Daily NCSC-FI news followup 2020-07-01

Experts: COVID Multiplying Risks To Critical Infrastructure

www.forbes.com/sites/paulfroberts/2020/07/01/experts-covid-multiplying-risks-to-critical-infrastructure/ Former DHS Secretary Michael Chertoff warned on Tuesday that changes wrought by the COVID global pandemic are exacerbating vulnerabilities in the global economy, including the risk of crippling cyber attacks on critical infrastructure like the electric grid.

China’s Software Stalked Uighurs Earlier and More Widely, Researchers Learn

www.nytimes.com/2020/07/01/technology/china-uighurs-hackers-malware-hackers-smartphones.html A new report revealed a broad campaign that targeted Muslims in China and their diaspora in other countries, beginning as early as 2013. Report:


Did a Chinese Hack Kill Canada’s Greatest Tech Company?

www.bloomberg.com/news/features/2020-07-01/did-china-steal-canada-s-edge-in-5g-from-nortel Nortel was once a world leader in wireless technology. Then came a hack and the rise of Huawei.

Dozens of US news sites hacked in WastedLocker ransomware attacks

www.bleepingcomputer.com/news/security/dozens-of-us-news-sites-hacked-in-wastedlocker-ransomware-attacks/ The Evil Corp gang hacked into dozens of US newspaper websites owned by the same company to infect the employees of over 30 major US private firms using fake software update alerts displayed by the malicious SocGholish JavaScript-based framework.

A customer allegedly lost $1.9 million due to AT&T’s handling of a number transfer request.


Microsoft releases urgent security updates for Windows 10 Codecs bugs

www.bleepingcomputer.com/news/security/microsoft-releases-urgent-security-updates-for-windows-10-codecs-bugs/ Microsoft has released two out-of-band security updates to address remote code execution security vulnerabilities affecting the Microsoft Windows Codecs Library on several Windows 10 and Windows Server versions. Exploitation of these vulnerabilities requires a program to process a specially crafted image file.

After six months of stonewalling by Apple, app dev goes public with macOS privacy protection bypass

www.theregister.com/2020/07/01/apple_macos_privacy_bypass/ So much for preventing malicious software from peeking at sensitive files

EvilQuest ransomware is a file-stealing Mac wiper in disguise

www.bleepingcomputer.com/news/security/evilquest-wiper-uses-ransomware-cover-to-steal-files-from-macs/ A new data wiper and info-stealer called EvilQuest is using ransomware as a decoy to steal files from macOS users. The victims get infected after downloading trojanized installers of popular apps from torrent trackers.

Windows POS malware uses DNS to smuggle stolen credit cards

www.bleepingcomputer.com/news/security/windows-pos-malware-uses-dns-to-smuggle-stolen-credit-cards/ A Windows Point-of-Sale (POS) malware has been discovered using the DNS protocol to smuggle stolen credit cards to a remote server under attacker’s control.

Into the Rabbit Hole Offensive DNS Tunneling Rootkits


US Govt shares tips on defending against cyberattacks via Tor

www.bleepingcomputer.com/news/security/us-govt-shares-tips-on-defending-against-cyberattacks-via-tor/ The Cybersecurity and Infrastructure Security Agency (CISA) today issued guidance on how to protect against cyberattacks launched from the activity originating from or routed through the Tor anonymity network.

Päivö-myrsky tuhosi sähköverkkoja Suomessa täysin Sähköt poikki 100 000 asiakkaalta

www.tivi.fi/uutiset/tv/8e209f83-b462-449b-8d0c-98284ec803b9 Tiistaina Itä-Suomea riepotellut Päivö-myrsky katkaisi sähköt 100 000 asiakkaalta.

Politico: Skandaalimainen murto Euroopan parlamenttiin kasapäin läppäreitä ja tabletteja lähtenyt varkaiden matkaan

www.tivi.fi/uutiset/tv/0f05fcca-ae98-4a00-b907-a35173ee4436 Varmistamattomien tietojen mukaan jatkuvien varkauksien uhriksi on saattanut joutua jopa 100 europarlamentaarikkoa.

A Second Look at CVE-2019-19781 (Citrix NetScaler / ADC)

blog.fox-it.com/2020/07/01/a-second-look-at-cve-2019-19781-citrix-netscaler-adc/ In this blog post we will revisit CVE-2019-19781, a Remote Code Execution vulnerability affecting Citrix NetScaler / ADC. We will explore how this issue has been widely abused by various actors and how a hacker turf war led to some actors adversary patching the vulnerability in order to prevent secondary compromise by competing adversaries hiding the true number of vulnerable and

You might be interested in …

Daily NCSC-FI news followup 2020-03-05

Attackers Taking Advantage of the Coronavirus/COVID-19 Media Frenzy www.fortinet.com/blog/threat-research/attackers-taking-advantage-of-the-coronavirus-covid-19-media-frenzy.html Over the past several weeks, FortiGuard Labs has been observing a significant increase in both legitimate and malicious activity surrounding the Coronavirus.. Threat findings via OSINT channels have yielded multiple themes, such as those appearing to be reports from trusted sources, such as governmental agencies, news […]

Read More

Daily NCSC-FI news followup 2020-11-21

Leaky Buddies: Cross-Component Covert Channels on Integrated CPU-GPU Systems arxiv.org/pdf/2011.09642.pdf Integrated GPUs share some resources with the CPU and as a result, there is a potential for microarchitectural attacks from the GPU to the CPU or vice versa. We believe this type of attack, crossing the component boundary (GPU to CPU or vice versa) is […]

Read More

Daily NCSC-FI news followup 2020-07-24

Garmin outage caused by confirmed WastedLocker ransomware attack www.bleepingcomputer.com/news/security/garmin-outage-caused-by-confirmed-wastedlocker-ransomware-attack/ Wearable device maker Garmin shut down some of its connected services and call centers on Thursday following what the company called a worldwide outage, now confirmed to be caused by a WastedLocker ransomware attack. Lisäksi www.zdnet.com/article/garmin-services-and-production-go-down-after-ransomware-attack/ ja www.forbes.com/sites/leemathews/2020/07/23/garmins-alleged-ransomware-wastedlocker-evil-corp/ ja thehackernews.com/2020/07/garmin-ransomware-attack.html ja threatpost.com/garmin-suffers-ransomware-attack/157698/ Poliisi varoittaa Microsoft huijaussoitoista […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.