Daily NCSC-FI news followup 2020-09-09

Netwalker ransomware hits Pakistan’s largest private power utility

www.bleepingcomputer.com/news/security/netwalker-ransomware-hits-pakistans-largest-private-power-utility/ K-Electric, the sole electricity provider for Karachi, Pakistan, has suffered a Netwalker ransomware attack that led to the disruption of billing and online services. In a Tor payment page seen by BleepingComputer, the ransomware operators demand a $3, 850, 000 ransom payment. If a ransom is not paid within another seven days, the ransom will increase to $7.7 million.

August 2020’s Most Wanted Malware

blog.checkpoint.com/2020/09/09/august-2020s-most-wanted-malware-evolved-qbot-trojan-ranks-on-top-malware-list-for-first-time/ Top-3: Emotet, Agent Tesla, Formbook

Ransomware: Huge rise in attacks this year as cyber criminals hunt bigger pay days

www.zdnet.com/article/ransomware-huge-rise-in-attacks-this-year-as-cyber-criminals-hunt-bigger-pay-days/ Researchers warn of a seven-fold rise in ransomware attacks compared with last year alone – and attackers are continually evolving their tactics. “Looking into the evolution of last year’s ransomware families and how they’ve changed this year, most of them have actually gone down in numbers. This year’s popular ransomware families are not last year’s popular ransomware families, ” Liviu Arsene, global cybersecurity researcher at Bitdefender told ZDNet.

TeamTNT Gains Full Remote Takeover of Cloud Instances

threatpost.com/teamtnt-remote-takeover-cloud-instances/159075/ Using a legitimate tool called Weave Scope, the cybercrime group is establishing fileless backdoors on targeted Docker and Kubernetes clusters.

Vulnerabilities in CodeMeter Licensing Product Expose ICS to Remote Attacks

www.securityweek.com/vulnerabilities-codemeter-licensing-product-expose-ics-remote-attacks CodeMeter can be used for a wide range of applications, but it’s often present in industrial products, including industrial PCs, IIoT devices, and controllers. Researchers at Claroty have discovered six vulnerabilities in CodeMeter, some of which could be exploited to launch attacks against industrial control systems (ICS), including to shut down devices or processes, deliver ransomware or other malware, or to execute further exploits.

Most cyber-security reports only focus on the cool threats

www.zdnet.com/article/most-cyber-security-reports-only-focus-on-the-cool-threats/ Academics: Only 82 of the 629 commercial cyber-security reports (13%) published in the last decade discuss a threat to civil society, with the rest focusing on cybercrime, nation-state hackers, economic espionage. In contrast, most of the reports produced by independent research centers were focused on the threats to civil society.

Phishing tricks – the Top Ten Treacheries of 2020

nakedsecurity.sophos.com/2020/09/04/phishing-tricks-the-top-ten-treacheries-of-2020/ Are business email users more likely to fall for sticks or carrots? For threats or free offers? For explicit instructions or helpful suggestions? For “you must” or “you might like”?. The answers covered a broad range of phishing themes, but had a common thread: not one of them was a threat.

You might be interested in …

Daily NCSC-FI news followup 2019-07-13

Brazil is at the forefront of a new type of router attack www.zdnet.com/article/brazil-is-at-the-forefront-of-a-new-type-of-router-attack/ On these sites, malicious ads (malvertising) run special code inside users’ browsers to search and detect the IP address of a home router, the router’s model. When they detect the router’s IP and model, the malicious ads then use a list of […]

Read More

Daily NCSC-FI news followup 2019-10-12

These are the 29 countries vulnerable to Simjacker attacks www.zdnet.com/article/these-are-the-29-countries-vulnerable-to-simjacker-attacks/ Adaptive Mobile publishes the list of countries where mobile operators ship SIM cards vulnerable to Simjacker attacks.. Simjacker attacks spotted in Mexico, Colombia and Peru. Nemty 1.6 Ransomware Released and Pushed via RIG Exploit Kit www.bleepingcomputer.com/news/security/nemty-16-ransomware-released-and-pushed-via-rig-exploit-kit/ The RIG exploit kit is now pushing a cocktail […]

Read More

Daily NCSC-FI news followup 2019-08-10

iNSYNQ Ransom Attack Began With Phishing Email krebsonsecurity.com/2019/08/insynq-ransom-attack-began-with-phishing-email/ A ransomware outbreak that hit QuickBooks cloud hosting firm iNSYNQ in mid-July appears to have started with an email phishing attack that snared an employee working in sales for the company, KrebsOnSecurity has learned. It also looks like the intruders spent roughly ten days rooting around iNSYNQs […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.