Daily NCSC-FI news followup 2020-10-02

Emotet malware takes part in the 2020 U.S. elections

www.bleepingcomputer.com/news/security/emotet-malware-takes-part-in-the-2020-us-elections/ Emotet is now taking part in the United States 2020 Presidential election with a new spam campaign pretending to be from the Democratic National Convention’s Team Blue initiative.

XDSpy cyber-espionage group operated discretely for nine years

www.bleepingcomputer.com/news/security/xdspy-cyber-espionage-group-operated-discretely-for-nine-years/ Researchers at ESET today published details about a threat actor that has been operating for at least nine years, yet their activity attracted almost no public attention. Lisäksi:

vblocalhost.com/presentations/xdspy-stealing-government-secrets-since-2011/. Lisäksi:


HP Device Manager backdoor lets attackers take over Windows systems

www.bleepingcomputer.com/news/security/hp-device-manager-backdoor-lets-attackers-take-over-windows-systems/ HP released a security advisory detailing three critical and high severity vulnerabilities in the HP Device Manager that could lead to system takeover.

Graphology of an Exploit Fingerprinting exploit authors to help with hunting zero-day exploits in the wild

blog.checkpoint.com/2020/10/02/graphology-of-an-exploit-fingerprinting-exploit-authors-to-help-with-hunting-zero-day-exploits-in-the-wild/ In the cyber-crime economy, which is all about exploiting vulnerabilities in software and products, the most valuable and prized asset is the zero day’ a vulnerability for which there is no patch or update available. Our research methodology was to fingerprint’ an exploit author’s working technique, looking for unique identifiers that could be associated with that individual.

Google is creating a special Android security team to find bugs in sensitive apps

www.zdnet.com/article/google-is-creating-a-special-android-security-team-to-find-bugs-in-sensitive-apps Google is hiring to create a special Android security team that will be tasked with finding vulnerabilities in highly sensitive apps on the Google Play Store. Android apps that will be on the team’s radar include COVID-19 contact tracing apps and election-related apps.

Microsoft explains the cause of the recent Office 365 outage

www.bleepingcomputer.com/news/microsoft/microsoft-explains-the-cause-of-the-recent-office-365-outage/ A preliminary report by Microsoft states that a bug in the deployment of an Azure AD service update caused Monday’s Office 365 outage.

Serious Security: Phishing without links when phishers bring along their own web pages

nakedsecurity.sophos.com/2020/10/02/serious-security-phishing-without-links-when-phishers-bring-along-their-own-web-pages/ In the past few days we received two phishing campaigns one sent in by a thoughtful reader and the other spammed directly to us that we thought would tell a useful visual story.

Attacks Aimed at Disrupting the Trickbot Botnet

krebsonsecurity.com/2020/10/attacks-aimed-at-disrupting-the-trickbot-botnet Over the past 10 days, someone has been launching a series of coordinated attacks designed to disrupt Trickbot

You might be interested in …

Daily NCSC-FI news followup 2020-12-15

Yhdysvalloissa on hakkeroitu lisää hallinnon järjestelmiä kotimaan turvallisuusvirasto oli viimeisimmän kyberhyökkäyksen uhri yle.fi/uutiset/3-11697114 Yhdysvaltain kotimaan turvallisuusviraston vastuulla on maan suojeleminen perinteisiä sekä verkkohyökkäyksiä vastaan. No One Knows How Deep Russia’s Hacking Rampage Goes www.wired.com/story/russia-solarwinds-supply-chain-hack-commerce-treasury/ Dark Halo Leverages SolarWinds Compromise to Breach Organizations www.volexity.com/blog/2020/12/14/dark-halo-leverages-solarwinds-compromise-to-breach-organizations/ Volexity is releasing additional research and indicators associated with compromises impacting customers […]

Read More

Daily NCSC-FI news followup 2020-12-10

Ransomware forces hosting provider Netgain to take down data centers www.bleepingcomputer.com/news/security/ransomware-forces-hosting-provider-netgain-to-take-down-data-centers/ Netgain offers hosting and cloud IT solutions, including managed IT services and desktop-as-a-service environments, to companies in the healthcare and accounting industry.. According to [a customer], thousands of Netgain servers were affected by the ransomware attack, and that Netgain is working around the clock […]

Read More

Daily NCSC-FI news followup 2020-11-22

Manchester United Shuts Down Systems To Fend Off A Sophisticated Cyber Attack www.forbes.com/sites/leemathews/2020/11/21/manchester-united-shuts-down-systems-to-fend-off-a-sophisticated-cyber-attack/?sh=2759d59b4b60 Its not often that you find cybersecurity headlines on sports websites, but you will this weekend. Manchester United, the third most valuable soccer team in the world, announced yesterday that its network had been breached by hackers.

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.