Categories
NCSC-FI News followup

Daily NCSC-FI news followup 2020-09-09

Netwalker ransomware hits Pakistan’s largest private power utility

www.bleepingcomputer.com/news/security/netwalker-ransomware-hits-pakistans-largest-private-power-utility/ K-Electric, the sole electricity provider for Karachi, Pakistan, has suffered a Netwalker ransomware attack that led to the disruption of billing and online services. In a Tor payment page seen by BleepingComputer, the ransomware operators demand a $3, 850, 000 ransom payment. If a ransom is not paid within another seven days, the ransom will increase to $7.7 million.

August 2020’s Most Wanted Malware

blog.checkpoint.com/2020/09/09/august-2020s-most-wanted-malware-evolved-qbot-trojan-ranks-on-top-malware-list-for-first-time/ Top-3: Emotet, Agent Tesla, Formbook

Ransomware: Huge rise in attacks this year as cyber criminals hunt bigger pay days

www.zdnet.com/article/ransomware-huge-rise-in-attacks-this-year-as-cyber-criminals-hunt-bigger-pay-days/ Researchers warn of a seven-fold rise in ransomware attacks compared with last year alone – and attackers are continually evolving their tactics. “Looking into the evolution of last year’s ransomware families and how they’ve changed this year, most of them have actually gone down in numbers. This year’s popular ransomware families are not last year’s popular ransomware families, ” Liviu Arsene, global cybersecurity researcher at Bitdefender told ZDNet.

TeamTNT Gains Full Remote Takeover of Cloud Instances

threatpost.com/teamtnt-remote-takeover-cloud-instances/159075/ Using a legitimate tool called Weave Scope, the cybercrime group is establishing fileless backdoors on targeted Docker and Kubernetes clusters.

Vulnerabilities in CodeMeter Licensing Product Expose ICS to Remote Attacks

www.securityweek.com/vulnerabilities-codemeter-licensing-product-expose-ics-remote-attacks CodeMeter can be used for a wide range of applications, but it’s often present in industrial products, including industrial PCs, IIoT devices, and controllers. Researchers at Claroty have discovered six vulnerabilities in CodeMeter, some of which could be exploited to launch attacks against industrial control systems (ICS), including to shut down devices or processes, deliver ransomware or other malware, or to execute further exploits.

Most cyber-security reports only focus on the cool threats

www.zdnet.com/article/most-cyber-security-reports-only-focus-on-the-cool-threats/ Academics: Only 82 of the 629 commercial cyber-security reports (13%) published in the last decade discuss a threat to civil society, with the rest focusing on cybercrime, nation-state hackers, economic espionage. In contrast, most of the reports produced by independent research centers were focused on the threats to civil society.

Phishing tricks – the Top Ten Treacheries of 2020

nakedsecurity.sophos.com/2020/09/04/phishing-tricks-the-top-ten-treacheries-of-2020/ Are business email users more likely to fall for sticks or carrots? For threats or free offers? For explicit instructions or helpful suggestions? For “you must” or “you might like”?. The answers covered a broad range of phishing themes, but had a common thread: not one of them was a threat.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.