tech Company?

www.bloomberg.com/news/features/2020-07-01/did-china-steal-canada-s-edge-in-5g-from-nortel Nortel was once a world leader in wireless technology. Then came a hack and the rise of Huawei.

Dozens of US news sites hacked in WastedLocker ransomware attacks

www.bleepingcomputer.com/news/security/dozens-of-us-news-sites-hacked-in-wastedlocker-ransomware-attacks/ The Evil Corp gang hacked into dozens of US newspaper websites owned by the same company to infect the employees of over 30 major US private firms using fake software update alerts displayed by the malicious SocGholish JavaScript-based framework.

A customer allegedly lost $1.9 million due to AT&T’s handling of a number transfer request.

www.zdnet.com/article/at-t-dragged-to-court-again-over-sim-hijacking-and-cryptocurrency-theft/AT&T

Microsoft releases urgent security updates for Windows 10 Codecs bugs

www.bleepingcomputer.com/news/security/microsoft-releases-urgent-security-updates-for-windows-10-codecs-bugs/ Microsoft has released two out-of-band security updates to address remote code execution security vulnerabilities affecting the Microsoft Windows Codecs Library on several Windows 10 and Windows Server versions. Exploitation of these vulnerabilities requires a program to process a specially crafted image file.

After six months of stonewalling by Apple, app dev goes public with macOS privacy protection bypass

www.theregister.com/2020/07/01/apple_macos_privacy_bypass/ So much for preventing malicious software from peeking at sensitive files

EvilQuest ransomware is a file-stealing Mac wiper in disguise

www.bleepingcomputer.com/news/security/evilquest-wiper-uses-ransomware-cover-to-steal-files-from-macs/ A new data wiper and info-stealer called EvilQuest is using ransomware as a decoy to steal files from macOS users. The victims get infected after downloading trojanized installers of popular apps from torrent trackers.

Windows POS malware uses DNS to smuggle stolen credit cards

www.bleepingcomputer.com/news/security/windows-pos-malware-uses-dns-to-smuggle-stolen-credit-cards/ A Windows Point-of-Sale (POS) malware has been discovered using the DNS protocol to smuggle stolen credit cards to a remote server under attacker’s control.

Into the Rabbit Hole Offensive DNS Tunneling Rootkits

www.fortinet.com/blog/threat-research/into-the-rabbit-hole-offensive-dns-tunneling-rootkits

US Govt shares tips on defending against cyberattacks via Tor

www.bleepingcomputer.com/news/security/us-govt-shares-tips-on-defending-against-cyberattacks-via-tor/ The Cybersecurity and Infrastructure Security Agency (CISA) today issued guidance on how to protect against cyberattacks launched from the activity originating from or routed through the Tor anonymity network.

Päivö-myrsky tuhosi sähköverkkoja Suomessa täysin Sähköt poikki 100 000 asiakkaalta

www.tivi.fi/uutiset/tv/8e209f83-b462-449b-8d0c-98284ec803b9 Tiistaina Itä-Suomea riepotellut Päivö-myrsky katkaisi sähköt 100 000 asiakkaalta.

Politico: Skandaalimainen murto Euroopan parlamenttiin kasapäin läppäreitä ja tabletteja lähtenyt varkaiden matkaan

www.tivi.fi/uutiset/tv/0f05fcca-ae98-4a00-b907-a35173ee4436 Varmistamattomien tietojen mukaan jatkuvien varkauksien uhriksi on saattanut joutua jopa 100 europarlamentaarikkoa.

A Second Look at CVE-2019-19781 (Citrix NetScaler / ADC)

blog.fox-it.com/2020/07/01/a-second-look-at-cve-2019-19781-citrix-netscaler-adc/ In this blog post we will revisit CVE-2019-19781, a Remote Code Execution vulnerability affecting Citrix NetScaler / ADC. We will explore how this issue has been widely abused by various actors and how a hacker turf war led to some actors adversary patching the vulnerability in order to prevent secondary compromise by competing adversaries hiding the true number of vulnerable and

You might be interested in …

Daily NCSC-FI news followup 2019-11-17

Indian officials acknowledged on October 30th that a cyberattack occurred at the countrys Kudankulam nuclear power plant. thebulletin.org/2019/11/lessons-from-the-cyberattack-on-indias-largest-nuclear-power-plant/ While reactor operations at Kudankulam were reportedly unaffected, this incident should serve as yet another wake-up call that the nuclear power industry needs to take cybersecurity more seriously.. The problem of cybersecurity is not new to the […]

Read More

Daily NCSC-FI news followup 2019-08-26

Poliisi varoittaa ihmisiä yhä yleisemmiksi käyvistä verkkorikoksista. Esimerkiksi niin sanottuja pomohuijauksia yritetään yllättäviinkin kohteisiin. www.tivi.fi/uutiset/tv/dd810717-424e-4651-b482-e5c5014dcdd5 Tänä vuonna on tehty jo 196 rikosilmoitusta epäillystä toimitusjohtajapetoksesta ja poliisin arvion mukaan yritykset ja muut rikosten kohteeksi joutuneet toimijat ovat menettäneet rikosten takia rahaa arviolta 4,2 miljoonaa euroa. Valtio aikoo fuusioida edellisen hallituksen sote- ja maakuntayhdistyksen yhteydessä perustamat it-yhtiöt […]

Read More

Daily NCSC-FI news followup 2019-08-05

– From State-Sponsored Attackers to Common Cybercriminals: Destructive Attacks on the Rise securityintelligence.com/posts/from-state-sponsored-attackers-to-common-cybercriminals-destructive-attacks-on-the-rise/ Destructive attacks have left their mark over the past few years, wiping data and rendering millions of enterprise devices inoperable at companies around the world. A new report today from IBM X-Force Incident Response and Intelligence Services (IRIS) shows that these attacks […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.