Daily NCSC-FI news followup 2020-09-06

Ransomware attack halts Argentinian border crossing for four hours

www.bleepingcomputer.com/news/security/ransomware-attack-halts-argentinian-border-crossing-for-four-hours/ Argentina’s official immigration agency, Dirección Nacional de Migraciones, suffered a Netwalker ransomware attack that temporarily halted border crossing into and out of the country. The ransomware demanded $4 million and leaked data from the breach online.

Visa warns of new Baka credit card JavaScript skimmer

www.bleepingcomputer.com/news/security/visa-warns-of-new-baka-credit-card-javascript-skimmer/ Visa issued a warning regarding a new JavaScript e-commerce skimmer known as Baka that will remove itself from memory after exfiltrating stolen data. The credit card stealing script was discovered by researchers with Visa’s Payment Fraud Disruption (PFD) initiative in February 2020 while examining a command and control (C2) server that previously hosted an ImageID web skimming kit.

Which cybersecurity failures cost companies the most and which defenses have the highest ROI?

www.helpnetsecurity.com/2020/09/03/cost-cybersecurity-failures/ Massachusetts Institute of Technology (MIT) scientists have created a cryptographic platform that allows companies to securely share data on cyber attacks they suffered and the monetary cost of their cybersecurity failures without worrying about revealing sensitive information to their competitors or damaging their own reputation. Also:

www.csail.mit.edu/news/helping-companies-prioritize-their-cybersecurity-investments

Threema E2EE chat app to go ‘fully open source’ within months

www.zdnet.com/article/threema-e2ee-chat-app-to-go-fully-open-source-within-months/ Threema, which is one of a handful of instant messaging services that support end-to-end encryption (E2EE) between users, is the third service to go open source, after Signal and Wickr.

You might be interested in …

Daily NCSC-FI news followup 2020-03-15

CovidLock: Mobile Coronavirus Tracking App Coughs Up Ransomware www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-up-ransomware Cybercriminals like to exploit people when they are at their most vulnerable. They use dramatic events that cause people to be emotional or fearful to drive their profits. Any time there are major news cycles happening on a topic that stirs a strong reaction, cybercriminals will […]

Read More

Daily NCSC-FI news followup 2020-05-02

Scammers Using COVID-19/Coronavirus Lure to Target Medical Suppliers www.fortinet.com/blog/threat-research/scammers-using-covid-19-coronavirus-lure-to-target-medical-suppliers.html FortiGuard Labs has discovered a new malicious spearphishing campaign, once again using the COVID-19/Coronavirus pandemic as a lure. This latest email campaign targets a medical device supplier, wherein the attacker is inquiring about various materials needed to address the COVID-19 pandemic due to high demand for […]

Read More

Daily NCSC-FI news followup 2021-03-26

German Parliament targeted again by Russian state hackers www.bleepingcomputer.com/news/security/german-parliament-targeted-again-by-russian-state-hackers/ It is believed that the attackers were able to gain access to the email accounts of seven members of the German federal parliament (Bundestag) and 31 members of German regional parliaments. “The Ghostwriter campaign leverages traditional cyber threat activity and information operations tactics to promote narratives […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.