Daily NCSC-FI news followup 2020-09-06

Ransomware attack halts Argentinian border crossing for four hours

www.bleepingcomputer.com/news/security/ransomware-attack-halts-argentinian-border-crossing-for-four-hours/ Argentina’s official immigration agency, Dirección Nacional de Migraciones, suffered a Netwalker ransomware attack that temporarily halted border crossing into and out of the country. The ransomware demanded $4 million and leaked data from the breach online.

Visa warns of new Baka credit card JavaScript skimmer

www.bleepingcomputer.com/news/security/visa-warns-of-new-baka-credit-card-javascript-skimmer/ Visa issued a warning regarding a new JavaScript e-commerce skimmer known as Baka that will remove itself from memory after exfiltrating stolen data. The credit card stealing script was discovered by researchers with Visa’s Payment Fraud Disruption (PFD) initiative in February 2020 while examining a command and control (C2) server that previously hosted an ImageID web skimming kit.

Which cybersecurity failures cost companies the most and which defenses have the highest ROI?

www.helpnetsecurity.com/2020/09/03/cost-cybersecurity-failures/ Massachusetts Institute of Technology (MIT) scientists have created a cryptographic platform that allows companies to securely share data on cyber attacks they suffered and the monetary cost of their cybersecurity failures without worrying about revealing sensitive information to their competitors or damaging their own reputation. Also:

www.csail.mit.edu/news/helping-companies-prioritize-their-cybersecurity-investments

Threema E2EE chat app to go ‘fully open source’ within months

www.zdnet.com/article/threema-e2ee-chat-app-to-go-fully-open-source-within-months/ Threema, which is one of a handful of instant messaging services that support end-to-end encryption (E2EE) between users, is the third service to go open source, after Signal and Wickr.

You might be interested in …

Daily NCSC-FI news followup 2019-12-31

Ghosts in the Clouds: Inside Chinas Major Corporate Hack www.wsj.com/articles/ghosts-in-the-clouds-inside-chinas-major-corporate-hack-11577729061 A Wall Street Journal investigation has found that the attack was much bigger than previously known. It goes far beyond the 14 unnamed companies listed in the indictment, stretching across at least a dozen cloud providers, including CGI Group Inc. Tieto Oyj, a major Finnish […]

Read More

Daily NCSC-FI news followup 2019-06-08

Critical Flaws in Amcrest HDSeries Camera Allow Complete Takeover threatpost.com/amcrest-critical-security-issues/145507/ Two critical severity bugs have been publicly disclosed that impact Amcrest HDSeries model IPM-721S cameras. Both vulnerabilities open the consumer-grade ($50) Wi-Fi cameras to complete takeover by remote, unauthenticated attackers. Mandar Satam, senior security researcher at Synopsys, found the six security flaws in the IPM-721S […]

Read More

Daily NCSC-FI news followup 2021-01-15

Bitcoin-kiristäjä piinaa taas suomalaisia www.kauppalehti.fi/uutiset/bitcoin-kiristaja-piinaa-taas-suomalaisia-ala-maksa-masturbointilunnaita/a65ed063-b6b7-4ae9-93a8-4a4161d70b43 Verkkohuijarit ovat taas liikkeellä pornokiristyksinä tunnettujen huijausviestien kanssa. Huijarit väittävät tartuttaneensa haittaohjelman vastaanottajan koneelle tämän vierailtua aikuisviihdesivustolla. Katso myös Kyberturvallisuuskeskuksen uutinen aiheesta: www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/kiristyshuijauksia-liikkeella-runsaasti-ala-usko-huijarien-vaitteita Signal down after getting flooded with new users www.bleepingcomputer.com/news/software/signal-down-after-getting-flooded-with-new-users/ Signal users are currently experiencing issues around the world, with users unable to send and receive messages. Ransomware […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.