Daily NCSC-FI news followup 2020-10-09

We Hacked Apple for 3 Months: Here’s What We Found

samcurry.net/hacking-apple/ There were a total of 55 vulnerabilities discovered with 11 critical severity, 29 high severity, 13 medium severity, and 2 low severity reports. As of now, October 8th, we have received 32 payments totaling $288, 500 for various vulnerabilities. However, it appears that Apple does payments in batches and will likely pay for more of the issues in the following months.

Ryuk’s Return

thedfirreport.com/2020/10/08/ryuks-return/ The Ryuk group went from an email to domain wide ransomware in 29 hours and asked for over $6 million to unlock our systems. They used tools such as Cobalt Strike, AdFind, WMI, vsftpd, PowerShell, PowerView, and Rubeus to accomplish their objective.

German tech giant Software AG down after ransomware attack

www.zdnet.com/article/german-tech-giant-software-ag-down-after-ransomware-attack/ Exclusive: The Clop ransomware gang is demanding more than $20 million from German tech firm Software AG. Software AG is Germany’s second-largest company with more than 10, 000 enterprise customers across 70 countries. Some of the company’s most recognizable customers include Fujitsu, Telefonica, Vodafone, DHL, and Airbus.

Sophisticated Android Ransomware Executes with the Home Button

threatpost.com/android-ransomware-home-button/160001/ A fresh variant of a sophisticated Android ransomware known as MalLocker locks up mobile devices — surfacing its ransom note when a user hits the Home button. Lisäksi:

www.microsoft.com/security/blog/2020/10/08/sophisticated-new-android-malware-marks-the-latest-evolution-of-mobile-ransomware/

Facebook Debuts Bug-Bounty ‘Loyalty Program’

threatpost.com/facebook-bug-bounty-loyalty-program/159993/ Facebook bounty hunters will be placed into tiers by analyzing their score, signal and number of submitted bug reports which will dictate new bonus percentages. For instance, Bronze tier members will receive a 5 percent bonus on top of each bounty they receive — while Diamond tier members will earn a 20 percent bonus. Diamond-level researchers also gain access to various events, including live hacking events, Facebook’s F8 conference and DEFCON.

You might be interested in …

Daily NCSC-FI news followup 2021-03-03

HAFNIUM targeting Exchange Servers with 0-day exploits www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/ Microsoft has detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. In the attacks observed, the threat actor used these vulnerabilities to access on-premises Exchange servers which enabled access to email accounts, and allowed installation of additional […]

Read More

Daily NCSC-FI news followup 2019-11-28

Threat Spotlight: Machete Info-Stealer threatvector.cylance.com/en_us/home/threat-spotlight-machete-info-stealer.html Machete is an info-stealing malware that can harvest user credentials, chat logs, screenshots, webcam pictures, geolocation, and perform keylogging. It can also copy files to a USB device and take control of the clipboard to exfiltrate information. DHS Mandates Federal Agencies to Run Vulnerability Disclosure Policy www.schneier.com/blog/archives/2019/11/dhs_mandates_fe.html The DHS is […]

Read More

Daily NCSC-FI news followup 2020-09-03

Suomalaisten ammattiliittojen jäsenten tietoja kalasteltiin toimi näin, jos lankesit ansaan www.tivi.fi/uutiset/tv/3b254379-c90e-48fa-b97f-282f4e7086ee Ylemmät toimihenkilöt YTN edustaa Suomessa 20 akavalaisen liiton kautta noin 170 000 asiantuntijaa ja esimiestä eri toimialoilla. YTN kertoo tiedotteessaan joutuneensa 25. elokuuta tietomurron kohteeksi. Uhriksi joutui yksi YTN:n työntekijän sähköpostilaatikko. YTN:n mukaan hyökkäys rajoittui tähän, eikä esimerkiksi henkilötietoja päätynyt murron myötä vääriin käsiin. […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.