Daily NCSC-FI news followup 2020-07-04

Hackers are trying to steal admin passwords from F5 BIG-IP devices

www.zdnet.com/article/hackers-are-trying-to-steal-admin-passwords-from-f5-big-ip-devices/#ftag=RSSbaffb68 In an interview earlier today, [NCC group researcher] Warren told ZDNet the attacks are malicious in nature, and hackers are attempting to steal administrator passwords from the hacked devices.

New Behave! extension warns of website port scans, local attacks

www.bleepingcomputer.com/news/security/new-behave-extension-warns-of-website-port-scans-local-attacks/ A new browser extension called Behave! will warn you if a web site is using scripts to perform scans or attacks on local and private IP addresses on your network.. In May, it was discovered that well-known sites such as eBay, Citibank, TD Bank, and more would port scan a visitor’s computer to identify Windows remote access programs running on it.

Hackers hijack Twitter account of Russias Ministry of Foreign Affairs, offer to sell stolen data

www.grahamcluley.com/hack-russia-twitter-account/ A database may or may not have been stolen, but theres no doubt that an official verified Russian government Twitter account was accessed by an unauthorised party. Most likely that may be the result of a successful phishing attack, or someone making the mistake of reusing a password.. Also

www.forbes.com/sites/daveywinder/2020/07/04/hackers-compromise-russian-foreign-ministry-twitter-account-ask-600000-for-stolen-database/#74f4d12426dd

Facebook says 5,000 app developers got user data after cutoff date

www.zdnet.com/article/facebook-says-5000-app-developers-got-user-data-after-cutoff-date/ Social media giant Facebook disclosed on Wednesday a new user privacy incident. The company said that it continued sharing user data with approximately 5,000 developers even after their application’s access expired.

Ransomware Operators Demand $14 Million From Power Company

www.securityweek.com/ransomware-operators-demand-14-million-power-company The threat actor behind the Sodinokibi (REvil) ransomware is demanding a $14 million ransom from Brazilian-based electrical energy company Light S.A.. The company has confirmed that it was hit with a cyberattack without providing specific information on the type of compromise, but AppGates security researchers, who have obtained a sample of the malware believed to have been used in the attack, are confident that the incident involves the Sodinokibi ransomware.

MAZE RANSOMWARE OPERATORS ALLEGEDLY TARGETED NATIONAL HIGHWAYS AUTHORITY OF INDIA (NHAI) DATA LEAK!!

cybleinc.com/2020/07/02/maze-ransomware-operators-allegedly-targeted-national-highways-authority-of-india-nhai-data-leak/ Update as on 07/02/2020: As part of our regular darkweb monitoring, our researchers came across the data leak of National Highways Authority of India (NHAI) been published by the Maze ransomware operators.

One out of every 142 passwords is ‘123456’

www.zdnet.com/article/one-out-of-every-142-passwords-is-123456/ The study, carried out last month by computer engineering student Ata Hakçl, analyzed username and password combinations that leaked online after data breaches at various companies.. Data at

github.com/FlameOfIgnis/Pwdb-Public

Anatomy of a Long-Con Phish

www.darkreading.com/cloud/anatomy-of-a-long-con-phish/d/d-id/1338268 A fraudster on LinkedIn used my online profile in an apparent attempt to pull off a wide-ranging scam business venture.

Thieves use lockdown as cover for EU Parliament burglaries

www.politico.eu/article/robberies-european-parliament-lockdown-coronavirus/ At least 50 MEPs have had computers, tablets and other items stolen from their European Parliament offices while they were away from Brussels during the coronavirus lockdown.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.