Daily NCSC-FI news followup 2020-07-04

Hackers are trying to steal admin passwords from F5 BIG-IP devices

www.zdnet.com/article/hackers-are-trying-to-steal-admin-passwords-from-f5-big-ip-devices/#ftag=RSSbaffb68 In an interview earlier today, [NCC group researcher] Warren told ZDNet the attacks are malicious in nature, and hackers are attempting to steal administrator passwords from the hacked devices.

New Behave! extension warns of website port scans, local attacks

www.bleepingcomputer.com/news/security/new-behave-extension-warns-of-website-port-scans-local-attacks/ A new browser extension called Behave! will warn you if a web site is using scripts to perform scans or attacks on local and private IP addresses on your network.. In May, it was discovered that well-known sites such as eBay, Citibank, TD Bank, and more would port scan a visitor’s computer to identify Windows remote access programs running on it.

Hackers hijack Twitter account of Russias Ministry of Foreign Affairs, offer to sell stolen data

www.grahamcluley.com/hack-russia-twitter-account/ A database may or may not have been stolen, but theres no doubt that an official verified Russian government Twitter account was accessed by an unauthorised party. Most likely that may be the result of a successful phishing attack, or someone making the mistake of reusing a password.. Also

www.forbes.com/sites/daveywinder/2020/07/04/hackers-compromise-russian-foreign-ministry-twitter-account-ask-600000-for-stolen-database/#74f4d12426dd

Facebook says 5,000 app developers got user data after cutoff date

www.zdnet.com/article/facebook-says-5000-app-developers-got-user-data-after-cutoff-date/ Social media giant Facebook disclosed on Wednesday a new user privacy incident. The company said that it continued sharing user data with approximately 5,000 developers even after their application’s access expired.

Ransomware Operators Demand $14 Million From Power Company

www.securityweek.com/ransomware-operators-demand-14-million-power-company The threat actor behind the Sodinokibi (REvil) ransomware is demanding a $14 million ransom from Brazilian-based electrical energy company Light S.A.. The company has confirmed that it was hit with a cyberattack without providing specific information on the type of compromise, but AppGates security researchers, who have obtained a sample of the malware believed to have been used in the attack, are confident that the incident involves the Sodinokibi ransomware.

MAZE RANSOMWARE OPERATORS ALLEGEDLY TARGETED NATIONAL HIGHWAYS AUTHORITY OF INDIA (NHAI) DATA LEAK!!

cybleinc.com/2020/07/02/maze-ransomware-operators-allegedly-targeted-national-highways-authority-of-india-nhai-data-leak/ Update as on 07/02/2020: As part of our regular darkweb monitoring, our researchers came across the data leak of National Highways Authority of India (NHAI) been published by the Maze ransomware operators.

One out of every 142 passwords is ‘123456’

www.zdnet.com/article/one-out-of-every-142-passwords-is-123456/ The study, carried out last month by computer engineering student Ata Hakçl, analyzed username and password combinations that leaked online after data breaches at various companies.. Data at

github.com/FlameOfIgnis/Pwdb-Public

Anatomy of a Long-Con Phish

www.darkreading.com/cloud/anatomy-of-a-long-con-phish/d/d-id/1338268 A fraudster on LinkedIn used my online profile in an apparent attempt to pull off a wide-ranging scam business venture.

Thieves use lockdown as cover for EU Parliament burglaries

www.politico.eu/article/robberies-european-parliament-lockdown-coronavirus/ At least 50 MEPs have had computers, tablets and other items stolen from their European Parliament offices while they were away from Brussels during the coronavirus lockdown.

You might be interested in …

Daily NCSC-FI news followup 2019-09-11

Ryuk Related Malware Steals Confidential Military, Financial Files www.bleepingcomputer.com/news/security/ryuk-related-malware-steals-confidential-military-financial-files/ A new malware with strange associations to the Ryuk Ransomware has been discovered to look for and steal confidential financial, military, and law enforcement files. Microsoft to Improve Office 365 Phishing Email Notifications www.bleepingcomputer.com/news/security/microsoft-to-improve-office-365-phishing-email-notifications/ Microsoft is currently working on enhancing the notification system for quarantined malware […]

Read More

Daily NCSC-FI news followup 2019-11-23

FBI says hackers are targeting US auto industry us.cnn.com/2019/11/20/politics/fbi-us-auto-industry-hackers/index.html The American automotive industry has been the target of malicious cyber actors since at least late 2018, according to an FBI report obtained by CNN. Leaky Gekko Group database exposes info on hotel brands, travelers www.scmagazine.com/home/security-news/data-breach/leaky-gekko-group-database-exposes-info-on-hotel-brands-travelers/ European hotel booking platform provider Gekko Group mistakenly stored over […]

Read More

Daily NCSC-FI news followup 2020-10-17

Google warned users of 33,000 state-sponsored attacks in 2020 www.bleepingcomputer.com/news/security/google-warned-users-of-33-000-state-sponsored-attacks-in-2020/ Google delivered over 33,000 alerts to its users during the first three quarters of 2020 to warn them of state-sponsored phishing attacks targeting their accounts. Political campaign emails contain dark patterns to manipulate donors, voters www.zdnet.com/article/political-campaign-emails-contain-dark-patterns-to-manipulate-donors-voters/ Princeton researchers analyzed 100,000 different campaign emails from more […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.