Daily NCSC-FI news followup 2020-10-02

Emotet malware takes part in the 2020 U.S. elections

www.bleepingcomputer.com/news/security/emotet-malware-takes-part-in-the-2020-us-elections/ Emotet is now taking part in the United States 2020 Presidential election with a new spam campaign pretending to be from the Democratic National Convention’s Team Blue initiative.

XDSpy cyber-espionage group operated discretely for nine years

www.bleepingcomputer.com/news/security/xdspy-cyber-espionage-group-operated-discretely-for-nine-years/ Researchers at ESET today published details about a threat actor that has been operating for at least nine years, yet their activity attracted almost no public attention. Lisäksi:

vblocalhost.com/presentations/xdspy-stealing-government-secrets-since-2011/. Lisäksi:


HP Device Manager backdoor lets attackers take over Windows systems

www.bleepingcomputer.com/news/security/hp-device-manager-backdoor-lets-attackers-take-over-windows-systems/ HP released a security advisory detailing three critical and high severity vulnerabilities in the HP Device Manager that could lead to system takeover.

Graphology of an Exploit Fingerprinting exploit authors to help with hunting zero-day exploits in the wild

blog.checkpoint.com/2020/10/02/graphology-of-an-exploit-fingerprinting-exploit-authors-to-help-with-hunting-zero-day-exploits-in-the-wild/ In the cyber-crime economy, which is all about exploiting vulnerabilities in software and products, the most valuable and prized asset is the zero day’ a vulnerability for which there is no patch or update available. Our research methodology was to fingerprint’ an exploit author’s working technique, looking for unique identifiers that could be associated with that individual.

Google is creating a special Android security team to find bugs in sensitive apps

www.zdnet.com/article/google-is-creating-a-special-android-security-team-to-find-bugs-in-sensitive-apps Google is hiring to create a special Android security team that will be tasked with finding vulnerabilities in highly sensitive apps on the Google Play Store. Android apps that will be on the team’s radar include COVID-19 contact tracing apps and election-related apps.

Microsoft explains the cause of the recent Office 365 outage

www.bleepingcomputer.com/news/microsoft/microsoft-explains-the-cause-of-the-recent-office-365-outage/ A preliminary report by Microsoft states that a bug in the deployment of an Azure AD service update caused Monday’s Office 365 outage.

Serious Security: Phishing without links when phishers bring along their own web pages

nakedsecurity.sophos.com/2020/10/02/serious-security-phishing-without-links-when-phishers-bring-along-their-own-web-pages/ In the past few days we received two phishing campaigns one sent in by a thoughtful reader and the other spammed directly to us that we thought would tell a useful visual story.

Attacks Aimed at Disrupting the Trickbot Botnet

krebsonsecurity.com/2020/10/attacks-aimed-at-disrupting-the-trickbot-botnet Over the past 10 days, someone has been launching a series of coordinated attacks designed to disrupt Trickbot

You might be interested in …

Daily NCSC-FI news followup 2021-09-02

UK VoIP telco receives ‘colossal ransom demand’, reveals REvil cybercrooks suspected of ‘organised’ DDoS attacks on UK VoIP companies www.theregister.com/2021/09/02/uk_voip_telcos_revil_ransom/ In a statement, chair of Comms Council UK Eli Katz told us: “Comms Council UK is aware of the Denial of Service attacks currently targeting IP-based communications service providers in the UK and that a […]

Read More

Daily NCSC-FI news followup 2020-10-19

US Indicts Sandworm, Russia’s Most Destructive Cyberwar Unit www.wired.com/story/us-indicts-sandworm-hackers-russia-cyberwar-unit/ The Department of Justice has named and charged six men for allegedly carrying out many of the most costly cyberattacks in history.. see also www.justice.gov/opa/pr/six-russian-gru-officers-charged-connection-worldwide-deployment-destructive-malware-and. indictment www.justice.gov/opa/press-release/file/1328521/download. see also www.ncsc.gov.uk/news/uk-and-partners-condemn-gru-cyber-attacks-against-olympic-an-paralympic-games Ryuk Ransomware Gang Uses Zerologon Bug for Lightning-Fast Attack threatpost.com/ryuk-ransomware-gang-zerologon-lightning-attack/160286/ Researchers said the group was able […]

Read More

Daily NCSC-FI news followup 2020-06-14

Privnotes.com Is Phishing Bitcoin from Users of Private Messaging Service Privnote.com krebsonsecurity.com/2020/06/privnotes-com-is-phishing-bitcoin-from-users-of-private-messaging-service-privnote-com/ For the past year, a site called Privnotes.com has been impersonating Privnote.com, a legitimate, free service that offers private, encrypted messages which self-destruct automatically after they are read. Until recently, I couldn’t quite work out what Privnotes was up to, but today it […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.