A New Fileless P2P Botnet Malware Targeting SSH Servers Worldwide
thehackernews.com/2020/08/p2p-botnet-malware.html Cybersecurity researchers today took the wraps off a sophisticated, multi-functional peer-to-peer (P2P) botnet written in Golang that has been actively targeting SSH servers since January 2020.. Called “FritzFrog,” the modular, multi-threaded and file-less botnet has breached more than 500 servers to date, infecting well-known universities in the US and Europe, and a railway company, according to a report released by Guardicore Labs today.. see also
MAR-10295134-1.v1 North Korean Remote Access Trojan: BLINDINGCAN
us-cert.cisa.gov/ncas/analysis-reports/ar20-232a This Malware Analysis Report (MAR) is the result of analytic efforts between Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI). Working with U.S. Government partners, DHS and FBI identified Remote Access Trojan (RAT) malware variants used by the North Korean government.
Taiwan says China behind cyberattacks on government agencies, emails
www.reuters.com/article/us-taiwan-cyber-china/taiwan-says-china-behind-cyberattacks-on-government-agencies-emails-idUSKCN25F0JK Taiwan said on Wednesday hacking groups linked to the Chinese government had attacked at least 10 government agencies and some 6,000 email accounts of government officials in an infiltration to steal important data.
Fancy Bear imposters extort finance, retail on DDoS threat
www.scmagazine.com/home/security-news/fancy-bear-imposters-extort-finance-retail-on-ddos-threat/ The cybersecurity group Akamai is tracking extortionists claiming to represent prominent hacker groups, including the Russian Intelligence group Fancy Bear, demanding ransom under threat of massive denial of service attacks.
New Vulnerability Could Put IoT Devices at Risk
securityintelligence.com/posts/new-vulnerability-could-put-iot-devices-at-risk/ In September 2019, X-Force Red discovered a vulnerability in Thales (formerly Gemalto) Cinterion EHS8 M2M module used in millions of internet-connected devices over the last decade. . These modules are mini circuit boards that enable mobile communication in IoT devices.
Pretty wild that a malicious mailto: link might attach your secret keys and files from your PC to an outgoing message
www.theregister.com/2020/08/19/openpgp_smime_email_client_mailto_flaws/ Some OpenPGP, S/MIME-capable email clients vulnerable to attack
Unohtuneista salasanoista kertyy lihava lasku työnantajille: sairaanhoitopiirille jopa 200 000 euroa vuodessa
yle.fi/uutiset/3-11499841 Salasanoihin liittyviä puheluja ja palvelupyyntöjä tulee eniten lomakausien jälkeen, eli elokuussa ja tammikuussa.
WannaRen ransomware author contacts security firm to share decryption key
www.zdnet.com/article/wannaren-ransomware-author-contacts-security-firm-to-share-decryption-key/ A major ransomware outbreak hit Chinese internet users earlier this year in April. For about a week, a ransomware strain known as WannaRen made tens of thousands of victims among both home consumers and local Chinese and Taiwanese companies.
Chromen uusi varoitus voi pelastaa kohtalokkaalta virheeltä
www.is.fi/digitoday/art-2000006605760.html Vaaralliset nettilomakkeet aiheuttavat jatkossa koko ruudun varoituksen Google Chromessa.
Voice Phishers Targeting Corporate VPNs
krebsonsecurity.com/2020/08/voice-phishers-targeting-corporate-vpns/ The COVID-19 epidemic has brought a wave of email phishing attacks that try to trick work-at-home employees into giving away credentials needed to remotely access their employers networks. . But one increasingly brazen group of crooks is taking your standard phishing attack to the next level, marketing a voice phishing service that uses a combination of one-on-one phone calls and custom phishing sites to steal VPN credentials from employees.
Tens of suspects arrested for cashing-out Santander ATMs using software glitch
www.zdnet.com/article/tens-of-suspects-arrested-for-cashing-out-santander-atms-using-software-glitch/ Santander says it fixed the ATM software glitch that was exploited this week across the tri-state area.
Airline DMARC Policies Lag, Opening Flyers to Email Fraud
threatpost.com/airline-dmarc-policies-lag-opening-flyers-to-email-fraud/158449/ Up to 61 percent out of the IATA (International Air Transport Association) airline members do not have a published DMARC record.