Daily NCSC-FI news followup 2020-07-04

Hackers are trying to steal admin passwords from F5 BIG-IP devices

www.zdnet.com/article/hackers-are-trying-to-steal-admin-passwords-from-f5-big-ip-devices/#ftag=RSSbaffb68 In an interview earlier today, [NCC group researcher] Warren told ZDNet the attacks are malicious in nature, and hackers are attempting to steal administrator passwords from the hacked devices.

New Behave! extension warns of website port scans, local attacks

www.bleepingcomputer.com/news/security/new-behave-extension-warns-of-website-port-scans-local-attacks/ A new browser extension called Behave! will warn you if a web site is using scripts to perform scans or attacks on local and private IP addresses on your network.. In May, it was discovered that well-known sites such as eBay, Citibank, TD Bank, and more would port scan a visitor’s computer to identify Windows remote access programs running on it.

Hackers hijack Twitter account of Russias Ministry of Foreign Affairs, offer to sell stolen data

www.grahamcluley.com/hack-russia-twitter-account/ A database may or may not have been stolen, but theres no doubt that an official verified Russian government Twitter account was accessed by an unauthorised party. Most likely that may be the result of a successful phishing attack, or someone making the mistake of reusing a password.. Also


Facebook says 5,000 app developers got user data after cutoff date

www.zdnet.com/article/facebook-says-5000-app-developers-got-user-data-after-cutoff-date/ Social media giant Facebook disclosed on Wednesday a new user privacy incident. The company said that it continued sharing user data with approximately 5,000 developers even after their application’s access expired.

Ransomware Operators Demand $14 Million From Power Company

www.securityweek.com/ransomware-operators-demand-14-million-power-company The threat actor behind the Sodinokibi (REvil) ransomware is demanding a $14 million ransom from Brazilian-based electrical energy company Light S.A.. The company has confirmed that it was hit with a cyberattack without providing specific information on the type of compromise, but AppGates security researchers, who have obtained a sample of the malware believed to have been used in the attack, are confident that the incident involves the Sodinokibi ransomware.


cybleinc.com/2020/07/02/maze-ransomware-operators-allegedly-targeted-national-highways-authority-of-india-nhai-data-leak/ Update as on 07/02/2020: As part of our regular darkweb monitoring, our researchers came across the data leak of National Highways Authority of India (NHAI) been published by the Maze ransomware operators.

One out of every 142 passwords is ‘123456’

www.zdnet.com/article/one-out-of-every-142-passwords-is-123456/ The study, carried out last month by computer engineering student Ata Hakçl, analyzed username and password combinations that leaked online after data breaches at various companies.. Data at


Anatomy of a Long-Con Phish

www.darkreading.com/cloud/anatomy-of-a-long-con-phish/d/d-id/1338268 A fraudster on LinkedIn used my online profile in an apparent attempt to pull off a wide-ranging scam business venture.

Thieves use lockdown as cover for EU Parliament burglaries

www.politico.eu/article/robberies-european-parliament-lockdown-coronavirus/ At least 50 MEPs have had computers, tablets and other items stolen from their European Parliament offices while they were away from Brussels during the coronavirus lockdown.

You might be interested in …

Daily NCSC-FI news followup 2021-01-30

Trust is the key component of human-centric data economy impulssilvm.fi/2021/01/30/trust-is-the-key-component-of-human-centric-data-economy/ Data and digital innovation are vital for achieving public value, sustainable development goals, and tackling climate change, poverty and exclusion. In Finland, we speak of human-centric data economy, and you might wonder, why? It is because we believe that the critical raw material is not […]

Read More

Daily NCSC-FI news followup 2019-11-27

Its Way Too Easy to Get a .gov Domain Name krebsonsecurity.com/2019/11/its-way-too-easy-to-get-a-gov-domain-name/ Many readers probably believe they can trust links and emails coming from U.S. federal government domain names, or else assume there are at least more stringent verification requirements involved in obtaining a .gov domain versus a commercial one ending in .com or .org. But […]

Read More

Daily NCSC-FI news followup 2020-03-09

A vulnerability is Microsoft Exchange servers is being actively exploited by multiple APT groups, researchers warn. threatpost.com/microsoft-exchange-server-flaw-exploited-in-apt-attacks/153527/ Multiple threat groups are actively exploiting a vulnerability in Microsoft Exchange servers, researchers warn. If left unpatched, the flaw allows authenticated attackers to execute code remotely with system privileges.. see also www.thezdi.com/blog/2020/2/24/cve-2020-0688-remote-code-execution-on-microsoft-exchange-server-through-fixed-cryptographic-keys ENTSO-E: cyber intrusion on its office […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.