Daily NCSC-FI news followup 2020-10-04

Ttint is a new form of IoT botnet that also includes remote access tools-like (RAT) features, rarely seen in these types of botnets before

www.zdnet.com/article/new-ttint-iot-botnet-caught-exploiting-two-zero-days-in-tenda-routers For almost a year, a threat actor has been using zero-day vulnerabilities to install malware on Tenda routers and build a so-called IoT (Internet of Things) botnet.

Google offers up $50k in cloud credits to fuzz the hell out of JavaScript engines

www.theregister.com/2020/10/02/google_javascript_fuzzing_funds/ Google is offering bug hunters thousands of dollars worth of compute time on its cloud to hammer away at JavaScript engines and uncover new security flaws in the software.

Palmerworm: Espionage Gang Targets the Media, Finance, and Other Sectors

symantec-enterprise-blogs.security.com/blogs/threat-intelligence/palmerworm-blacktech-espionage-apt The Threat Hunter Team at Symantec, a division of Broadcom (NASDAQ: AVGO), has uncovered a new espionage campaign carried out by the Palmerworm group (aka BlackTech) involving a brand new suite of custom malware, targeting organizations in Japan, Taiwan, the U.S., and China.

Two Members of Notorious Videogame Piracy Group “Team Xecuter” in Custody

www.justice.gov/opa/pr/two-members-notorious-videogame-piracy-group-team-xecuter-custody Two leaders of one of the world’s most notorious videogame piracy groups, Team Xecuter, have been arrested and are in custody facing charges filed in U.S. District Court in Seattle.

Python programming in the final frontier: Microsoft and NASA release student learning portal

www.techrepublic.com/article/python-programming-in-the-final-frontier-microsoft-and-nasa-release-student-learning-portal/ Overall, the project includes three different NASA-inspired lessons. These learning pathways were created by computer scientist and entrepreneur Sarah Guthals to teach programming fundamentals using space exploration challenges and themes.

Online avatar service Gravatar allows mass collection of user info

www.bleepingcomputer.com/news/security/online-avatar-service-gravatar-allows-mass-collection-of-user-info/ A user enumeration technique discovered by security researcher Carlo Di Dato demonstrates how Gravatar can be abused for mass data collection of its profiles by web crawlers and bots.

Two North American hospitality merchants hacked in May and June

www.zdnet.com/article/two-north-american-hospitality-merchants-hacked-in-may-and-june/ Visa did not share the name of the two victims but said that one company had three different strains of point-of-sale (POS) malware on its network.

You might be interested in …

Daily NCSC-FI news followup 2020-07-18

Cloudflare outage takes down Discord, BleepingComputer, and other sites www.bleepingcomputer.com/news/technology/cloudflare-outage-takes-down-discord-bleepingcomputer-and-other-sites/ Cloudflare is having an outage that is affecting many sites including Discord, BleepingComputer, and others. It is not known what is causing the outage, but users will not be able to connect to the sites depending on the region you are located. Read also: www.forbes.com/sites/daveywinder/2020/07/18/internet-down-human-error-not-cyber-attack-to-blame-says-cloudflare/ […]

Read More

Daily NCSC-FI news followup 2021-05-15

Irelands Health Services hit with $20 million ransomware demand www.bleepingcomputer.com/news/security/ireland-s-health-services-hit-with-20-million-ransomware-demand/ Yesterday, a cybersecurity researcher shared a screenshot of a chat between Conti and Ireland’s HSE with BleepingComputer.. In the screenshot, the Conti gang claims to have had access to the HSE network for two weeks. During this time, they claim to have stolen 700 GB […]

Read More

Daily NCSC-FI news followup 2020-12-23

CISA Releases CISA Insights and Creates Webpage on Ongoing APT Cyber Activity us-cert.cisa.gov/ncas/current-activity/2020/12/23/cisa-releases-cisa-insights-and-creates-webpage-ongoing-apt-cyber CISA is tracking a known compromise involving SolarWinds Orion products that are currently being exploited by a malicious actor. An advanced persistent threat (APT) actor is responsible for compromising the SolarWinds Orion software supply chain, as well as widespread abuse of commonly […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.