Daily NCSC-FI news followup 2020-09-26

ThunderX ransomware silenced with release of a free decryptor

www.bleepingcomputer.com/news/security/thunderx-ransomware-silenced-with-release-of-a-free-decryptor/ A decryptor for the ThunderX ransomware has been released by cybersecurity firm Tesorion that lets victims recover their files for free.

When coffee makers are demanding a ransom, you know IoT is screwed

arstechnica.com/information-technology/2020/09/how-a-hacker-turned-a-250-coffee-maker-into-ransom-machine/ Watch along as hacked machine grinds, beeps, and spews water.

Threat Roundup for September 18 to September 25

blog.talosintelligence.com/2020/09/threat-roundup-0918-0925.html Emotet is one of the most widely distributed and active malware families today. It is a highly modular threat that can deliver a wide variety of payloads. Emotet is commonly delivered via Microsoft Office documents with macros, sent as attachments on malicious emails.

Industrial Cyberattacks Get Rarer but More Complex

threatpost.com/industrial-cyberattacks-rarer-complex/159573/ The first half of 2020 saw decreases in attacks on most ICS sectors, but oil/gas firms and building automation saw upticks.

KuCoin cryptocurrency exchange hacked for $150 million

www.zdnet.com/article/kucoin-cryptocurrency-exchange-hacked-for-150-million/#ftag=RSSbaffb68 KuCoin said an intruder drained all its hot wallets today.

Putin Wants a Truce in Cyberspace While Denying Russian Interference

www.nytimes.com/2020/09/25/world/europe/russia-cyber-security-meddling.html With an eye to a possible Biden presidency, the Russian leader called for a “reboot” on information security but offered no concessions.

How cybercriminals launder money stolen from banks

www.kaspersky.com/blog/money-laundering-schemes/37175/ Before the thieves can enjoy them, the proceeds of cybercrime have to jump through a few hoops. We discuss the complexities involved.

Pastebin adds ‘Burn After Read’ and ‘Password Protected Pastes’ to the dismay of the infosec community

www.zdnet.com/article/pastebin-adds-burn-after-read-and-password-protected-pastes-to-the-dismay-of-the-infosec-community/ The two new features will make it easier to disguise malware operations.

Daily NCSC-FI news followup 2019-09-29

German Cops Raid Cyberbunker 2.0, Arrest 7 in Child Porn, Dark Web Market Sting krebsonsecurity.com/2019/09/german-cops-raid-cyberbunker-2-0-arrest-7-in-child-porn-dark-web-market-sting/ German authorities said Friday theyd arrested seven people and were investigating six more in connection with the raid of a Dark Web hosting operation that allegedly supported multiple child porn, cybercrime and drug markets with hundreds of servers buried inside […]

Daily NCSC-FI news followup 2020-05-24

Securing smart infrastructure during the COVID-19 pandemic www.enisa.europa.eu/news/enisa-news/securing-smart-infrastructure-in-covid-19-pandemic Securing smart homes and smart buildings from cybersecurity risks becomes more relevant than ever in the light of the COVID-19 pandemic crisis. ENISA presents some fundamental measures for securing smart devices. AgentTesla Delivered via a Malicious PowerPoint Add-In isc.sans.edu/forums/diary/AgentTesla+Delivered+via+a+Malicious+PowerPoint+AddIn/26162/ Attackers are always trying to find new ways […]

Daily NCSC-FI news followup 2019-07-07

Libra Cryptocurrency Scams Already Active Ahead Of 2020 Launch www.bleepingcomputer.com/news/security/libra-cryptocurrency-scams-already-active-ahead-of-2020-launch/ No sooner had Facebook announced Libra cryptocurrency and the matching digital Calibra wallet that cybercriminals tried to get a head start on a new phishing theme. Europe Built a System to Fight Russian Meddling. Its Struggling. www.nytimes.com/2019/07/06/world/europe/europe-russian-disinformation-propaganda-elections.html TWITTER’S DISINFORMATION DATA DUMPS ARE HELPFULTO A POINT […]