Daily NCSC-FI news followup 2020-07-04

Hackers are trying to steal admin passwords from F5 BIG-IP devices

www.zdnet.com/article/hackers-are-trying-to-steal-admin-passwords-from-f5-big-ip-devices/#ftag=RSSbaffb68 In an interview earlier today, [NCC group researcher] Warren told ZDNet the attacks are malicious in nature, and hackers are attempting to steal administrator passwords from the hacked devices.

New Behave! extension warns of website port scans, local attacks

www.bleepingcomputer.com/news/security/new-behave-extension-warns-of-website-port-scans-local-attacks/ A new browser extension called Behave! will warn you if a web site is using scripts to perform scans or attacks on local and private IP addresses on your network.. In May, it was discovered that well-known sites such as eBay, Citibank, TD Bank, and more would port scan a visitor’s computer to identify Windows remote access programs running on it.

Hackers hijack Twitter account of Russias Ministry of Foreign Affairs, offer to sell stolen data

www.grahamcluley.com/hack-russia-twitter-account/ A database may or may not have been stolen, but theres no doubt that an official verified Russian government Twitter account was accessed by an unauthorised party. Most likely that may be the result of a successful phishing attack, or someone making the mistake of reusing a password.. Also

www.forbes.com/sites/daveywinder/2020/07/04/hackers-compromise-russian-foreign-ministry-twitter-account-ask-600000-for-stolen-database/#74f4d12426dd

Facebook says 5,000 app developers got user data after cutoff date

www.zdnet.com/article/facebook-says-5000-app-developers-got-user-data-after-cutoff-date/ Social media giant Facebook disclosed on Wednesday a new user privacy incident. The company said that it continued sharing user data with approximately 5,000 developers even after their application’s access expired.

Ransomware Operators Demand $14 Million From Power Company

www.securityweek.com/ransomware-operators-demand-14-million-power-company The threat actor behind the Sodinokibi (REvil) ransomware is demanding a $14 million ransom from Brazilian-based electrical energy company Light S.A.. The company has confirmed that it was hit with a cyberattack without providing specific information on the type of compromise, but AppGates security researchers, who have obtained a sample of the malware believed to have been used in the attack, are confident that the incident involves the Sodinokibi ransomware.

MAZE RANSOMWARE OPERATORS ALLEGEDLY TARGETED NATIONAL HIGHWAYS AUTHORITY OF INDIA (NHAI) DATA LEAK!!

cybleinc.com/2020/07/02/maze-ransomware-operators-allegedly-targeted-national-highways-authority-of-india-nhai-data-leak/ Update as on 07/02/2020: As part of our regular darkweb monitoring, our researchers came across the data leak of National Highways Authority of India (NHAI) been published by the Maze ransomware operators.

One out of every 142 passwords is ‘123456’

www.zdnet.com/article/one-out-of-every-142-passwords-is-123456/ The study, carried out last month by computer engineering student Ata Hakçl, analyzed username and password combinations that leaked online after data breaches at various companies.. Data at

github.com/FlameOfIgnis/Pwdb-Public

Anatomy of a Long-Con Phish

www.darkreading.com/cloud/anatomy-of-a-long-con-phish/d/d-id/1338268 A fraudster on LinkedIn used my online profile in an apparent attempt to pull off a wide-ranging scam business venture.

Thieves use lockdown as cover for EU Parliament burglaries

www.politico.eu/article/robberies-european-parliament-lockdown-coronavirus/ At least 50 MEPs have had computers, tablets and other items stolen from their European Parliament offices while they were away from Brussels during the coronavirus lockdown.

You might be interested in …

Daily NCSC-FI news followup 2020-02-17

Iranian hackers have been hacking VPN servers to plant backdoors in companies around the world www.zdnet.com/article/iranian-hackers-have-been-hacking-vpn-servers-to-plant-backdoors-in-companies-around-the-world/ Iranian hackers have targeted Pulse Secure, Fortinet, Palo Alto Networks, and Citrix VPNs to hack into large companies.. Source: www.clearskysec.com/fox-kitten/ Austria: Cyber attack on the Foreign Ministry is over www.bmeia.gv.at/en/the-ministry/press/announcements/2020/02/cyber-attack-on-the-foreign-ministry-is-over/ After really intensive work and excellent cooperation between all […]

Read More

Daily NCSC-FI news followup 2019-11-13

While CISOs Fret, Business Leaders Tout Security Robustness www.darkreading.com/operations/while-cisos-fret-business-leaders-tout-security-robustness/d/d-id/1336342 Nominet recently surveyed nearly 300 senior security and IT practitioners, including CISOs, CIOs, and CTOs from the US and UK. The survey sought to assess the level of confidence among executives about their organizations’ cybersecurity posture and readiness to deal with threats.. Seventy percent of the […]

Read More

Daily NCSC-FI news followup 2021-01-18

Suomen elintarvikehuolto harjoittelee poikkeustilannetta varten www.is.fi/digitoday/art-2000007747319.html Suomen elintarvikehuollon toimijat harjoittelevat tällä viikolla poikkeustilanteita varten. Huoltovarmuuskeskuksen digipoolin järjestämässä kolmipäiväisessä harjoituksessa valmistaudutaan toimintaan kyberhäiriötilanteessa. Huomenna alkavassa harjoituksessa on mukana elintarviketeollisuuden, kaupan ja jakelun, öljynjakelun, logistiikan ja liikenteen sekä vesihuollon toimijoita. Paino on huoltoketjun osien yhteistoiminnassa ja elintarvikehuollon toiminnassa poikkeustilanteessa. Kyseessä on osa laajempaa Tieto20-harjoituskokonaisuutta, joka alkoi helmikuussa […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.