Daily NCSC-FI news followup 2020-09-09

Netwalker ransomware hits Pakistan’s largest private power utility

www.bleepingcomputer.com/news/security/netwalker-ransomware-hits-pakistans-largest-private-power-utility/ K-Electric, the sole electricity provider for Karachi, Pakistan, has suffered a Netwalker ransomware attack that led to the disruption of billing and online services. In a Tor payment page seen by BleepingComputer, the ransomware operators demand a $3, 850, 000 ransom payment. If a ransom is not paid within another seven days, the ransom will increase to $7.7 million.

August 2020’s Most Wanted Malware

blog.checkpoint.com/2020/09/09/august-2020s-most-wanted-malware-evolved-qbot-trojan-ranks-on-top-malware-list-for-first-time/ Top-3: Emotet, Agent Tesla, Formbook

Ransomware: Huge rise in attacks this year as cyber criminals hunt bigger pay days

www.zdnet.com/article/ransomware-huge-rise-in-attacks-this-year-as-cyber-criminals-hunt-bigger-pay-days/ Researchers warn of a seven-fold rise in ransomware attacks compared with last year alone – and attackers are continually evolving their tactics. “Looking into the evolution of last year’s ransomware families and how they’ve changed this year, most of them have actually gone down in numbers. This year’s popular ransomware families are not last year’s popular ransomware families, ” Liviu Arsene, global cybersecurity researcher at Bitdefender told ZDNet.

TeamTNT Gains Full Remote Takeover of Cloud Instances

threatpost.com/teamtnt-remote-takeover-cloud-instances/159075/ Using a legitimate tool called Weave Scope, the cybercrime group is establishing fileless backdoors on targeted Docker and Kubernetes clusters.

Vulnerabilities in CodeMeter Licensing Product Expose ICS to Remote Attacks

www.securityweek.com/vulnerabilities-codemeter-licensing-product-expose-ics-remote-attacks CodeMeter can be used for a wide range of applications, but it’s often present in industrial products, including industrial PCs, IIoT devices, and controllers. Researchers at Claroty have discovered six vulnerabilities in CodeMeter, some of which could be exploited to launch attacks against industrial control systems (ICS), including to shut down devices or processes, deliver ransomware or other malware, or to execute further exploits.

Most cyber-security reports only focus on the cool threats

www.zdnet.com/article/most-cyber-security-reports-only-focus-on-the-cool-threats/ Academics: Only 82 of the 629 commercial cyber-security reports (13%) published in the last decade discuss a threat to civil society, with the rest focusing on cybercrime, nation-state hackers, economic espionage. In contrast, most of the reports produced by independent research centers were focused on the threats to civil society.

Phishing tricks – the Top Ten Treacheries of 2020

nakedsecurity.sophos.com/2020/09/04/phishing-tricks-the-top-ten-treacheries-of-2020/ Are business email users more likely to fall for sticks or carrots? For threats or free offers? For explicit instructions or helpful suggestions? For “you must” or “you might like”?. The answers covered a broad range of phishing themes, but had a common thread: not one of them was a threat.

You might be interested in …

Daily NCSC-FI news followup 2021-10-02

Conti gang threatens to dump victim data if ransom negotiations leak to reporters therecord.media/conti-gang-threatens-to-dump-victim-data-if-ransom-negotiations-leak-to-reporters/ The Conti ransomware gang has published a rare public statement today threatening hacked companies that they will leak their stolen files if details or screenshots of the ransom negotiations process are leaked to journalists. US unites 30 countries to disrupt global […]

Read More

Daily NCSC-FI news followup 2019-09-30

Uusi ja kallis hätäkeskusjärjestelmä kaatui, kun valtion verkkoa päivitettiin “Se on hävyttömän pitkä aika www.iltalehti.fi/kotimaa/a/b2100812-f297-4a44-8b74-609719dda523 Uusi hätäkeskusjärjestelmä Erica on lakannut toimimasta valtion Valtorin turvallisuusverkon päivityskatkosten vuoksi. Detecting and Preventing Emotet 2019 Campaign media.cert.europa.eu/static/SecurityAdvisories/2019/CERT-EU-SA2019-021.pdf Since beginning of June 2019, the Emotet botnet stopped sending phishing emails to infect new victims. However, on August 22nd, 2019, the […]

Read More

Daily NCSC-FI news followup 2020-06-20

Cyberbullying: Adults can be victims too www.welivesecurity.com/2020/06/19/cyberbullying-adults-can-be-victims-too/ Whenever cyberbullying is mentioned, our minds usually associate the topic with children or teenagers. Much has been said about cyberbullying by psychologists, organizations, public figures, as well as other concerned parties. However, we often fail to realize that adults can be the victims of cyberbullying too. Former DIA […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.